activemerchant 1.32.1 → 1.33.0

data/CHANGELOG

@@ -1,5 +1,46 @@
 = ActiveMerchant CHANGELOG
 
+== Version 1.33.0 (May 30, 2013)
+
+* Netaxept: Completely revamped to use the "M" service type [rbjordan3, ntalbott]
+* Litle: Void authorizations via an auth reversal [jrust]
+* Add RBK Money integration [england]
+* Direcpay: Update test url [ashish-d]
+* PayPal Express gateway: Add support for creating billing agreements [fabiokr]
+* PayPal Express gateway: Add reference authorizations [fabiokr]
+* Add Cardstream Modern gateway [ExxKA]
+* Pin: Fix special headers [duff]
+* PayPal Express gateway: Remember the billing agreement id as Response#authorization [duff]
+* PayPal Express gateway: Allow an amount of 0 [duff]
+* PayPal Express gateway: Reduce parameter requirements [duff]
+* Quickpay integration: Update notification parser to handle API v6 [larspind]
+* Sage gateway: Deprecate #credit call [duff]
+* Update notification generator to better match current notification class [lulalala]
+* Paymill gateway: Change .com -> .de [louiskearns]
+* Quickpay integration: Fix v6 response parsing [larspind]
+* First Data e4: Add TransArmor store/tokenization support [gabetax]
+* MerchantWarrior: Format expiration month/year correctly [klebervirgilio]
+* Add iconv for ActiveSupport 2.3 under Ruby 2.0 [sanemat]
+* Add Transnational gateway [bvandenbos]
+* Authorize.Net: Add Check as payment method [andrunix]
+* Merchant e-Solutions: Add ref number and recurring support [carlaares]
+* Bogus gateway: Add authorization to purchase response [hron]
+* Bluepay gateway: Fix Check support; general cleanup [ntalbott]
+* Dwolla: Fix security issues and enable guest checkout [capablemonkey, schonfeld]
+* SagePay gateway: Per-transaction 3D-secure selection [ExxKA]
+* Barclays ePDQ: Handle incorrectly encoded response [jordanwheeler, aprofeit]
+* Orbital: Bug fixes; add CustomerEmail, Retry Logic, Managed Billing, and Destination Address [juicedM3
+* Distinguish invalid vs empty issue_numbers on CreditCards [drasch]
+* Float Gemfiles to latest Rails [sanemat]
+* USA ePay Advanced: Fix Check support [RyanScottLewis]
+* Authorize.Net: Match up Check fields better with eCheck.Net requirements [ntalbott]
+* Bluepay: Updated to bp20post api [cagerton, melari]
+* Net Registry: Deprecate credit method [jduff]
+* Sage: Don't include T_customer_number unless it is numeric [melari]
+* Auth.net: Don't include cust_id unless it is numeric [melari]
+* Epay: Deprecate credit method [melari]
+* New PayU.in Integration [PayU, melari]
+
 == Version 1.32.1 (April 4, 2013)
 
 * CC5 and Garanti: Remove $KCODE modifications [melari]

data/CONTRIBUTORS

@@ -392,3 +392,11 @@ EVO Canada (February 2013)
 Finansbank WebPOS (March 2013)
 
 * scamurcuoglu
+
+Cardstream Modern (March 2013)
+
+* Vincens (ExxKA)
+
+Transnational (May 2013)
+
+* Ben VandenBos (bvandenbos)

data/README.md

@@ -12,7 +12,7 @@ Ruby applications which deal with financial transactions. It is maintained by th
 [Shopify](http://www.shopify.com) and [Spreedly](https://spreedly.com) teams, with much help
 from an ever-growing set of contributors.
 
-See {file:GettingStarted.md} if you want to learn more about using Active Merchant in your
+See [GettingStarted.md](GettingStarted.md) if you want to learn more about using Active Merchant in your
 applications.
 
 ## Installation
@@ -72,7 +72,7 @@ credit card details.
       end
     end
 
-For more in-depth documentation and tutorials, see {file:GettingStarted.md} and the
+For more in-depth documentation and tutorials, see [GettingStarted.md](GettingStarted.md) and the
 [API documentation](http://rubydoc.info/github/Shopify/active_merchant/master/file/README.md).
 
 ## Supported Direct Payment Gateways
@@ -135,7 +135,7 @@ The [ActiveMerchant Wiki](http://github.com/Shopify/active_merchant/wikis) conta
 * [PayGate PayXML](http://paygate.co.za/) - US, ZA
 * [PayJunction](http://www.payjunction.com/) - US
 * [PaymentExpress](http://www.paymentexpress.com/) - AU, MY, NZ, SG, ZA, UK, US
-* [Paymill](https://www.paymill.com) - AT, BE, CH, CZ, DE, DK, EE, ES, FI, FR, GB, HU, IE, IS, IT, LI, LU, LV, NL, NO, PL, PT, SE, SI, TR
+* [PAYMILL](https://www.paymill.com) - AD, AT, BE, CH, CY, CZ, DE, DK, EE, ES, FI, FO, FR, GB, GR, HU, IE, IL, IS, IT, LI, LT, LU, LV, MT, NL, NO, PL, PT, SE, SI, SK, TR, VA
 * [PayPal Express Checkout](https://www.paypal.com/cgi-bin/webscr?cmd=xpt/merchant/ExpressCheckoutIntro-outside) - US, CA, SG, AU
 * [PayPal Payflow Pro](https://www.paypal.com/cgi-bin/webscr?cmd=_payflow-pro-overview-outside) - US, CA, SG, AU
 * [PayPal Website Payments Pro (UK)](https://www.paypal.com/uk/cgi-bin/webscr?cmd=_wp-pro-overview-outside) - UK
@@ -165,6 +165,7 @@ The [ActiveMerchant Wiki](http://github.com/Shopify/active_merchant/wikis) conta
 * [Spreedly Core](https://spreedlycore.com/) - AD, AE, AT, AU, BD, BE, BG, BN, CA, CH, CY, CZ, DE, DK, EE, EG, ES, FI, FR, GB, GI, GR, HK, HU, ID, IE, IL, IM, IN, IS, IT, JO, KW, LB, LI, LK, LT, LU, LV, MC, MT, MU, MV, MX, MY, NL, NO, NZ, OM, PH, PL, PT, QA, RO, SA, SE, SG, SI, SK, SM, TR, TT, UM, US, VA, VN, ZA
 * [Stripe](https://stripe.com/) - US
 * [TransFirst](http://www.transfirst.com/) - US
+* [Transnational](http://www.tnbci.com/) - US
 * [TrustCommerce](http://www.trustcommerce.com/) - US
 * [USA ePay](http://www.usaepay.com/) - US
 * [Verifi](http://www.verifi.com/) - US
@@ -193,7 +194,8 @@ The [ActiveMerchant Wiki](http://github.com/Shopify/active_merchant/wikis) conta
 * [Paxum](https://www.paxum.com/)
 * [PayPal Website Payments Standard](https://www.paypal.com/cgi-bin/webscr?cmd#_wp-standard-overview-outside)
 * [Paysbuy](https://www.paysbuy.com/) - TH
-* [Robokassa](http://robokassa.ru/)
+* [RBK Money](https://rbkmoney.ru/) - RU
+* [Robokassa](http://robokassa.ru/) - RU
 * [SagePay Form](http://www.sagepay.com/products_services/sage_pay_go/integration/form)
 * [Suomen Maksuturva](https://www.maksuturva.fi/services/vendor_services/integration_guidelines.html)
 * [Valitor](http://www.valitor.is/) - IS

data/lib/active_merchant/billing/check.rb

@@ -4,12 +4,13 @@ module ActiveMerchant #:nodoc:
     # of necessary attributes such as checkholder's name, routing and account numbers, but it is
     # not backed by any database.
     #
-    # You may use Check in place of CreditCard with any gateway that supports it. Currently, only
-    # +BraintreeGateway+ supports the Check object.
+    # You may use Check in place of CreditCard with any gateway that supports it.
     class Check
       include Validateable
 
-      attr_accessor :first_name, :last_name, :routing_number, :account_number, :account_holder_type, :account_type, :number
+      attr_accessor :first_name, :last_name,
+                    :bank_name, :routing_number, :account_number,
+                    :account_holder_type, :account_type, :number
 
       # Used for Canadian bank accounts
       attr_accessor :institution_number, :transit_number

data/lib/active_merchant/billing/credit_card.rb

@@ -257,9 +257,13 @@ module ActiveMerchant #:nodoc:
       def validate_switch_or_solo_attributes #:nodoc:
         if %w[switch solo].include?(brand)
           unless valid_month?(@start_month) && valid_start_year?(@start_year) || valid_issue_number?(@issue_number)
-            errors.add :start_month,  "is invalid"      unless valid_month?(@start_month)
-            errors.add :start_year,   "is invalid"      unless valid_start_year?(@start_year)
-            errors.add :issue_number, "cannot be empty" unless valid_issue_number?(@issue_number)
+            if @issue_number.blank?
+              errors.add :start_month,  "is invalid"      unless valid_month?(@start_month)
+              errors.add :start_year,   "is invalid"      unless valid_start_year?(@start_year)
+              errors.add :issue_number, "cannot be empty"
+            else
+              errors.add :issue_number, "is invalid"      unless valid_issue_number?(@issue_number)
+            end
           end
         end
       end

data/lib/active_merchant/billing/gateways/authorize_net.rb

@@ -83,13 +83,13 @@ module ActiveMerchant #:nodoc:
       # ==== Parameters
       #
       # * <tt>money</tt> -- The amount to be authorized as an Integer value in cents.
-      # * <tt>creditcard</tt> -- The CreditCard details for the transaction.
+      # * <tt>paysource</tt> -- The CreditCard or Check details for the transaction.
       # * <tt>options</tt> -- A hash of optional parameters.
-      def authorize(money, creditcard, options = {})
+      def authorize(money, paysource, options = {})
         post = {}
         add_currency_code(post, money, options)
         add_invoice(post, options)
-        add_creditcard(post, creditcard)
+        add_payment_source(post, paysource, options)
         add_address(post, options)
         add_customer_data(post, options)
         add_duplicate_window(post)
@@ -102,13 +102,13 @@ module ActiveMerchant #:nodoc:
       # ==== Parameters
       #
       # * <tt>money</tt> -- The amount to be purchased as an Integer value in cents.
-      # * <tt>creditcard</tt> -- The CreditCard details for the transaction.
+      # * <tt>paysource</tt> -- The CreditCard or Check details for the transaction.
       # * <tt>options</tt> -- A hash of optional parameters.
-      def purchase(money, creditcard, options = {})
+      def purchase(money, paysource, options = {})
         post = {}
         add_currency_code(post, money, options)
         add_invoice(post, options)
-        add_creditcard(post, creditcard)
+        add_payment_source(post, paysource, options)
         add_address(post, options)
         add_customer_data(post, options)
         add_duplicate_window(post)
@@ -349,6 +349,26 @@ module ActiveMerchant #:nodoc:
         post[:last_name]  = creditcard.last_name
       end
 
+      def add_payment_source(params, source, options={})
+        if card_brand(source) == "check"
+          add_check(params, source, options)
+        else
+          add_creditcard(params, source)
+        end
+      end
+
+      def add_check(post, check, options)
+        post[:method] = "ECHECK"
+        post[:bank_name] = check.bank_name
+        post[:bank_aba_code] = check.routing_number
+        post[:bank_acct_num] = check.account_number
+        post[:bank_acct_type] = check.account_type
+        post[:echeck_type] = "WEB"
+        post[:bank_acct_name] = check.name
+        post[:bank_check_number] = check.number if check.number.present?
+        post[:recurring_billing] = (options[:recurring] ? "TRUE" : "FALSE")
+      end
+
       def add_customer_data(post, options)
         if options.has_key? :email
           post[:email] = options[:email]
@@ -356,7 +376,7 @@ module ActiveMerchant #:nodoc:
         end
 
         if options.has_key? :customer
-          post[:cust_id] = options[:customer]
+          post[:cust_id] = options[:customer] if Float(options[:customer]) rescue nil
         end
 
         if options.has_key? :ip

data/lib/active_merchant/billing/gateways/barclays_epdq.rb

@@ -134,7 +134,14 @@ module ActiveMerchant #:nodoc:
         end
 
         def parse
-          doc = REXML::Document.new(@response)
+          require 'iconv' unless String.method_defined?(:encode)
+          if String.method_defined?(:encode)
+            doc = REXML::Document.new(@response.encode("UTF-8", "ISO-8859-1"))
+          else
+            ic = Iconv.new('UTF-8', 'ISO-8859-1')
+            doc = REXML::Document.new(ic.iconv(@response))
+          end
+
           auth_type = find(doc, "//Transaction/Type").to_s
 
           message = find(doc, "//Message/Text")

data/lib/active_merchant/billing/gateways/blue_pay.rb

@@ -3,21 +3,47 @@ require 'digest/md5'
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class BluePayGateway < Gateway
-      class_attribute :live_url, :rebilling_url, :ignore_http_status
+      class_attribute :rebilling_url, :ignore_http_status
 
       self.live_url      = 'https://secure.bluepay.com/interfaces/bp20post'
       self.rebilling_url = 'https://secure.bluepay.com/interfaces/bp20rebadmin'
 
       self.ignore_http_status = true
 
-      RESPONSE_CODE, RESPONSE_REASON_CODE, RESPONSE_REASON_TEXT = 0, 2, 3
-      AVS_RESULT_CODE, TRANSACTION_ID, CARD_CODE_RESPONSE_CODE  = 5, 6, 38
-
       CARD_CODE_ERRORS = %w( N S )
       AVS_ERRORS = %w( A E N R W Z )
       AVS_REASON_CODES = %w(27 45)
 
-      class_attribute :duplicate_window
+      FRAUD_REVIEW_STATUSES = %w( E 0 )
+
+      FIELD_MAP = {
+        'TRANS_ID' => :transaction_id,
+        'STATUS' => :response_code,
+        'AVS' => :avs_result_code,
+        'CVV2'=> :card_code,
+        'AUTH_CODE' => :authorization,
+        'MESSAGE' => :message,
+        'REBID' => :rebid,
+        'TRANS_TYPE' => :trans_type,
+        'PAYMENT_ACCOUNT_MASK' => :acct_mask,
+        'CARD_TYPE' => :card_type,
+      }
+
+      REBILL_FIELD_MAP = {
+        'REBILL_ID' => :rebill_id,
+        'ACCOUNT_ID'=> :account_id,
+        'USER_ID' => :user_id,
+        'TEMPLATE_ID' => :template_id,
+        'STATUS' => :status,
+        'CREATION_DATE' => :creation_date,
+        'NEXT_DATE' => :next_date,
+        'LAST_DATE' => :last_date,
+        'SCHED_EXPR' => :schedule,
+        'CYCLES_REMAIN' => :cycles_remain,
+        'REB_AMOUNT' => :rebill_amount,
+        'NEXT_AMOUNT' => :next_amount,
+        'USUAL_DATE' => :undoc_usual_date, # Not found in the bp20rebadmin API doc.
+      }
 
       self.supported_countries = ['US']
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :diners_club, :jcb]
@@ -25,7 +51,6 @@ module ActiveMerchant #:nodoc:
       self.display_name        = 'BluePay'
       self.money_format        = :dollars
 
-
       # Creates a new BluepayGateway
       #
       # The gateway requires that a valid Account ID and Secret Key be passed
@@ -54,24 +79,12 @@ module ActiveMerchant #:nodoc:
       # * <tt>options</tt> -- A hash of optional parameters.
       def authorize(money, payment_object, options = {})
         post = {}
-        post[:MASTER_ID] = ''
-        if payment_object != nil && payment_object.class() != String
-          payment_object.class() == ActiveMerchant::Billing::Check ?
-          add_check(post, payment_object) :
-          add_creditcard(post, payment_object)
-        else
-          post[:MASTER_ID] = payment_object
-        end
+        add_payment_method(post, payment_object)
         add_invoice(post, options)
         add_address(post, options)
         add_customer_data(post, options)
-        if options[:rebill]     != nil
-          post[:DO_REBILL]       = '1'
-          post[:REB_AMOUNT]      = amount(options[:rebill_amount])
-          post[:REB_FIRST_DATE]  = options[:rebill_start_date]
-          post[:REB_EXPR]        = options[:rebill_expression]
-          post[:REB_CYCLES]      = options[:rebill_cycles]
-        end
+        add_rebill(post, options) if options[:rebill]
+        add_duplicate_override(post, options)
         post[:TRANS_TYPE]  = 'AUTH'
         commit('AUTH_ONLY', money, post)
       end
@@ -89,24 +102,12 @@ module ActiveMerchant #:nodoc:
       # * <tt>options</tt> -- A hash of optional parameters.,
       def purchase(money, payment_object, options = {})
         post = {}
-        post[:MASTER_ID] = ''
-        if payment_object != nil && payment_object.class() != String
-         payment_object.class() == ActiveMerchant::Billing::Check ?
-         add_check(post, payment_object) :
-         add_creditcard(post, payment_object)
-        else
-          post[:MASTER_ID] = payment_object
-        end
+        add_payment_method(post, payment_object)
         add_invoice(post, options)
         add_address(post, options)
         add_customer_data(post, options)
-        if options[:rebill]     != nil
-          post[:DO_REBILL]       = '1'
-          post[:REB_AMOUNT]      = amount(options[:rebill_amount])
-          post[:REB_FIRST_DATE]  = options[:rebill_start_date]
-          post[:REB_EXPR]        = options[:rebill_expression]
-          post[:REB_CYCLES]      = options[:rebill_cycles]
-        end
+        add_rebill(post, options) if options[:rebill]
+        add_duplicate_override(post, options)
         post[:TRANS_TYPE]  = 'SALE'
         commit('AUTH_CAPTURE', money, post)
       end
@@ -154,20 +155,17 @@ module ActiveMerchant #:nodoc:
       #   If the payment_object is a token, then the transaction type will reverse a previous capture or purchase transaction, returning the funds to the customer. If the amount is nil, a full credit will be processed. This is referred to a REFUND transaction in BluePay.
       #   If the payment_object is either a CreditCard or Check object, then the transaction type will be an unmatched credit placing funds in the specified account. This is referred to a CREDIT transaction in BluePay.
       # * <tt>options</tt> -- A hash of parameters.
-      def refund(money, payment_object, options = {})
-        post = {}
-        post[:PAYMENT_ACCOUNT] = ''
-        if payment_object != nil && payment_object.class() != String
-           payment_object.class() == ActiveMerchant::Billing::Check ?
-           add_check(post, payment_object) :
-           add_creditcard(post, payment_object)
-           post[:TRANS_TYPE] = 'CREDIT'
-        else
-           post[:MASTER_ID]  = payment_object
-           post[:TRANS_TYPE] = 'REFUND'
+      def refund(money, identification, options = {})
+        if(identification && !identification.kind_of?(String))
+          deprecated "refund should only be used to refund a referenced transaction"
+          return credit(money, identification, options)
         end
 
-        options[:first_name] ? post[:NAME1] = options[:first_name] : post[:NAME1] = ''
+        post = {}
+        post[:PAYMENT_ACCOUNT] = ''
+        post[:MASTER_ID]  = identification
+        post[:TRANS_TYPE] = 'REFUND'
+        post[:NAME1] = (options[:first_name] ? options[:first_name] : "")
         post[:NAME2] = options[:last_name] if options[:last_name]
         post[:ZIP] = options[:zip] if options[:zip]
         add_invoice(post, options)
@@ -176,9 +174,24 @@ module ActiveMerchant #:nodoc:
         commit('CREDIT', money, post)
       end
 
-      def credit(money, identification, options = {})
-        deprecated CREDIT_DEPRECATION_MESSAGE
-        refund(money, identification, options)
+      def credit(money, payment_object, options = {})
+        if(payment_object && payment_object.kind_of?(String))
+          deprecated "credit should only be used to credit a payment method"
+          return refund(money, payment_object, options)
+        end
+
+        post = {}
+        post[:PAYMENT_ACCOUNT] = ''
+        add_payment_method(post, payment_object)
+        post[:TRANS_TYPE] = 'CREDIT'
+
+        post[:NAME1] = (options[:first_name] ? options[:first_name] : "")
+        post[:NAME2] = options[:last_name] if options[:last_name]
+        post[:ZIP] = options[:zip] if options[:zip]
+        add_invoice(post, options)
+        add_address(post, options)
+        add_customer_data(post, options)
+        commit('CREDIT', money, post)
       end
 
       # Create a new recurring payment.
@@ -214,9 +227,12 @@ module ActiveMerchant #:nodoc:
       #   A money object of 1995 cents would be passed into the 'money' parameter.
       def recurring(money, payment_object, options = {})
         requires!(options, :rebill_start_date, :rebill_expression)
-        options[:rebill] = '1'
-        money == nil ? authorize(money, payment_object, options) :
-        purchase(money, payment_object, options)
+        options[:rebill] = true
+        if money
+          purchase(money, payment_object, options)
+        else
+          authorize(money, payment_object, options)
+        end
       end
 
       # View a recurring payment
@@ -252,11 +268,11 @@ module ActiveMerchant #:nodoc:
         requires!(options, :rebill_id)
         post[:REBILL_ID]          = options[:rebill_id]
         post[:TRANS_TYPE]         = 'SET'
-        post[:REB_AMOUNT]         = amount(options[:rebill_amount]) if !options[:rebill_amount].nil?
-        post[:NEXT_DATE]          = options[:rebill_next_date] if !options[:rebill_next_date].nil?
-        post[:REB_EXPR]           = options[:rebill_expression] if !options[:rebill_expression].nil?
-        post[:REB_CYCLES]         = options[:rebill_cycles] if !options[:rebill_cycles].nil?
-        post[:NEXT_AMOUNT]        = options[:rebill_next_amount] if !options[:rebill_next_amount].nil?
+        post[:REB_AMOUNT]         = amount(options[:rebill_amount]) if options[:rebill_amount]
+        post[:NEXT_DATE]          = options[:rebill_next_date]
+        post[:REB_EXPR]           = options[:rebill_expression]
+        post[:REB_CYCLES]         = options[:rebill_cycles]
+        post[:NEXT_AMOUNT]        = options[:rebill_next_amount]
         commit('rebill', 'nil', post)
       end
 
@@ -279,117 +295,133 @@ module ActiveMerchant #:nodoc:
       private
 
       def commit(action, money, fields)
-        fields[:AMOUNT] = amount(money) unless (fields[:TRANS_TYPE] == 'VOID' or action == 'rebill')
-        test? == true || @options[:test] == true ? fields[:MODE] = 'TEST' : fields[:MODE] = 'LIVE'
-        action == 'rebill' ? begin url = rebilling_url; fields[:TAMPER_PROOF_SEAL] = calc_rebill_tps(fields) end : begin url = live_url; fields[:TAMPER_PROOF_SEAL] = calc_tps(amount(money), fields) end
+        fields[:AMOUNT] = amount(money) unless(fields[:TRANS_TYPE] == 'VOID' || action == 'rebill')
+        fields[:MODE] = (test? ? 'TEST' : 'LIVE')
         fields[:ACCOUNT_ID] = @options[:login]
-        data = ssl_post url, post_data(action, fields)
-        response = parse(data)
-        message = message_from(response)
-        test_mode = test? || fields[:MODE] == 'TEST'
-        if (response.has_key?('TRANS_ID'))
-          response_id = response['TRANS_ID'].to_s()
-        elsif (response.has_key?('rebill_id'))
-          response_id = response['rebill_id'][0]
+
+        if action == 'rebill'
+          url = rebilling_url
+          fields[:TAMPER_PROOF_SEAL] = calc_rebill_tps(fields)
         else
-          response_id = response[TRANSACTION_ID]
+          url = live_url
+          fields[:TAMPER_PROOF_SEAL] = calc_tps(amount(money), fields)
         end
-        avs = (response[AVS_RESULT_CODE] != '' ? response[AVS_RESULT_CODE] : '')
-        cvv2 = (!response[CARD_CODE_RESPONSE_CODE].empty? ? response[CARD_CODE_RESPONSE_CODE] : '')
-        Response.new(success?(response), message, response,
-          :test          => test_mode,
-          :authorization => response_id,
-          :fraud_review  => fraud_review?(response),
-          :avs_result    => { :code => avs },
-          :cvv_result    => cvv2
-        )
+        parse(ssl_post(url, post_data(action, fields)))
       end
 
-      def success?(response)
-        if (response['STATUS'] == '1' || message_from(response) =~ /approved/ || response.has_key?('rebill_id') || response[RESPONSE_REASON_TEXT] =~ /approved/)
-          return true
-        else
-          return false
+      def parse_recurring(response_fields, opts={}) # expected status?
+        parsed = {}
+        response_fields.each do |k,v|
+          mapped_key = REBILL_FIELD_MAP.include?(k) ? REBILL_FIELD_MAP[k] : k
+          parsed[mapped_key] = v
         end
-      end
 
-      def fraud_review?(response)
-        response['STATUS'] == 'E' || response['STATUS'] == '0' || response[RESPONSE_REASON_TEXT] =~ /being reviewed/
-      end
+        success = parsed[:status] != 'error'
+        message = parsed[:status]
 
-      def get_rebill_id(response)
-        response['REBID'] if response_has.key?('REBID')
+        Response.new(success, message, parsed,
+          :test          => test?,
+          :authorization => parsed[:rebill_id])
       end
 
       def parse(body)
-        fields = CGI::parse(body)
-        if fields.has_key?('MESSAGE') or fields.has_key?('rebill_id')
-          if fields.has_key?('MESSAGE')
-            fields['MESSAGE'][0] == "Missing ACCOUNT_ID" ? message = "The merchant login ID or password is invalid" : message = fields['MESSAGE']
-            fields['MESSAGE'][0] =~ /Approved/ ? message = "This transaction has been approved" : message = fields['MESSAGE'] if message == fields['MESSAGE']
-            fields['MESSAGE'][0] =~ /Expired/ ? message = "The credit card has expired" : message = fields['MESSAGE'] if message == fields['MESSAGE']
-            fields.delete('MESSAGE')
-          end
-          fields.has_key?('STATUS') ? begin status = fields['STATUS']; fields.delete('STATUS') end : status = ''
-          fields.has_key?('AVS') ? begin avs = fields['AVS']; fields.delete('AVS') end : avs = ''
-          fields.has_key?('CVV2') ? begin cvv2 = fields['CVV2']; fields.delete('CVV2') end : cvv2 = ''
-          fields.has_key?('MASTER_ID') ? begin trans_id = fields['MASTER_ID']; fields.delete('MASTER_ID') end : trans_id = ''
-          fields[:avs_result_code] = avs
-          fields[:card_code] = cvv2
-          fields[:response_code] = status
-          fields[:response_reason_code] = ''
-          fields[:response_reason_text] = message
-          fields[:transaction_id] = trans_id
-          return fields
+        # The bp20api has max one value per form field.
+        response_fields = Hash[CGI::parse(body).map{|k,v| [k.upcase,v.first]}]
+
+        if response_fields.include? "REBILL_ID"
+          return parse_recurring(response_fields)
+        end
+
+        parsed = {}
+        response_fields.each do |k,v|
+          mapped_key = FIELD_MAP.include?(k) ? FIELD_MAP[k] : k
+          parsed[mapped_key] = v
         end
-        # parse response if using other old API
-        hash = Hash.new
-        fields = fields.first[0].split(",")
-        fields.each_index do |x|
-          hash[x] = fields[x].tr('$','')
+
+        # normalize message
+        message = message_from(parsed)
+        success = parsed[:response_code] == '1'
+        Response.new(success, message, parsed,
+          :test          => test?,
+          :authorization => (parsed[:rebid] && parsed[:rebid] != '' ? parsed[:rebid] : parsed[:transaction_id]),
+          :fraud_review  => FRAUD_REVIEW_STATUSES.include?(parsed[:response_code]),
+          :avs_result    => { :code => parsed[:avs_result_code] },
+          :cvv_result    => parsed[:card_code]
+        )
+      end
+
+      def message_from(parsed)
+        message = parsed[:message]
+        if(parsed[:response_code].to_i == 2)
+          if CARD_CODE_ERRORS.include?(parsed[:card_code])
+            message = CVVResult.messages[parsed[:card_code]]
+          elsif AVS_ERRORS.include?(parsed[:avs_result_code])
+            message = AVSResult.messages[ parsed[:avs_result_code] ]
+          else
+            message = message.chomp('.')
+          end
+        elsif message == "Missing ACCOUNT_ID" 
+          message = "The merchant login ID or password is invalid"
+        elsif message =~ /Approved/
+          message = "This transaction has been approved"
+        elsif message =~  /Expired/
+          message =  "The credit card has expired"
         end
-        hash
+        message
       end
 
       def add_invoice(post, options)
-        post[:ORDER_ID]    = options[:order_id] if options.has_key? :order_id
-        post[:INVOICE_ID]  = options[:invoice] if options.has_key? :invoice
-        post[:invoice_num] = options[:order_id] if options.has_key? :order_id
-        post[:MEMO]        = options[:description] if options.has_key? :description
-        post[:description] = options[:description] if options.has_key? :description
+        post[:ORDER_ID]    = options[:order_id]
+        post[:INVOICE_ID]  = options[:invoice]
+        post[:invoice_num] = options[:order_id]
+        post[:MEMO]        = options[:description]
+        post[:description] = options[:description]
+      end
+
+      def add_payment_method(post, payment_object)
+        post[:MASTER_ID] = ''
+        case payment_object
+        when String
+          post[:MASTER_ID] = payment_object
+        when Check
+          add_check(post, payment_object)
+        else
+          add_creditcard(post, payment_object)
+        end
       end
 
       def add_creditcard(post, creditcard)
         post[:PAYMENT_TYPE]    = 'CREDIT'
         post[:PAYMENT_ACCOUNT] = creditcard.number
-        post[:CARD_CVV2]       = creditcard.verification_value if
-                              creditcard.verification_value?
+        post[:CARD_CVV2]       = creditcard.verification_value
         post[:CARD_EXPIRE]     = expdate(creditcard)
         post[:NAME1]           = creditcard.first_name
         post[:NAME2]           = creditcard.last_name
       end
 
+      CHECK_ACCOUNT_TYPES = {
+        "checking" => "C",
+        "savings" => "S"
+      }
+
       def add_check(post, check)
         post[:PAYMENT_TYPE]     = 'ACH'
-        post[:PAYMENT_ACCOUNT]  = check.account_type + ":" + check.routing_number + ":" + check.account_number
+        post[:PAYMENT_ACCOUNT]  = [CHECK_ACCOUNT_TYPES[check.account_type], check.routing_number, check.account_number].join(":")
         post[:NAME1]            = check.first_name
         post[:NAME2]            = check.last_name
       end
 
       def add_customer_data(post, options)
-          post[:EMAIL]     = options[:email] if options.has_key? :email
-          post[:CUSTOM_ID] = options[:customer] if options.has_key? :customer
+          post[:EMAIL]     = options[:email]
+          post[:CUSTOM_ID] = options[:customer]
       end
 
-      def add_duplicate_window(post)
-        unless duplicate_window.nil?
-          post[:duplicate_window] = duplicate_window
-          post[:DUPLICATE_OVERRIDE] = duplicate_window
-        end
+      def add_duplicate_override(post, options)
+        post[:DUPLICATE_OVERRIDE] = options[:duplicate_override]
       end
 
       def add_address(post, options)
-        if address = options[:billing_address] || options[:address]
+        if address = (options[:shipping_address] || options[:billing_address] || options[:address])
           post[:NAME1]        = address[:first_name]
           post[:NAME2]        = address[:last_name]
           post[:ADDR1]        = address[:address1]
@@ -397,27 +429,23 @@ module ActiveMerchant #:nodoc:
           post[:COMPANY_NAME] = address[:company]
           post[:PHONE]        = address[:phone]
           post[:CITY]         = address[:city]
-          post[:STATE]        = address[:state].blank?  ? 'n/a' : address[:state]
+          post[:STATE]        = (address[:state].blank? ? 'n/a' : address[:state])
           post[:ZIP]          = address[:zip]
           post[:COUNTRY]      = address[:country]
         end
-        if address = options[:shipping_address]
-          post[:NAME1]        = address[:first_name]
-          post[:NAME2]        = address[:last_name]
-          post[:ADDR1]        = address[:address1]
-          post[:ADDR1]        = address[:address1]
-          post[:COMPANY_NAME] = address[:company]
-          post[:PHONE]        = address[:phone]
-          post[:ZIP]          = address[:zip]
-          post[:CITY]         = address[:city]
-          post[:COUNTRY]      = address[:country]
-          post[:STATE]        = address[:state].blank?  ? 'n/a' : address[:state]
-        end
+      end
+
+      def add_rebill(post, options)
+        post[:DO_REBILL]       = '1'
+        post[:REB_AMOUNT]      = amount(options[:rebill_amount])
+        post[:REB_FIRST_DATE]  = options[:rebill_start_date]
+        post[:REB_EXPR]        = options[:rebill_expression]
+        post[:REB_CYCLES]      = options[:rebill_cycles]
       end
 
       def post_data(action, parameters = {})
         post = {}
-        post[:version]        = '3.0'
+        post[:version]        = '1'
         post[:login]          = ''
         post[:tran_key]       = ''
         post[:relay_response] = "FALSE"
@@ -427,60 +455,48 @@ module ActiveMerchant #:nodoc:
         post[:encap_char]     = "$"
         post[:card_num]       = '4111111111111111'
         post[:exp_date]       = '1212'
-        post[:solution_ID]    = application_id if application_id.present? && application_id != "ActiveMerchant"
-        request = post.merge(parameters).collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
-        request
-      end
-
-      def message_from(results)
-        if results[:response_code] == 2
-          return CVVResult.messages[ results[:card_code] ] if CARD_CODE_ERRORS.include?(results[:card_code])
-          if AVS_REASON_CODES.include?(results[:response_reason_code]) && AVS_ERRORS.include?(results[:avs_result_code])
-            return AVSResult.messages[ results[:avs_result_code] ]
-          end
-          return (results[:response_reason_text] ? results[:response_reason_text].chomp('.') : '')
-        end
-        if results.has_key?(:response_reason_text)
-          return results[:response_reason_text].to_s()
-        end
-        if !results.has_key?('STATUS')
-          return results[RESPONSE_REASON_TEXT] ? results[RESPONSE_REASON_TEXT].chomp('.') : ''
-        end
+        post[:solution_ID]    = application_id if(application_id && application_id != "ActiveMerchant")
+        post.merge(parameters).collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
       end
 
       def expdate(creditcard)
-        year  = sprintf("%.4i", creditcard.year)
-        month = sprintf("%.2i", creditcard.month)
+        year  = format(creditcard.year, :two_digits)
+        month = format(creditcard.month, :two_digits)
 
-        "#{month}#{year[-2..-1]}"
+        "#{month}#{year}"
       end
 
       def calc_tps(amount, post)
-        post[:NAME1] = '' if post[:NAME1].nil?
-        digest = Digest::MD5.hexdigest(@options[:password] +
-        @options[:login] + post[:TRANS_TYPE] +
-        amount.to_s() + post[:MASTER_ID].to_s() +
-        post[:NAME1].to_s() + post[:PAYMENT_ACCOUNT].to_s())
-        return digest
+        post[:NAME1] ||= ''
+        Digest::MD5.hexdigest(
+          [
+            @options[:password],
+            @options[:login],
+            post[:TRANS_TYPE],
+            amount,
+            post[:MASTER_ID],
+            post[:NAME1],
+            post[:PAYMENT_ACCOUNT]
+          ].join("")
+        )
       end
 
       def calc_rebill_tps(post)
-        digest = Digest::MD5.hexdigest(@options[:password] +
-        @options[:login] + post[:TRANS_TYPE] + post[:REBILL_ID][0].to_s())
-        return digest
+        Digest::MD5.hexdigest(
+          [
+            @options[:password],
+            @options[:login],
+            post[:TRANS_TYPE],
+            post[:REBILL_ID]
+          ].join("")
+        )
       end
 
       def handle_response(response)
-        if ignore_http_status then
+        if ignore_http_status || (200...300).include?(response.code.to_i)
           return response.body
-        else
-          case response.code.to_i
-          when 200...300
-            response.body
-          else
-            raise ResponseError.new(response)
-          end
         end
+        raise ResponseError.new(response)
       end
     end
   end