adyen 0.3.8 → 1.0.0

data/lib/adyen/api/payment_service.rb

@@ -0,0 +1,258 @@
+require 'adyen/api/simple_soap_client'
+require 'adyen/api/templates/payment_service'
+
+module Adyen
+  module API
+    # This is the class that maps actions to Adyen’s Payment SOAP service.
+    #
+    # It’s encouraged to use the shortcut methods on the {API} module, which abstracts away the
+    # difference between this service and the {RecurringService}. Henceforth, for extensive
+    # documentation you should look at the {API} documentation.
+    #
+    # The most important difference is that you instantiate a {PaymentService} with the parameters
+    # that are needed for the call that you will eventually make.
+    #
+    # @example
+    #  payment = Adyen::API::PaymentService.new({
+    #    :reference => invoice.id,
+    #    :amount => {
+    #      :currency => 'EUR',
+    #      :value => invoice.amount,
+    #    },
+    #    :shopper => {
+    #      :email => user.email,
+    #      :reference => user.id,
+    #      #:ip => request.,
+    #    },
+    #    :card => {
+    #      :expiry_month => 12,
+    #      :expiry_year => 2012,
+    #      :holder_name => 'Simon Hopper',
+    #      :number => '4444333322221111',
+    #      :cvc => '737'
+    #    }
+    #  })
+    #  response = payment.authorise_payment
+    #  response.authorised? # => true
+    #
+    class PaymentService < SimpleSOAPClient
+      # The Adyen Payment SOAP service endpoint uri.
+      ENDPOINT_URI = 'https://pal-%s.adyen.com/pal/servlet/soap/Payment'
+
+      # @see API.authorise_payment
+      def authorise_payment
+        make_payment_request(authorise_payment_request_body, AuthorisationResponse)
+      end
+
+      # @see API.authorise_recurring_payment
+      def authorise_recurring_payment
+        make_payment_request(authorise_recurring_payment_request_body, AuthorisationResponse)
+      end
+
+      # @see API.authorise_one_click_payment
+      def authorise_one_click_payment
+        make_payment_request(authorise_one_click_payment_request_body, AuthorisationResponse)
+      end
+
+      # @see API.capture_payment
+      def capture
+        make_payment_request(capture_request_body, CaptureResponse)
+      end
+
+      # @see API.refund_payment
+      def refund
+        make_payment_request(refund_request_body, RefundResponse)
+      end
+
+      # @see API.cancel_payment
+      def cancel
+        make_payment_request(cancel_request_body, CancelResponse)
+      end
+
+      # @see API.cancel_or_refund_payment
+      def cancel_or_refund
+        make_payment_request(cancel_or_refund_request_body, CancelOrRefundResponse)
+      end
+
+      private
+
+      def make_payment_request(data, response_class)
+        call_webservice_action('authorise', data, response_class)
+      end
+
+      def authorise_payment_request_body
+        content = card_partial
+        if @params[:recurring]
+          validate_parameters!(:shopper => [:email, :reference])
+          content << ENABLE_RECURRING_CONTRACTS_PARTIAL
+        end
+        payment_request_body(content)
+      end
+
+      def authorise_recurring_payment_request_body
+        validate_parameters!(:shopper => [:email, :reference])
+        content = RECURRING_PAYMENT_BODY_PARTIAL % (@params[:recurring_detail_reference] || 'LATEST')
+        payment_request_body(content)
+      end
+
+      def authorise_one_click_payment_request_body
+        validate_parameters!(:recurring_detail_reference,
+                             :shopper => [:email, :reference],
+                             :card    => [:cvc])
+        content = ONE_CLICK_PAYMENT_BODY_PARTIAL % [@params[:recurring_detail_reference], @params[:card][:cvc]]
+        payment_request_body(content)
+      end
+
+      def payment_request_body(content)
+        validate_parameters!(:merchant_account, :reference, :amount => [:currency, :value])
+        content << amount_partial
+        content << shopper_partial if @params[:shopper]
+        LAYOUT % [@params[:merchant_account], @params[:reference], content]
+      end
+
+      def capture_request_body
+        CAPTURE_LAYOUT % capture_and_refund_params
+      end
+
+      def refund_request_body
+        REFUND_LAYOUT % capture_and_refund_params
+      end
+
+      def cancel_or_refund_request_body
+        validate_parameters!(:merchant_account, :psp_reference)
+        CANCEL_OR_REFUND_LAYOUT % [@params[:merchant_account], @params[:psp_reference]]
+      end
+
+      def cancel_request_body
+        validate_parameters!(:merchant_account, :psp_reference)
+        CANCEL_LAYOUT % [@params[:merchant_account], @params[:psp_reference]]
+      end
+
+      def capture_and_refund_params
+        validate_parameters!(:merchant_account, :psp_reference, :amount => [:currency, :value])
+        [@params[:merchant_account], @params[:psp_reference], *@params[:amount].values_at(:currency, :value)]
+      end
+
+      def amount_partial
+        AMOUNT_PARTIAL % @params[:amount].values_at(:currency, :value)
+      end
+
+      def card_partial
+        validate_parameters!(:card => [:holder_name, :number, :cvc, :expiry_year, :expiry_month])
+        card  = @params[:card].values_at(:holder_name, :number, :cvc, :expiry_year)
+        card << @params[:card][:expiry_month].to_i
+        CARD_PARTIAL % card
+      end
+
+      def shopper_partial
+        @params[:shopper].map { |k, v| SHOPPER_PARTIALS[k] % v }.join("\n")
+      end
+
+      class AuthorisationResponse < Response
+        ERRORS = {
+          "validation 101 Invalid card number"                           => [:number,       'is not a valid creditcard number'],
+          "validation 103 CVC is not the right length"                   => [:cvc,          'is not the right length'],
+          "validation 128 Card Holder Missing"                           => [:holder_name,  "can't be blank"],
+          "validation Couldn't parse expiry year"                        => [:expiry_year,  'could not be recognized'],
+          "validation Expiry month should be between 1 and 12 inclusive" => [:expiry_month, 'could not be recognized'],
+        }
+
+        AUTHORISED = 'Authorised'
+
+        def self.original_fault_message_for(attribute, message)
+          if error = ERRORS.find { |_, (a, m)| a == attribute && m == message }
+            error.first
+          else
+            message
+          end
+        end
+
+        response_attrs :result_code, :auth_code, :refusal_reason, :psp_reference
+
+        def success?
+          super && params[:result_code] == AUTHORISED
+        end
+
+        alias authorized? success?
+
+        # @return [Boolean] Returns whether or not the request was valid.
+        def invalid_request?
+          !fault_message.nil?
+        end
+
+        # In the case of a validation error, or SOAP fault message, this method will return an
+        # array describing what attribute failed validation and the accompanying message. If the
+        # errors is not of the common user validation errors, then the attribute is +:base+ and the
+        # full original message is returned.
+        #
+        # An optional +prefix+ can be given so you can seamlessly integrate this in your
+        # ActiveRecord model and copy over errors.
+        #
+        # @param [String,Symbol] prefix A string that should be used to prefix the error key.
+        # @return [Array<Symbol, String>] A name-message pair of the attribute with an error.
+        def error(prefix = nil)
+          if error = ERRORS[fault_message]
+            prefix ? ["#{prefix}_#{error[0]}".to_sym, error[1]] : error
+          else
+            [:base, fault_message]
+          end
+        end
+
+        def params
+          @params ||= xml_querier.xpath('//payment:authoriseResponse/payment:paymentResult') do |result|
+            {
+              :psp_reference  => result.text('./payment:pspReference'),
+              :result_code    => result.text('./payment:resultCode'),
+              :auth_code      => result.text('./payment:authCode'),
+              :refusal_reason => (invalid_request? ? fault_message : result.text('./payment:refusalReason'))
+            }
+          end
+        end
+      end
+
+      class ModificationResponse < Response
+        class << self
+          # @private
+          attr_accessor :request_received_value, :base_xpath
+        end
+
+        response_attrs :psp_reference, :response
+
+        # This only returns whether or not the request has been successfully received. Check the
+        # subsequent notification to see if the payment was actually mutated.
+        def success?
+          super && params[:response] == self.class.request_received_value
+        end
+
+        def params
+          @params ||= xml_querier.xpath(self.class.base_xpath) do |result|
+            {
+              :psp_reference  => result.text('./payment:pspReference'),
+              :response       => result.text('./payment:response')
+            }
+          end
+        end
+      end
+
+      class CaptureResponse < ModificationResponse
+        self.request_received_value = '[capture-received]'
+        self.base_xpath = '//payment:captureResponse/payment:captureResult'
+      end
+
+      class RefundResponse < ModificationResponse
+        self.request_received_value = '[refund-received]'
+        self.base_xpath = '//payment:refundResponse/payment:refundResult'
+      end
+
+      class CancelResponse < ModificationResponse
+        self.request_received_value = '[cancel-received]'
+        self.base_xpath = '//payment:cancelResponse/payment:cancelResult'
+      end
+
+      class CancelOrRefundResponse < ModificationResponse
+        self.request_received_value = '[cancelOrRefund-received]'
+        self.base_xpath = '//payment:cancelOrRefundResponse/payment:cancelOrRefundResult'
+      end
+    end
+  end
+end

data/lib/adyen/api/recurring_service.rb

@@ -0,0 +1,126 @@
+require 'adyen/api/simple_soap_client'
+require 'adyen/api/templates/recurring_service'
+
+module Adyen
+  module API
+    # This is the class that maps actions to Adyen’s Recurring SOAP service.
+    #
+    # It’s encouraged to use the shortcut methods on the {API} module, which abstracts away the
+    # difference between this service and the {PaymentService}. Henceforth, for extensive
+    # documentation you should look at the {API} documentation.
+    #
+    # The most important difference is that you instantiate a {RecurringService} with the parameters
+    # that are needed for the call that you will eventually make.
+    #
+    # @example
+    #  recurring = Adyen::API::RecurringService.new(:shopper => { :reference => user.id })
+    #  response = recurring.disable
+    #  response.success? # => true
+    #
+    class RecurringService < SimpleSOAPClient
+      # The Adyen Recurring SOAP service endpoint uri.
+      ENDPOINT_URI = 'https://pal-%s.adyen.com/pal/servlet/soap/Recurring'
+
+      # @see API.list_recurring_details
+      def list
+        call_webservice_action('listRecurringDetails', list_request_body, ListResponse)
+      end
+
+      # @see API.disable_recurring_contract
+      def disable
+        call_webservice_action('disable', disable_request_body, DisableResponse)
+      end
+
+      private
+
+      def list_request_body
+        validate_parameters!(:merchant_account, :shopper => [:reference])
+        LIST_LAYOUT % [@params[:merchant_account], @params[:shopper][:reference]]
+      end
+
+      def disable_request_body
+        validate_parameters!(:merchant_account, :shopper => [:reference])
+        if reference = @params[:recurring_detail_reference]
+          reference = RECURRING_DETAIL_PARTIAL % reference
+        end
+        DISABLE_LAYOUT % [@params[:merchant_account], @params[:shopper][:reference], reference || '']
+      end
+
+      class DisableResponse < Response
+        DISABLED_RESPONSES = %w{ [detail-successfully-disabled] [all-details-successfully-disabled] }
+
+        response_attrs :response
+
+        def success?
+          super && DISABLED_RESPONSES.include?(params[:response])
+        end
+
+        alias disabled? success?
+
+        def params
+          @params ||= { :response => xml_querier.text('//recurring:disableResponse/recurring:result/recurring:response') }
+        end
+      end
+
+      class ListResponse < Response
+        response_attrs :details, :last_known_shopper_email, :shopper_reference, :creation_date
+
+        def references
+          details.map { |d| d[:recurring_detail_reference] }
+        end
+
+        def params
+          @params ||= xml_querier.xpath('//recurring:listRecurringDetailsResponse/recurring:result') do |result|
+            details = result.xpath('.//recurring:RecurringDetail')
+            details.empty? ? {} : {
+              :creation_date            => DateTime.parse(result.text('./recurring:creationDate')),
+              :details                  => details.map { |node| parse_recurring_detail(node) },
+              :last_known_shopper_email => result.text('./recurring:lastKnownShopperEmail'),
+              :shopper_reference        => result.text('./recurring:shopperReference')
+            }
+          end
+        end
+
+        private
+
+        # @todo add support for elv
+        def parse_recurring_detail(node)
+          result = {
+            :recurring_detail_reference => node.text('./recurring:recurringDetailReference'),
+            :variant                    => node.text('./recurring:variant'),
+            :creation_date              => DateTime.parse(node.text('./recurring:creationDate'))
+          }
+
+          card = node.xpath('./recurring:card')
+          if card.children.empty?
+            result[:bank] = parse_bank_details(node.xpath('./recurring:bank'))
+          else
+            result[:card] = parse_card_details(card)
+          end
+
+          result
+        end
+
+        def parse_card_details(card)
+          {
+            :expiry_date => Date.new(card.text('./payment:expiryYear').to_i, card.text('./payment:expiryMonth').to_i, -1),
+            :holder_name => card.text('./payment:holderName'),
+            :number      => card.text('./payment:number')
+          }
+        end
+
+        def parse_bank_details(bank)
+          {
+            :bank_account_number => bank.text('./payment:bankAccountNumber'),
+            :bank_location_id    => bank.text('./payment:bankLocationId'),
+            :bank_name           => bank.text('./payment:bankName'),
+            :bic                 => bank.text('./payment:bic'),
+            :country_code        => bank.text('./payment:countryCode'),
+            :iban                => bank.text('./payment:iban'),
+            :owner_name          => bank.text('./payment:ownerName')
+          }
+        end
+      end
+    end
+  end
+end

data/lib/adyen/api/response.rb

@@ -0,0 +1,54 @@
+module Adyen
+  module API
+    # The base class of all responses returned by API calls to Adyen.
+    class Response
+      # Defines shortcut accessor methods, to {Response#params}, for the given parameters.
+      def self.response_attrs(*attrs)
+        attrs.each do |attr|
+          define_method(attr) { params[attr] }
+        end
+      end
+
+      # @return [Net::HTTPResponse] The response object returned by Net::HTTP.
+      attr_reader :http_response
+
+      # @param [Net::HTTPResponse] http_response The response object returned by Net::HTTP.
+      def initialize(http_response)
+        @http_response = http_response
+      end
+
+      # @return [String] The raw body of the response object.
+      def body
+        @http_response.body
+      end
+
+      # @return [Boolean] Whether or not the request was successful.
+      def success?
+        !http_failure?
+      end
+
+      # @return [Boolean] Whether or not the HTTP request was a success.
+      def http_failure?
+        !@http_response.is_a?(Net::HTTPSuccess)
+      end
+
+      # @return [XMLQuerier] The response body wrapped in a XMLQuerier.
+      def xml_querier
+        @xml_querier ||= XMLQuerier.new(@http_response.body)
+      end
+
+      # @return [Hash] Subclasses return the parsed response body.
+      def params
+        raise "The Adyen::API::Response#params method should be overridden in a subclass."
+      end
+
+      # @return [String,nil] The SOAP failure message, if there is one.
+      def fault_message
+        @fault_message ||= begin
+          message = xml_querier.text('//soap:Fault/faultstring')
+          message unless message.empty?
+        end
+      end
+    end
+  end
+end

data/lib/adyen/api/simple_soap_client.rb

@@ -0,0 +1,118 @@
+require 'net/https'
+
+require 'adyen/api/response'
+require 'adyen/api/xml_querier'
+
+module Adyen
+  module API
+    # The base class of the API classes that map to Adyen SOAP services.
+    class SimpleSOAPClient
+      # @private
+      ENVELOPE = <<EOS
+<?xml version="1.0"?>
+<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <soap:Body>
+    %s
+  </soap:Body>
+</soap:Envelope>
+EOS
+
+      # A CA file used to verify certificates when connecting to Adyen.
+      #
+      # @see http://curl.haxx.se/ca/cacert.pem
+      CACERT = File.expand_path('../cacert.pem', __FILE__)
+
+      class ClientError < StandardError
+        def initialize(response, action, endpoint)
+          @response, @action, @endpoint = response, action, endpoint
+        end
+
+        def message
+          "[#{@response.code} #{@response.message}] A client error occurred while calling SOAP action `#{@action}' on endpoint `#{@endpoint}'."
+        end
+      end
+
+      class << self
+        # When a response instance has been assigned, the subsequent call to
+        # {SimpleSOAPClient#call_webservice_action} will not make a remote call, but simply return
+        # the stubbed response instance. This is obviously meant for making payments from tests.
+        #
+        # @see PaymentService::TestHelpers
+        # @see RecurringService::TestHelpers
+        #
+        # @return [Response] The stubbed Response subclass instance.
+        attr_accessor :stubbed_response
+
+        # @return [URI]      A URI based on the ENDPOINT_URI constant defined on subclasses, where
+        #                    the environment type has been interpolated. E.g. Test environment.
+        def endpoint
+          @endpoint ||= URI.parse(const_get('ENDPOINT_URI') % Adyen.configuration.environment)
+        end
+      end
+
+      # @return [Hash]       A hash of key-value pairs required for the action that is to be called.
+      attr_reader :params
+
+      # @param [Hash] params A hash of key-value pairs required for the action that is to be called.
+      #                      These are merged with the Adyen::API.default_params.
+      def initialize(params = {})
+        @params = Adyen.configuration.default_api_params.merge(params)
+      end
+
+      def validate_parameter_value!(param, value)
+        if value.nil? || value =~ /^\s*$/
+          raise ArgumentError, "The required parameter `:#{param}' is missing."
+        end
+      end
+
+      def validate_parameters!(*params)
+        params.each do |param|
+          case param
+          when Symbol
+            validate_parameter_value!(param, @params[param])
+          when Hash
+            param.each do |name, attrs|
+              validate_parameter_value!(name, @params[name])
+              attrs.each { |attr| validate_parameter_value!("#{name} => :#{attr}", @params[name][attr]) }
+            end
+          end
+        end
+      end
+
+      # This method wraps the given XML +data+ in a SOAP envelope and posts it to +action+ on the
+      # +endpoint+ defined for the subclass.
+      #
+      # The result is a response object, with XMLQuerier, ready to be queried.
+      #
+      # If a {stubbed_response} has been set, then said response is returned and no actual remote
+      # calls are made.
+      #
+      # @param [String]   action         The remote action to call.
+      # @param [String]   data           The XML data to post to the remote action.
+      # @param [Response] response_class The Response subclass used to wrap the response from Adyen.
+      def call_webservice_action(action, data, response_class)
+        if response = self.class.stubbed_response
+          self.class.stubbed_response = nil
+          response
+        else
+          endpoint = self.class.endpoint
+
+          post = Net::HTTP::Post.new(endpoint.path, 'Accept' => 'text/xml', 'Content-Type' => 'text/xml; charset=utf-8', 'SOAPAction' => action)
+          post.basic_auth(Adyen.configuration.api_username, Adyen.configuration.api_password)
+          post.body = ENVELOPE % data
+
+          request = Net::HTTP.new(endpoint.host, endpoint.port)
+          request.use_ssl = true
+          request.ca_file = CACERT
+          request.verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+          request.start do |http|
+            http_response = http.request(post)
+            raise ClientError.new(http_response, action, endpoint) if http_response.is_a?(Net::HTTPClientError)
+            response_class.new(http_response)
+          end
+        end
+      end
+    end
+  end
+end