adyen 0.1.4

data/.gitignore

@@ -0,0 +1,4 @@
+/tmp
+/pkg
+/doc
+adyen-*.gem

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 Willem van Bergen and Michel Barbosa
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,32 @@
+= Adyen
+
+Package to simplify including the Adyen payments services into a Ruby on Rails application.
+
+Adyen integration relies on three modes of communication between Adyen, your server and your client/customer:
+
+* Client-to-Adyen communication using forms and redirects.
+* Adyen-to-server communications using notifications.
+* Server-to-Adyen communication using SOAP services.
+
+This library aims to ease the implementation of all these modes into your application. Moreover, it provides matchers, assertions and mocks to make it easier to implement an automated test suite to assert the integration is working correctly.
+
+== Installation
+
+This plugin can either be installed as gem or Rails plugin:
+
+    gem install wvanbergen-adyen --source http://gems.github.com    # as gem
+    script/plugin install git://github.com/wvanbergen/adyen.git     # as plugin
+
+== Usage
+
+See the project wiki on http://wiki.github.com/wvanbergen/adyen to get started.
+
+* For more information about Adyen, see http://www.adyen.com
+* For more information about integrating Adyen, see their manuals at
+  http://support.adyen.com/links/documentation
+
+== About
+
+This package is written by Michel Barbosa and Willem van Bergen for Floorplanner.com,
+and made public under the MIT license (see LICENSE). It comes without warranty of any kind,
+so use at your own risk.

data/Rakefile

@@ -0,0 +1,5 @@
+Dir[File.dirname(__FILE__) + "/tasks/*.rake"].each { |file| load(file) }
+
+GithubGem::RakeTasks.new(:gem)
+
+task :default => "spec:specdoc"

data/adyen.gemspec

@@ -0,0 +1,21 @@
+Gem::Specification.new do |s|
+  s.name    = 'adyen'
+  s.version = "0.1.4"
+  s.date    = "2009-09-29"
+
+  s.summary = "Integrate Adyen payment services in you Ruby on Rails application"
+  s.description = "Package to simplify including the Adyen payments services into a Ruby on Rails application."
+
+  s.authors  = ['Willem van Bergen', 'Michel Barbosa']
+  s.email    = ['willem@vanbergen.org', 'cicaboo@gmail.com']
+  s.homepage = 'http://www.adyen.com'
+
+  s.add_development_dependency('rspec', '>= 1.1.4')
+  s.add_development_dependency('git', '>= 1.1.0')
+
+  s.rdoc_options << '--title' << s.name << '--main' << 'README.rdoc' << '--line-numbers' << '--inline-source'
+  s.extra_rdoc_files = ['README.rdoc']
+
+  s.files = %w(spec/spec_helper.rb lib/adyen/form.rb .gitignore LICENSE spec/soap_spec.rb spec/notification_spec.rb lib/adyen/soap.rb init.rb spec/adyen_spec.rb adyen.gemspec Rakefile tasks/github-gem.rake spec/form_spec.rb README.rdoc lib/adyen/notification.rb lib/adyen/matchers.rb lib/adyen/formatter.rb lib/adyen.rb lib/adyen/encoding.rb)
+  s.test_files = %w(spec/soap_spec.rb spec/notification_spec.rb spec/adyen_spec.rb spec/form_spec.rb)
+end

data/init.rb

@@ -0,0 +1 @@
+require 'adyen'

data/lib/adyen.rb

@@ -0,0 +1,31 @@
+module Adyen
+  LIVE_RAILS_ENVIRONMENTS = ['production']
+
+  # Setter voor the current Adyen environment.
+  # Must be either 'test' or 'live'
+  def self.environment=(env)
+    @environment = env
+  end
+
+  # Returns the current Adyen environment.
+  # Returns either 'test' or 'live'.
+  def self.environment(override = nil)
+    override || @environment || Adyen.autodetect_environment
+  end
+
+  # Autodetects the Adyen environment based on the RAILS_ENV constant
+  def self.autodetect_environment
+    (defined?(RAILS_ENV) && Adyen::LIVE_RAILS_ENVIRONMENTS.include?(RAILS_ENV.to_s.downcase)) ? 'live' : 'test'
+  end
+
+  # Loads submodules on demand, so that dependencies are not required.
+  def self.const_missing(sym)
+    require "adyen/#{sym.to_s.downcase}"
+    return Adyen.const_get(sym)
+  rescue
+    super(sym)
+  end
+end
+
+require 'adyen/encoding'
+require 'adyen/formatter'

data/lib/adyen/encoding.rb

@@ -0,0 +1,21 @@
+require 'base64'
+require 'openssl'
+require 'stringio'
+require 'zlib'
+
+module Adyen
+  module Encoding
+    def self.hmac_base64(hmac_key, message)
+      digest = OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha1'), hmac_key, message)
+      Base64.encode64(digest).strip
+    end
+
+    def self.gzip_base64(message)
+      sio = StringIO.new
+      gz  = Zlib::GzipWriter.new(sio)
+      gz.write(message)
+      gz.close
+      Base64.encode64(sio.string).gsub("\n", "")
+    end
+  end
+end

data/lib/adyen/form.rb

@@ -0,0 +1,71 @@
+require 'action_view'
+
+module Adyen
+  module Form
+
+    extend ActionView::Helpers::TagHelper
+
+    ACTION_URL = "https://%s.adyen.com/hpp/select.shtml"
+
+    def self.url(environment = nil)
+      environment ||= Adyen.environment(environment)
+      Adyen::Form::ACTION_URL % environment.to_s
+    end
+
+    def self.calculate_signature_string(attributes)
+      merchant_sig_string = ""
+      merchant_sig_string << attributes[:payment_amount].to_s    << attributes[:currency_code].to_s      <<
+                             attributes[:ship_before_date].to_s  << attributes[:merchant_reference].to_s <<
+                             attributes[:skin_code].to_s         << attributes[:merchant_account].to_s   <<
+                             attributes[:session_validity].to_s  << attributes[:shopper_email].to_s      <<
+                             attributes[:shopper_reference].to_s << attributes[:recurring_contract].to_s <<
+                             attributes[:allowed_methods].to_s   << attributes[:blocked_methods].to_s    <<
+                             attributes[:shopper_statement].to_s << attributes[:billing_address_type].to_s
+    end
+
+    def self.calculate_signature(attributes)
+       Adyen::Encoding.hmac_base64(attributes.delete(:shared_secret), calculate_signature_string(attributes))
+    end
+
+    def self.do_attribute_transformations!(attributes = {})
+      raise "YENs are not yet supported!" if attributes[:currency_code] == 'JPY' # TODO: fixme
+
+      attributes[:recurring_contract] = 'DEFAULT' if attributes.delete(:recurring) == true
+      attributes[:order_data]         = Adyen::Encoding.gzip_base64(attributes.delete(:order_data_raw)) if attributes[:order_data_raw]
+      attributes[:ship_before_date]   = Adyen::Formatter::DateTime.fmt_date(attributes[:ship_before_date])
+      attributes[:session_validity]   = Adyen::Formatter::DateTime.fmt_time(attributes[:session_validity])
+    end
+
+
+    def self.hidden_fields(attributes = {})
+      do_attribute_transformations!(attributes)
+
+      raise "Cannot generate form: :currency code attribute not found!"         unless attributes[:currency_code]
+      raise "Cannot generate form: :payment_amount code attribute not found!"   unless attributes[:payment_amount]
+      raise "Cannot generate form: :merchant_account attribute not found!"      unless attributes[:merchant_account]
+      raise "Cannot generate form: :skin_code attribute not found!"             unless attributes[:skin_code]
+      raise "Cannot generate form: :shared_secret signing secret not provided!" unless attributes[:shared_secret]
+
+      # Merchant signature
+      attributes[:merchant_sig] = calculate_signature(attributes)
+
+      # Generate hidden input tags
+      attributes.map { |key, value|
+        self.tag(:input, :type => 'hidden', :name => key.to_s.camelize(:lower), :value => value)
+      }.join("\n")
+    end
+
+    def self.redirect_signature_string(params)
+      params[:authResult].to_s + params[:pspReference].to_s + params[:merchantReference].to_s + params[:skinCode].to_s
+    end
+
+    def self.redirect_signature(params, shared_secret)
+      Adyen::Encoding.hmac_base64(shared_secret, redirect_signature_string(params))
+    end
+
+    def self.redirect_signature_check(params, shared_secret)
+      params[:merchantSig] == redirect_signature(params, shared_secret)
+    end
+
+  end
+end

data/lib/adyen/formatter.rb

@@ -0,0 +1,37 @@
+module Adyen
+  module Formatter
+    module DateTime
+      # Returns a valid Adyen string representation for a date
+      def self.fmt_date(date)
+        case date
+        when Date, DateTime, Time
+          date.strftime('%Y-%m-%d')
+        else
+          raise "Invalid date notation: #{date.inspect}!" unless /^\d{4}-\d{2}-\d{2}$/ =~ date
+          date
+        end
+      end
+
+      # Returns a valid Adyen string representation for a timestamp
+      def self.fmt_time(time)
+        case time
+        when Date, DateTime, Time
+          time.strftime('%Y-%m-%dT%H:%M:%SZ')
+        else
+          raise "Invalid timestamp notation: #{time.inspect}!" unless /^\d{4}-\d{2}-\d{2}T\d{2}\:\d{2}\:\d{2}Z$/ =~ time
+          time
+        end
+      end
+    end
+
+    module Price
+      def self.in_cents(price)
+        ((price * 100).round).to_i
+      end
+
+      def self.from_cents(price)
+        BigDecimal.new(price.to_s) / 100
+      end
+    end
+  end
+end

data/lib/adyen/matchers.rb

@@ -0,0 +1,105 @@
+require 'xml'
+
+module Adyen
+  module Matchers
+
+    module XPathPaymentFormCheck
+
+      def self.build_xpath_query(checks)
+        # Start by finding the check for the Adyen form tag
+        xpath_query =  "//form[@action='#{Adyen::Form.url}']"
+
+        # Add recurring/single check if specified
+        recurring =  checks.delete(:recurring)
+        unless recurring.nil?
+          if recurring
+            xpath_query << "[descendant::input[@type='hidden'][@name='recurringContract']]"
+          else
+            xpath_query << "[not(descendant::input[@type='hidden'][@name='recurringContract'])]"
+          end
+        end
+
+        # Add a check for all the other fields specified
+        checks.each do |key, value|
+          condition  = "descendant::input[@type='hidden'][@name='#{key.to_s.camelize(:lower)}']"
+          condition << "[@value='#{value}']" unless value == :anything
+          xpath_query << "[#{condition}]"
+        end
+
+        return xpath_query
+      end
+
+      def self.document(subject)
+        if String === subject
+          XML::HTMLParser.string(subject).parse
+        elsif subject.respond_to?(:body)
+          XML::HTMLParser.string(subject.body).parse
+        elsif XML::Node === subject
+          subject
+        elsif XML::Document === subject
+          subject
+        else
+          raise "Cannot handle this XML input type"
+        end
+      end
+
+      def self.check(subject, checks = {})
+        document(subject).find_first(build_xpath_query(checks))
+      end
+    end
+
+    class HaveAdyenPaymentForm
+
+      def initialize(checks)
+        @checks = checks
+      end
+
+      def matches?(document)
+        Adyen::Matchers::XPathPaymentFormCheck.check(document, @checks)
+      end
+
+      def description
+        "have an adyen payment form"
+      end
+
+      def failure_message
+        "expected to find a valid Adyen form on this page"
+      end
+
+      def negative_failure_message
+        "expected not to find a valid Adyen form on this page"
+      end
+    end
+
+    def have_adyen_payment_form(checks = {})
+      default_checks = {:merchant_sig => :anything, :payment_amount => :anything, :currency_code => :anything, :skin_code => :anything }
+      HaveAdyenPaymentForm.new(default_checks.merge(checks))
+    end
+
+    def have_adyen_recurring_payment_form(checks = {})
+      recurring_checks = { :recurring => true, :shopper_email => :anything, :shopper_reference => :anything }
+      have_adyen_payment_form(recurring_checks.merge(checks))
+    end
+
+    def have_adyen_single_payment_form(checks = {})
+      recurring_checks = { :recurring => false }
+      have_adyen_payment_form(recurring_checks.merge(checks))
+    end
+
+    def assert_adyen_payment_form(subject, checks = {})
+      default_checks = {:merchant_sig => :anything, :payment_amount => :anything, :currency_code => :anything, :skin_code => :anything }
+      assert Adyen::Matchers::XPathPaymentFormCheck.check(subject, default_checks.merge(checks)), 'No Adyen payment form found'
+    end
+
+    def assert_adyen_recurring_payment_form(subject, checks = {})
+      recurring_checks = { :recurring => true, :shopper_email => :anything, :shopper_reference => :anything }
+      assert_adyen_payment_form(subject, recurring_checks.merge(checks))
+    end
+
+    def assert_adyen_single_payment_form(subject, checks = {})
+      recurring_checks = { :recurring => false }
+      assert_adyen_payment_form(subject, recurring_checks.merge(checks))
+    end
+
+  end
+end

data/lib/adyen/notification.rb

@@ -0,0 +1,99 @@
+require 'activerecord'
+
+module Adyen
+  class Notification < ActiveRecord::Base
+
+    DEFAULT_TABLE_NAME = :adyen_notifications
+    set_table_name(DEFAULT_TABLE_NAME)
+
+    validates_presence_of :event_code
+    validates_presence_of :psp_reference
+    validates_uniqueness_of :success, :scope => [:psp_reference, :event_code]
+
+    # Make sure we don't end up with an original_reference with an empty string
+    before_validation { |notification| notification.original_reference = nil if notification.original_reference.blank? }
+
+    def self.log(params)
+      converted_params = {}
+      # Convert each attribute from CamelCase notation to under_score notation
+      # For example, merchantReference will be converted to merchant_reference
+      params.each do |key, value|
+        field_name                   = key.to_s.underscore
+        converted_params[field_name] = value if self.column_names.include?(field_name)
+      end
+      self.create!(converted_params)
+    end
+
+    def authorisation?
+      event_code == 'AUTHORISATION'
+    end
+
+    alias :authorization? :authorisation?
+
+    def successful_authorisation?
+      event_code == 'AUTHORISATION' && success?
+    end
+
+    def collect_payment_for_recurring_contract!(options)
+      # Make sure we convert the value to cents
+      options[:value] = Adyen::Formatter::Price.in_cents(options[:value])
+      raise "This is not a recurring contract!" unless event_code == 'RECURRING_CONTRACT'
+      Adyen::SOAP::RecurringService.submit(options.merge(:recurring_reference => self.psp_reference))
+    end
+
+    def deactivate_recurring_contract!(options)
+      raise "This is not a recurring contract!" unless event_code == 'RECURRING_CONTRACT'
+      Adyen::SOAP::RecurringService.deactivate(options.merge(:recurring_reference => self.psp_reference))
+    end
+
+    alias :successful_authorization? :successful_authorisation?
+
+    class HttpPost < Notification
+
+      def self.log(request)
+        super(request.params)
+      end
+
+      def live=(value)
+        self.write_attribute(:live, [true, 1, '1', 'true'].include?(value))
+      end
+
+      def success=(value)
+        self.write_attribute(:success, [true, 1, '1', 'true'].include?(value))
+      end
+
+      def value=(value)
+        self.write_attribute(:value, Adyen::Formatter::Price.from_cents(value)) unless value.blank?
+      end
+    end
+
+    class Migration < ActiveRecord::Migration
+
+      def self.up(table_name = Adyen::Notification::DEFAULT_TABLE_NAME)
+        create_table(table_name) do |t|
+          t.boolean  :live,                  :null => false, :default => false
+          t.string   :event_code,            :null => false
+          t.string   :psp_reference,         :null => false
+          t.string   :original_reference,    :null => true
+          t.string   :merchant_reference,    :null => false
+          t.string   :merchant_account_code, :null => false
+          t.datetime :event_date,            :null => false
+          t.boolean  :success,               :null => false, :default => false
+          t.string   :payment_method,        :null => true
+          t.string   :operations,            :null => true
+          t.text     :reason
+          t.string   :currency,              :null => false, :limit => 3
+          t.decimal  :value,                 :null => true, :precision => 9, :scale => 2
+          t.boolean  :processed,             :null => false, :default => false
+          t.timestamps
+        end
+        add_index table_name, [:psp_reference, :event_code, :success], :unique => true, :name => 'adyen_notification_uniqueness'
+      end
+
+      def self.down(table_name = Adyen::Notification::DEFAULT_TABLE_NAME)
+        remove_index(table_name, :name => 'adyen_notification_uniqueness')
+        drop_table(table_name)
+      end
+    end
+  end
+end