adyen_jpiqueras 2.3.0

data/spec/api/test_helpers_spec.rb

@@ -0,0 +1,84 @@
+# encoding: UTF-8
+
+require 'api/spec_helper'
+require 'adyen/api/test_helpers'
+
+describe "Test helpers" do
+  include APISpecHelper
+
+  after do
+    Net::HTTP.stubbing_enabled = false
+  end
+
+  describe Adyen::API::PaymentService do
+    before do
+      @params = {
+        :reference => 'order-id',
+        :amount => {
+          :currency => 'EUR',
+          :value => '1234',
+        },
+        :shopper => {
+          :email => 's.hopper@example.com',
+          :reference => 'user-id',
+          :ip => '61.294.12.12',
+          :statement => 'Invoice number 123456'
+        },
+        :card => {
+          :expiry_month => 12,
+          :expiry_year => 2012,
+          :holder_name => 'Simon わくわく Hopper',
+          :number => '4444333322221111',
+          :cvc => '737',
+          # Maestro UK/Solo only
+          #:issue_number => ,
+          #:start_month => ,
+          #:start_year => ,
+        }
+      }
+      @payment = @object = Adyen::API::PaymentService.new(@params)
+    end
+
+    it "returns an `authorized' response" do
+      stub_net_http(AUTHORISATION_DECLINED_RESPONSE)
+      Adyen::API::PaymentService.stub_success!
+      @payment.authorise_payment.should be_authorized
+
+      @payment.authorise_payment.should_not be_authorized
+    end
+
+    it "returns a `refused' response" do
+      stub_net_http(AUTHORISE_RESPONSE)
+      Adyen::API::PaymentService.stub_refused!
+      response = @payment.authorise_payment
+      response.should_not be_authorized
+      response.should_not be_invalid_request
+
+      @payment.authorise_payment.should be_authorized
+    end
+
+    it "returns a `invalid request' response" do
+      stub_net_http(AUTHORISE_RESPONSE)
+      Adyen::API::PaymentService.stub_invalid!
+      response = @payment.authorise_payment
+      response.should_not be_authorized
+      response.should be_invalid_request
+
+      @payment.authorise_payment.should be_authorized
+    end
+  end
+
+  describe Adyen::API::RecurringService do
+    before do
+      @params = { :shopper => { :reference => 'user-id' } }
+      @recurring = @object = Adyen::API::RecurringService.new(@params)
+    end
+
+    it "returns a `disabled' response" do
+      stub_net_http(DISABLE_RESPONSE % 'nope')
+      Adyen::API::RecurringService.stub_disabled!
+      @recurring.disable.should be_disabled
+      @recurring.disable.should_not be_disabled
+    end
+  end
+end

data/spec/functional/api_spec.rb

@@ -0,0 +1,117 @@
+# encoding: UTF-8
+require 'api/spec_helper'
+require 'nokogiri'
+
+API_SPEC_INITIALIZER = File.expand_path("../initializer.rb", __FILE__)
+
+if File.exist?(API_SPEC_INITIALIZER)
+
+  describe Adyen::API, "with an actual remote connection" do
+
+    before :all do
+      require API_SPEC_INITIALIZER
+      Net::HTTP.stubbing_enabled = false
+      @order_id = @user_id = Time.now.to_i
+      @payment_response = perform_payment_request
+    end
+
+    after :all do
+      Net::HTTP.stubbing_enabled = true
+    end
+
+    it "performs a payment request" do
+      @payment_response.should be_authorized
+      @payment_response.psp_reference.should_not be_empty
+    end
+
+    def perform_payment_request
+      Adyen::API.authorise_payment(
+        @order_id,
+        { :currency => 'EUR', :value => '1234' },
+        { :email => "#{@user_id}@example.com", :reference => @user_id },
+        { :expiry_month => '08', :expiry_year => '2018', :holder_name => "Simon #{@user_id} Hopper", :number => '4111111111111111', :cvc => '737' },
+        true
+      )
+    end
+
+    it "performs a recurring payment request" do
+      response = Adyen::API.authorise_recurring_payment(
+        @order_id,
+        { :currency => 'EUR', :value => '1234' },
+        { :email => "#{@user_id}@example.com", :reference => @user_id }
+      )
+      response.should be_authorized
+      response.psp_reference.should_not be_empty
+    end
+
+    it "performs a one-click payment request" do
+      detail   = Adyen::API.list_recurring_details(@user_id).references.last
+      response = Adyen::API.authorise_one_click_payment(
+        @order_id,
+        { :currency => 'EUR', :value => '1234' },
+        { :email => "#{@user_id}@example.com", :reference => @user_id },
+        { :cvc => '737' },
+        detail
+      )
+      response.should be_authorized
+      response.psp_reference.should_not be_empty
+    end
+
+    it "stores the provided ELV account details" do
+      response = Adyen::API.store_recurring_token(
+        { :email => "#{@user_id}@example.com", :reference => @user_id },
+        { :bank_location => "Berlin", :bank_name => "TestBank", :bank_location_id => "12345678", :holder_name => "Simon #{@user_id} Hopper", :number => "1234567890" }
+      )
+      response.should be_stored
+      response.recurring_detail_reference.should_not be_empty
+    end
+
+    it "stores the provided creditcard details" do
+      response = Adyen::API.store_recurring_token(
+        { :email => "#{@user_id}@example.com", :reference => @user_id },
+        { :expiry_month => '08', :expiry_year => '2018', :holder_name => "Simon #{@user_id} Hopper", :number => '4111111111111111' }
+      )
+      response.should be_stored
+      response.recurring_detail_reference.should_not be_empty
+    end
+
+    it "disables a recurring contract" do
+      response = Adyen::API.disable_recurring_contract(@user_id)
+      response.should be_success
+      response.should be_disabled
+    end
+
+    it "captures a payment" do
+      response = Adyen::API.capture_payment(@payment_response.psp_reference, { :currency => 'EUR', :value => '1234' })
+      response.should be_success
+    end
+
+    it "refunds a payment" do
+      response = Adyen::API.refund_payment(@payment_response.psp_reference, { :currency => 'EUR', :value => '1234' })
+      response.should be_success
+    end
+
+    it "cancels or refunds a payment" do
+      response = Adyen::API.cancel_or_refund_payment(@payment_response.psp_reference)
+      response.should be_success
+    end
+
+    it "cancels a payment" do
+      response = Adyen::API.cancel_payment(@payment_response.psp_reference)
+      response.should be_success
+    end
+
+    it "generates a billet" do
+      response = Adyen::API.generate_billet("{\"user_id\":66722,\"order_id\":6863}#signup",
+                                            { currency: "BRL", value: 1000 },
+                                            { first_name: "Jow", last_name: "Silver" },
+                                            "19762003691",
+                                            "boletobancario_santander",
+                                            "2014-07-16T18:16:11Z")
+      response.should be_success
+    end
+  end
+
+else
+  puts "[!] To run the functional tests you'll need to create `spec/functional/initializer.rb' and configure with your test account settings. See `spec/functional/initializer.rb.sample'."
+end

data/spec/functional/initializer.rb.ci

@@ -0,0 +1,3 @@
+Adyen.configuration.default_api_params = { :merchant_account => ENV['ADYEN_MERCHANT_ACCOUNT'] }
+Adyen.configuration.api_username = ENV['ADYEN_API_USERNAME']
+Adyen.configuration.api_password = ENV['ADYEN_API_PASSWORD']

data/spec/functional/initializer.rb.sample

@@ -0,0 +1,3 @@
+Adyen.configuration.default_api_params = { :merchant_account => 'SuperShopperCOM' }
+Adyen.configuration.api_username = 'ws@company.SuperShopper'
+Adyen.configuration.api_password = '$ecret'

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+# encoding: UTF-8
+
+require 'rspec'
+require 'adyen/matchers'
+
+RSpec.configure do |config|
+  config.include Adyen::Matchers
+end

data/test/form_test.rb

@@ -0,0 +1,303 @@
+require 'test_helper'
+require 'adyen/form'
+
+class FormTest < Minitest::Test
+  include Adyen::Matchers
+  include Adyen::Test::EachXMLBackend
+
+  def setup
+    Adyen.configuration.default_form_params[:merchant_account] = 'TestMerchant'
+    Adyen.configuration.register_form_skin(:testing, '4aD37dJA', 'Kah942*$7sdp0)')
+    Adyen.configuration.register_form_skin(:other, 'sk1nC0de', 'shared_secret', merchant_account: 'OtherMerchant')
+
+    # Use autodetection for the environment unless otherwise specified
+    Adyen.configuration.environment = nil
+    Adyen.configuration.payment_flow = :select
+    Adyen.configuration.payment_flow_domain = nil
+
+    @payment_attributes = { 
+      :skin => :testing, 
+      :currency_code => 'GBP', 
+      :payment_amount => 10000,
+      :merchant_reference => 'Internet Order 12345',
+      :ship_before_date => '2007-10-20', 
+      :session_validity => '2007-10-11T11:00:00Z',
+      :billing_address => {
+        :street               => 'Alexanderplatz',
+        :house_number_or_name => '0815',
+        :city                 => 'Berlin',
+        :postal_code          => '10119',
+        :state_or_province    => 'Berlin',
+        :country              => 'Germany',
+      },
+      :delivery_address => {
+        :street               => 'Pecunialaan',
+        :house_number_or_name => '316',
+        :city                 => 'Geldrop',
+        :state_or_province    => 'None',
+        :postal_code          => '1234 AB',
+        :country              => 'Netherlands',
+      },
+      :shopper => {
+        :telephone_number       => '1234512345',
+        :first_name             => 'John',
+        :last_name              => 'Doe',
+        :social_security_number => '123-45-1234'
+      },
+      :openinvoicedata => {
+        :number_of_lines => 1,
+        :line1 => {
+          :number_of_items => 2,
+          :item_amount => 4000,
+          :currency_code => 'GBP',
+          :item_vat_amount => 1000,
+          :item_vat_percentage => 2500,
+          :item_vat_category => 'High',
+          :description => 'Product Awesome'
+        },
+        :refund_description => 'Refund for 12345'
+      }
+    }
+
+    @recurring_payment_attributes = @payment_attributes.merge(
+      :skin               => :other,
+      :recurring_contract => 'DEFAULT', 
+      :shopper_reference  => 'grasshopper52', 
+      :shopper_email      => 'gras.shopper@somewhere.org'
+    )
+
+    Adyen::Form.do_parameter_transformations!(@payment_attributes)
+    Adyen::Form.do_parameter_transformations!(@recurring_payment_attributes)
+  end
+
+  def test_autodetected_redirect_url
+    assert_equal 'https://test.adyen.com/hpp/select.shtml', Adyen::Form.url
+
+    Adyen.configuration.stubs(:autodetect_environment).returns('live')
+    assert_equal 'https://live.adyen.com/hpp/select.shtml', Adyen::Form.url
+  end
+
+  def test_explicit_redirect_url
+    assert_equal 'https://live.adyen.com/hpp/select.shtml', Adyen::Form.url(:live)
+    assert_equal 'https://test.adyen.com/hpp/select.shtml', Adyen::Form.url(:test)
+
+    Adyen.configuration.environment = :live
+    assert_equal 'https://live.adyen.com/hpp/select.shtml', Adyen::Form.url
+  end
+
+  def test_redirect_url_for_different_payment_flows
+    Adyen.configuration.payment_flow = :select
+    assert_equal 'https://test.adyen.com/hpp/select.shtml', Adyen::Form.url
+
+    Adyen.configuration.payment_flow = :pay
+    assert_equal 'https://test.adyen.com/hpp/pay.shtml', Adyen::Form.url
+
+    Adyen.configuration.payment_flow = :details
+    assert_equal 'https://test.adyen.com/hpp/details.shtml', Adyen::Form.url
+  end
+
+  def test_redirect_url_for_custom_domain
+    Adyen.configuration.payment_flow_domain = "checkout.mydomain.com"
+    assert_equal 'https://checkout.mydomain.com/hpp/select.shtml', Adyen::Form.url
+  end
+
+  def test_redirect_url_generation
+    attributes = { 
+      :currency_code => 'GBP', :payment_amount => 10000, :ship_before_date => Date.today,
+      :merchant_reference => 'Internet Order 12345', :skin => :testing, :session_validity => Time.now + 3600 
+    }
+
+    redirect_uri = URI(Adyen::Form.redirect_url(attributes))
+    assert_match %r[^#{Adyen::Form.url}], redirect_uri.to_s
+
+    params = CGI.parse(redirect_uri.query)
+    attributes.each do |key, value|
+      assert_equal value.to_s, params[Adyen::Util.camelize(key).to_s].first
+    end
+
+    assert params.key?('merchantSig'), "Expected a merchantSig parameter to be set"
+  end
+
+  def test_payment_methods_url_generation
+    attributes = { 
+      :currency_code => 'GBP', :payment_amount => 10000, :ship_before_date => Date.today,
+      :merchant_reference => 'Internet Order 12345', :skin => :testing, :session_validity => Time.now + 3600 
+    }
+
+    redirect_uri = URI(Adyen::Form.payment_methods_url(attributes))
+    assert_match %r[^#{Adyen::Form.url(nil, :directory)}], redirect_uri.to_s
+
+    params = CGI.parse(redirect_uri.query)
+    attributes.each do |key, value|
+      assert_equal value.to_s, params[Adyen::Util.camelize(key).to_s].first
+    end
+
+    assert params.key?('merchantSig'), "Expected a merchantSig parameter to be set"
+  end  
+
+  def test_redirect_signature_string
+    signature_string = Adyen::Form.calculate_signature_string(@payment_attributes)
+    assert_equal "10000GBP2007-10-20Internet Order 123454aD37dJATestMerchant2007-10-11T11:00:00Z", signature_string
+
+    signature_string = Adyen::Form.calculate_signature_string(@payment_attributes.merge(:merchant_return_data => 'testing123'))
+    assert_equal "10000GBP2007-10-20Internet Order 123454aD37dJATestMerchant2007-10-11T11:00:00Ztesting123", signature_string
+
+    signature_string = Adyen::Form.calculate_signature_string(@recurring_payment_attributes)
+    assert_equal "10000GBP2007-10-20Internet Order 12345sk1nC0deOtherMerchant2007-10-11T11:00:00Zgras.shopper@somewhere.orggrasshopper52DEFAULT", signature_string
+
+    signature_string = Adyen::Form.calculate_signature_string(@payment_attributes.merge(:billing_address_type => '1', :delivery_address_type => '2'))
+    assert_equal "10000GBP2007-10-20Internet Order 123454aD37dJATestMerchant2007-10-11T11:00:00Z12", signature_string
+
+    signature_string = Adyen::Form.calculate_signature_string(@payment_attributes.merge(:delivery_address_type => '2', :shopper_type => '1'))
+    assert_equal "10000GBP2007-10-20Internet Order 123454aD37dJATestMerchant2007-10-11T11:00:00Z21", signature_string
+  end
+
+  def test_redirect_signature
+    assert_equal 'x58ZcRVL1H6y+XSeBGrySJ9ACVo=', Adyen::Form.calculate_signature(@payment_attributes)
+    assert_equal 'EZtZS/33I6qsXptTfRIFMJxeKFE=', Adyen::Form.calculate_signature(@recurring_payment_attributes)
+
+    @payment_attributes.delete(:shared_secret)
+    assert_raises(ArgumentError) { Adyen::Form.calculate_signature(@payment_attributes) }
+  end
+
+  def test_shopper_signature
+    signature_string = Adyen::Form.calculate_shopper_signature_string(@payment_attributes[:shopper])
+    assert_equal "JohnDoe1234512345", signature_string
+    assert_equal 'rb2GEs1kGKuLh255a3QRPBYXmsQ=', Adyen::Form.calculate_shopper_signature(@payment_attributes)
+
+    @payment_attributes.delete(:shared_secret)
+    assert_raises(ArgumentError) { Adyen::Form.calculate_shopper_signature(@payment_attributes) } 
+  end
+
+  def test_billing_address_signature
+    signature_string = Adyen::Form.calculate_billing_address_signature_string(@payment_attributes[:billing_address])
+    assert_equal "Alexanderplatz0815Berlin10119BerlinGermany", signature_string
+    assert_equal '5KQb7VJq4cz75cqp11JDajntCY4=', Adyen::Form.calculate_billing_address_signature(@payment_attributes)
+
+    @payment_attributes.delete(:shared_secret)
+    assert_raises(ArgumentError) { Adyen::Form.calculate_billing_address_signature(@payment_attributes) } 
+  end
+
+  def test_delivery_address_signature
+    signature_string = Adyen::Form.calculate_delivery_address_signature_string(@payment_attributes[:delivery_address])
+    assert_equal "Pecunialaan316Geldrop1234 ABNoneNetherlands", signature_string
+    assert_equal 'g8wPEWYrDPatkGXzuQbN1++JVbE=', Adyen::Form.calculate_delivery_address_signature(@payment_attributes)
+
+    @payment_attributes.delete(:shared_secret)
+    assert_raises(ArgumentError) { Adyen::Form.calculate_delivery_address_signature(@payment_attributes) }
+  end
+
+  def test_open_invoice_signature
+    merchant_sig = Adyen::Form.calculate_signature(@payment_attributes, @payment_attributes[:shared_secret])
+    signature_string = Adyen::Form.calculate_open_invoice_signature_string(merchant_sig, @payment_attributes[:openinvoicedata])
+    expected_string =
+      [
+        'merchantSig',
+        'openinvoicedata.line1.currencyCode',
+        'openinvoicedata.line1.description',
+        'openinvoicedata.line1.itemAmount',
+        'openinvoicedata.line1.itemVatAmount',
+        'openinvoicedata.line1.itemVatCategory',
+        'openinvoicedata.line1.itemVatPercentage',
+        'openinvoicedata.line1.numberOfItems',
+        'openinvoicedata.numberOfLines',
+        'openinvoicedata.refundDescription'
+      ].join(':') +
+      '|' +
+      [
+        merchant_sig,
+        'GBP',
+        'Product Awesome',
+        4000,
+        1000,
+        'High',
+        2500,
+        2,
+        1,
+        'Refund for 12345'
+      ].join(':')
+
+    assert_equal expected_string, signature_string
+    assert_equal 'OI71VGB7G3vKBRrtE6Ibv+RWvYY=', Adyen::Form.calculate_open_invoice_signature(@payment_attributes)
+
+    @payment_attributes.delete(:shared_secret)
+    assert_raises(ArgumentError) { Adyen::Form.calculate_open_invoice_signature(@payment_attributes) }
+  end
+
+  def test_billing_signatures_in_redirect_url
+    get_params = CGI.parse(URI(Adyen::Form.redirect_url(@payment_attributes)).query)
+    assert_equal '5KQb7VJq4cz75cqp11JDajntCY4=', get_params['billingAddressSig'].first
+    assert_equal 'g8wPEWYrDPatkGXzuQbN1++JVbE=', get_params['deliveryAddressSig'].first
+    assert_equal 'rb2GEs1kGKuLh255a3QRPBYXmsQ=', get_params['shopperSig'].first
+    assert_equal 'OI71VGB7G3vKBRrtE6Ibv+RWvYY=', get_params['openinvoicedata.sig'].first
+  end  
+
+  def test_redirect_signature_check
+    params = { 
+      'authResult' => 'AUTHORISED', 'pspReference' => '1211992213193029',
+      'merchantReference' => 'Internet Order 12345', 'skinCode' => '4aD37dJA',
+      'merchantSig' => 'ytt3QxWoEhAskUzUne0P5VA9lPw='
+    }
+
+    assert_equal params['merchantSig'], Adyen::Form.redirect_signature(params)
+    
+    assert Adyen::Form.redirect_signature_check(params) # shared secret from registered skin
+    assert Adyen::Form.redirect_signature_check(params, 'Kah942*$7sdp0)') # explicitly provided shared secret
+    
+    refute Adyen::Form.redirect_signature_check(params.merge('skinCode' => 'sk1nC0de'))
+    refute Adyen::Form.redirect_signature_check(params, 'wrong_shared_secret')
+
+    refute Adyen::Form.redirect_signature_check(params.merge('pspReference' => 'tampered'))
+    refute Adyen::Form.redirect_signature_check(params.merge('merchantSig' => 'tampered'))
+
+    assert_raises(ArgumentError) { Adyen::Form.redirect_signature_check(nil) }
+    assert_raises(ArgumentError) { Adyen::Form.redirect_signature_check({}) }
+    assert_raises(ArgumentError) { Adyen::Form.redirect_signature_check(params.delete(:skinCode)) }
+  end
+
+  def test_redirect_signature_check_with_escaped_params
+    Adyen.configuration.register_form_skin(:testing, 'tifSfXeX', 'testing123', :merchant_account => 'VanBergenORG')
+
+# http://example.com/result?merchantReference=HPP+test+order+%25231&skinCode=tifSfXeX&shopperLocale=en_GB&paymentMethod=visa&authResult=AUTHORISED&pspReference=8814131153369759&merchantSig=il8cjgOiG4N9l2PlSf6h4EVQ6hk%253D
+    params = {
+      "merchantReference"=>CGI.unescape("HPP test order %231"), "skinCode"=>"tifSfXeX", 
+      "shopperLocale"=>"en_GB", "paymentMethod"=>"visa", "authResult"=>"AUTHORISED", 
+      "pspReference"=>"8814131148758652", "merchantSig"=> CGI.unescape("q8J9P%2Fp%2FYsbnnFn%2F83TFsv7Hais%3D")
+    }
+
+    assert_equal params['merchantSig'], Adyen::Form.redirect_signature(params)
+  end
+
+  def test_hidden_payment_form_fields
+    payment_snippet = <<-HTML
+      <form id="adyen" action="#{CGI.escapeHTML(Adyen::Form.url)}" method="post">
+        #{Adyen::Form.hidden_fields(@payment_attributes)}
+      </form>
+    HTML
+
+    for_each_xml_backend do
+      assert_adyen_single_payment_form payment_snippet, 
+        merchantAccount: 'TestMerchant', 
+        currencyCode: 'GBP', 
+        paymentAmount: '10000',
+        skinCode: '4aD37dJA'
+    end
+  end
+
+  def test_hidden_recurring_payment_form_fields
+    recurring_snippet = <<-HTML
+      <form id="adyen" action="#{CGI.escapeHTML(Adyen::Form.url)}" method="post">
+        #{Adyen::Form.hidden_fields(@recurring_payment_attributes)}
+      </form>
+    HTML
+
+    for_each_xml_backend do
+      assert_adyen_recurring_payment_form recurring_snippet, 
+        merchantAccount: 'OtherMerchant', 
+        currencyCode: 'GBP', 
+        paymentAmount: '10000',
+        recurringContract: 'DEFAULT',
+        skinCode: 'sk1nC0de'
+    end
+  end
+end