adyen_jpiqueras 2.3.0

data/lib/adyen/api/xml_querier.rb

@@ -0,0 +1,137 @@
+module Adyen
+  module API
+    # A simple wrapper around the raw response body returned by Adyen. It abstracts away the
+    # differences between REXML and Nokogiri, ensuring that this library will always work.
+    #
+    # At load time, it will first check if Nokogiri is available, otherwise REXML is used. This
+    # means that if you want to use Nokogiri and have it installed as a gem, you will have to make
+    # sure rubygems is loaded and the gem has been activated. Or assign the backend to use.
+    class XMLQuerier
+      # The namespaces used by Adyen.
+      NS = {
+        'soap'      => 'http://schemas.xmlsoap.org/soap/envelope/',
+        'payment'   => 'http://payment.services.adyen.com',
+        'recurring' => 'http://recurring.services.adyen.com',
+        'common'    => 'http://common.services.adyen.com'
+      }
+
+      class NokogiriBackend
+        def initialize
+          require 'nokogiri'
+        end
+
+        def document_for_html(html)
+          Nokogiri::HTML::Document.parse(html, nil, 'UTF-8')
+        end
+
+        def document_for_xml(xml)
+          Nokogiri::XML::Document.parse(xml)
+        end
+
+        def perform_xpath(query, root_node)
+          root_node.xpath(query, NS)
+        end
+
+        def stringify_nodeset(nodeset)
+          nodeset.to_xml(encoding: 'UTF-8')
+        end
+      end
+
+      class REXMLBackend
+        def initialize
+          require 'rexml/document'
+        end
+
+        def document_for_html(html)
+          REXML::Document.new(html)
+        end
+
+        def document_for_xml(xml)
+          REXML::Document.new(xml)
+        end
+
+        def perform_xpath(query, root_node)
+          REXML::XPath.match(root_node, query, NS)          
+        end
+
+        def stringify_nodeset(nodeset)
+          nodeset.map { |n| n.to_s }.join("")
+        end
+      end
+
+      # @return A backend to handle XML parsing.
+      def self.default_backend
+        @default_backend ||= begin
+          NokogiriBackend.new
+        rescue LoadError
+          REXMLBackend.new
+        end
+      end
+
+      # Creates an XML querier for an XML document
+      def self.xml(data, backend = nil)
+        backend ||= default_backend
+        self.new(backend.document_for_xml(string_from(data)), backend)
+      end
+
+      # Creates an XML querier for an HTML document
+      def self.html(data, backend = nil)
+        backend ||= default_backend
+        self.new(backend.document_for_html(string_from(data)), backend)
+      end
+
+      def self.string_from(data)
+        if data.is_a?(String)
+          data
+        elsif data.responds_to?(:body)
+          data.body.to_s
+        else 
+          data.to_s
+        end
+      end
+
+      attr_reader :backend
+
+      # @param [Nokogiri::XML::NodeSet] data The XML data to wrap.
+      def initialize(node, backend)
+        @node, @backend = node, backend
+      end
+
+      # @param [String] query The xpath query to perform.
+      # @yield [XMLQuerier] A new XMLQuerier scoped to the given +query+.
+      # @return [XMLQuerier] A new XMLQuerier scoped to the given +query+. Or, if a block is given,
+      #                      the result of calling the block.
+      def xpath(query)
+        result = self.class.new(backend.perform_xpath(query, @node), backend)
+        block_given? ? yield(result) : result
+      end
+
+      # @param [String] query The xpath query to perform.
+      # @return [String] The contents of the text node indicated by the given +query+.
+      def text(query)
+        xpath("#{query}/text()").to_s.strip
+      end
+
+      # @return [Array, Nokogiri::XML::NodeSet] The children of this node.
+      def children
+        @node.first.children
+      end
+
+      # @return [Boolean] Returns whether or not this node is empty.
+      def empty?
+        @node.empty?
+      end
+
+      # @return [String] A string representation of this node.
+      def to_s
+        backend.stringify_nodeset(@node)
+      end
+
+      # @yield [XMLQuerier] A member of this node set, ready to be queried.
+      # @return [Array] The list of nodes wrapped in XMLQuerier instances.
+      def map(&block)
+        @node.map { |n| self.class.new(n, backend) }.map(&block)
+      end
+    end
+  end
+end

data/lib/adyen/base.rb

@@ -0,0 +1,17 @@
+module Adyen
+
+  # Basic exception class for Adyen
+  class Error < ::StandardError
+  end
+
+  # @return [Configuration] The configuration singleton.
+  def self.configuration
+    @configuration ||= Adyen::Configuration.new
+  end
+
+  def self.configuration=(configuration)
+    @configuration = configuration
+  end
+end
+
+require 'adyen/configuration'

data/lib/adyen/configuration.rb

@@ -0,0 +1,179 @@
+class Adyen::Configuration
+
+  def initialize
+    @default_api_params  = {}
+    @default_form_params = {}
+    @form_skins          = {}
+    @payment_flow        = :select
+    @environment         = nil
+  end
+
+  # The Rails environment for which to use to Adyen "live" environment.
+  LIVE_RAILS_ENVIRONMENTS = ['production']
+
+  # Setter voor the current Adyen environment.
+  # @param ['test', 'live'] env The Adyen environment to use
+  def environment=(env)
+    @environment = env
+  end
+
+  # Returns the current Adyen environment, either test or live.
+  #
+  # It will return the +override+ value if set, it will return the value set
+  # using Adyen.configuration.environment= otherwise. If this value also isn't set, the
+  # environment is determined with autodetect_environment.
+  #
+  # @param ['test', 'live'] override An environment to override the default with.
+  # @return ['test', 'live'] The Adyen environment that is currently being used.
+  def environment(override = nil)
+    override || @environment || autodetect_environment
+  end
+
+  # Autodetects the Adyen environment based on the RAILS_ENV constant.
+  # @return ['test', 'live'] The Adyen environment that corresponds to the Rails environment
+  def autodetect_environment
+    rails_env = if defined?(::Rails) && ::Rails.respond_to?(:env)
+      ::Rails.env.to_s
+    elsif defined?(::RAILS_ENV)
+      ::RAILS_ENV.to_s
+    end
+
+    LIVE_RAILS_ENVIRONMENTS.include?(rails_env) ? 'live' : 'test'
+  end
+
+  # The payment flow page type that’s used to choose the payment process
+  #
+  # @example
+  #   Adyen.configuration.payment_flow = :select
+  #   Adyen.configuration.payment_flow = :pay
+  #   Adyen.configuration.payment_flow = :details
+  #
+  # @return [String]
+  attr_accessor :payment_flow
+
+  # The payment flow domain that’s used to choose the payment process
+  #
+  # @example
+  #   Adyen.configuration.payment_flow_domain = checkout.mydomain.com
+  #
+  # @return [String]
+  attr_accessor :payment_flow_domain
+
+  # The username that’s used to authenticate for the Adyen SOAP services. It should look
+  # something like ‘+ws@AndyInc.SuperShop+’
+  #
+  # @return [String]
+  attr_accessor :api_username
+
+  # The password that’s used to authenticate for the Adyen SOAP services. You can configure it
+  # in the user management tool of the merchant area.
+  #
+  # @return [String]
+  attr_accessor :api_password
+
+  # Default arguments that will be used for every API call. You can override these default
+  # values by passing a diffferent value to the service class’s constructor.
+  #
+  # @example
+  #   Adyen.configuration.default_api_params[:merchant_account] = 'SuperShop'
+  #
+  # @return [Hash]
+  attr_accessor :default_api_params
+
+  # The client-side encryption public key that is used to encrypt payment forms. 
+  # You can find the key on the webservice user page in the Adyen settings.
+  #
+  # @return [String]
+  attr_accessor :cse_public_key
+
+  # Default arguments that will be used in every HTML form.
+  #
+  # @example
+  #   Adyen.configuration.default_form_params[:merchant_account] = 'SuperShop'
+  #
+  # @return [Hash]
+  attr_accessor :default_form_params
+
+  # Name of the default skin for HPP requests.
+  #
+  # @return [String]
+  attr_accessor :default_skin
+
+  # Username that's set in Notification settings screen in Adyen PSP system and used by notification service to
+  # authenticate instant payment notification requests.
+  #
+  # @return [String]
+  attr_accessor :ipn_username
+
+  # Password used to authenticate notification requests together with '+ipn_username+' configuration attribute.
+  #
+  # @return [String]
+  attr_accessor :ipn_password
+
+  ######################################################
+  # SKINS
+  ######################################################
+
+  # Returns all registered skins and their accompanying skin code and shared secret.
+  #
+  # @return [Hash] The hash of registered skins.
+  attr_reader :form_skins
+
+  # Sets the registered skins.
+  #
+  # @param [Hash<Symbol, Hash>] hash A hash with the skin name as key and the skin parameter hash
+  #    (which should include +:skin_code+ and +:shared_secret+) as value.
+  #
+  # @see Adyen::Configuration.register_form_skin
+  def form_skins=(hash)
+    @form_skins = hash.inject({}) do |skins, (name, skin)|
+      skins[name.to_sym] = skin.merge(:name => name.to_sym)
+      skins
+    end
+  end
+
+  # Registers a skin for later use.
+  #
+  # You can store a skin using a self defined symbol. Once the skin is registered,
+  # you can refer to it using this symbol instead of the hard-to-remember skin code.
+  # Moreover, the skin's shared_secret will be looked up automatically for calculting
+  # signatures.
+  #
+  # @example
+  #   Adyen::Configuration.register_form_skin(:my_skin, 'dsfH67PO', 'Dfs*7uUln9')
+  #
+  # @param [Symbol] name The name of the skin.
+  # @param [String] skin_code The skin code for this skin, as defined by Adyen.
+  # @param [String] shared_secret The shared secret used for signature calculation.
+  def register_form_skin(name, skin_code, shared_secret, default_form_params = {})
+    @form_skins[name.to_sym] = { :name => name.to_sym, :skin_code => skin_code, :shared_secret => shared_secret, :default_form_params => default_form_params}
+  end
+
+  # Returns a skin information by name.
+  #
+  # @param [Symbol] skin_name The name of the skin
+  # @return [Hash, nil] A hash with the skin information, or nil if not found.
+  def form_skin_by_name(skin_name)
+    @form_skins[skin_name.to_sym]
+  end
+
+  # Returns skin information by skin code.
+  #
+  # @param [String] skin_code The code of the skin.
+  #
+  # @return [Hash, nil] A hash with the skin information, or nil if not found.
+  def form_skin_by_code(skin_code)
+    @form_skins.values.find { |skin| skin[:skin_code] == skin_code }
+  end
+
+  # Returns the shared secret belonging to a skin.
+  #
+  # @param [String] skin_code The skin code of the skin
+  #
+  # @return [String, nil] The shared secret for the skin, or nil if not found.
+  def form_skin_shared_secret_by_code(skin_code)
+    if skin = form_skin_by_code(skin_code)
+      skin[:shared_secret]
+    end
+  end
+end

data/lib/adyen/form.rb

@@ -0,0 +1,419 @@
+require 'cgi'
+require 'adyen/base'
+require 'adyen/util'
+
+module Adyen
+
+  # The Adyen::Form module contains all functionality that is used to send payment requests
+  # to the Adyen payment system, using either a HTML form (see {Adyen::Form.hidden_fields})
+  # or a HTTP redirect (see {Adyen::Form.redirect_url}).
+  #
+  # Moreover, this module contains the method {Adyen::Form.redirect_signature_check} to
+  # check the request, that is made to your website after the visitor has made his payment
+  # on the Adyen system, for genuinity.
+  #
+  # You can use different skins in Adyen to define different payment environments. You can
+  # register these skins under a custom name in the module. The other methods will automatically
+  # use this information (i.e. the skin code and the shared secret) if it is available.
+  # Otherwise, you have to provide it yourself for every method call you make. See
+  # {Adyen::Configuration#register_form_skin} for more information.
+  #
+  # @see Adyen::Configuration#register_form_skin
+  # @see Adyen::Form.hidden_fields
+  # @see Adyen::Form.redirect_url
+  # @see Adyen::Form.redirect_signature_check
+  module Form
+    extend self
+
+    ######################################################
+    # ADYEN FORM URL
+    ######################################################
+
+    # The DOMAIN of the Adyen payment system that still requires the current
+    # Adyen enviroment.
+    ACTION_DOMAIN = "%s.adyen.com"
+
+    # The URL of the Adyen payment system that still requires the current
+    # domain and payment flow to be filled.
+    ACTION_URL = "https://%s/hpp/%s.shtml"
+
+    # Returns the DOMAIN of the Adyen payment system, adjusted for an Adyen environment.
+    #
+    # @param [String] environment The Adyen environment to use. This parameter can be
+    #    left out, in which case the 'current' environment will be used.
+    # @return [String] The domain of the Adyen payment system that can be used
+    #    for payment forms or redirects.
+    # @see Adyen::Form.environment
+    # @see Adyen::Form.redirect_url
+    def domain(environment = nil)
+      environment  ||= Adyen.configuration.environment
+      (Adyen.configuration.payment_flow_domain || ACTION_DOMAIN) % [environment.to_s]
+    end
+
+    # Returns the URL of the Adyen payment system, adjusted for an Adyen environment.
+    #
+    # @param [String] environment The Adyen environment to use. This parameter can be
+    #    left out, in which case the 'current' environment will be used.
+    # @param [String] payment_flow The Adyen payment type to use. This parameter can be
+    #    left out, in which case the default payment type will be used.
+    # @return [String] The absolute URL of the Adyen payment system that can be used
+    #    for payment forms or redirects.
+    # @see Adyen::Form.environment
+    # @see Adyen::Form.domain
+    # @see Adyen::Form.redirect_url
+    def url(environment = nil, payment_flow = nil)
+      payment_flow ||= Adyen.configuration.payment_flow
+      Adyen::Form::ACTION_URL % [domain(environment), payment_flow.to_s]
+    end
+
+    ######################################################
+    # POSTING/REDIRECTING TO ADYEN
+    ######################################################
+
+    # Transforms the payment parameters hash to be in the correct format. It will also
+    # include the Adyen::Configuration#default_form_params hash. Finally, switches the
+    # +:skin+ parameter out for the +:skin_code+ and +:shared_secret+  parameter using
+    # the list of registered skins.
+    #
+    # @private
+    # @param [Hash] parameters The payment parameters hash to transform
+    def do_parameter_transformations!(parameters = {})
+      parameters.replace(Adyen.configuration.default_form_params.merge(parameters))
+
+      if parameters[:skin]
+        skin = Adyen.configuration.form_skin_by_name(parameters.delete(:skin))
+        parameters[:skin_code]     ||= skin[:skin_code]
+        parameters[:shared_secret] ||= skin[:shared_secret]
+        parameters.merge!(skin[:default_form_params])
+      end
+
+      parameters[:recurring_contract] = 'RECURRING' if parameters.delete(:recurring) == true
+      parameters[:order_data]         = Adyen::Util.gzip_base64(parameters.delete(:order_data_raw)) if parameters[:order_data_raw]
+      parameters[:ship_before_date]   = Adyen::Util.format_date(parameters[:ship_before_date])
+      parameters[:session_validity]   = Adyen::Util.format_timestamp(parameters[:session_validity])
+    end
+
+    # Transforms the payment parameters to be in the correct format and calculates the merchant
+    # signature parameter. It also does some basic health checks on the parameters hash.
+    #
+    # @param [Hash] parameters The payment parameters. The parameters set in the
+    #    {Adyen::Configuration#default_form_params} hash will be included automatically.
+    # @param [String] shared_secret The shared secret that should be used to calculate
+    #    the payment request signature. This parameter can be left if the skin that is
+    #    used is registered (see {Adyen::Configuration#register_form_skin}), or if the
+    #    shared secret is provided as the +:shared_secret+ parameter.
+    # @return [Hash] The payment parameters with the +:merchant_signature+ parameter set.
+    # @raise [ArgumentError] Thrown if some parameter health check fails.
+    def payment_parameters(parameters = {}, shared_secret = nil)
+      raise ArgumentError, "Cannot generate form: parameters should be a hash!" unless parameters.is_a?(Hash)
+      do_parameter_transformations!(parameters)
+
+      raise ArgumentError, "Cannot generate form: :currency code attribute not found!"         unless parameters[:currency_code]
+      raise ArgumentError, "Cannot generate form: :payment_amount code attribute not found!"   unless parameters[:payment_amount]
+      raise ArgumentError, "Cannot generate form: :merchant_account attribute not found!"      unless parameters[:merchant_account]
+      raise ArgumentError, "Cannot generate form: :skin_code attribute not found!"             unless parameters[:skin_code]
+
+      # Calculate the merchant signature using the shared secret.
+      shared_secret ||= parameters.delete(:shared_secret)
+      raise ArgumentError, "Cannot calculate payment request signature without shared secret!" unless shared_secret
+      parameters[:merchant_sig] = calculate_signature(parameters, shared_secret)
+
+      if parameters[:billing_address]
+        parameters[:billing_address_sig] = calculate_billing_address_signature(parameters, shared_secret)
+      end
+
+      if parameters[:delivery_address]
+        parameters[:delivery_address_sig] = calculate_delivery_address_signature(parameters, shared_secret)
+      end
+
+      if parameters[:shopper]
+        parameters[:shopper_sig] = calculate_shopper_signature(parameters, shared_secret)
+      end
+
+      if parameters[:openinvoicedata]
+        parameters[:openinvoicedata][:sig] = calculate_open_invoice_signature(parameters, shared_secret)
+      end
+
+      return parameters
+    end
+
+    # Transforms and flattens payment parameters to be in the correct format which is understood and accepted by adyen
+    #
+    # @param [Hash] parameters The payment parameters. The parameters set in the
+    #    {Adyen::Configuration#default_form_params} hash will be included automatically.
+    # @return [Hash] The payment parameters flatten, with camelized and prefixed key, stringified value
+    def flat_payment_parameters(parameters = {})
+      Adyen::Util.flatten(payment_parameters(parameters))
+    end
+
+    # Returns an absolute URL to the Adyen payment system, with the payment parameters included
+    # as GET parameters in the URL. The URL also depends on the current Adyen enviroment.
+    #
+    # The payment parameters that are provided to this method will be merged with the
+    # {Adyen::Configuration#default_form_params} hash. The default parameter values will be
+    # overrided if another value is provided to this method.
+    #
+    # You do not have to provide the +:merchant_sig+ parameter: it will be calculated automatically
+    # if you provide either a registered skin name as the +:skin+ parameter or provide both the
+    # +:skin_code+ and +:shared_secret+ parameters.
+    #
+    # Note that Internet Explorer has a maximum length for URLs it can handle (2083 characters).
+    # Make sure that the URL is not longer than this limit if you want your site to work in IE.
+    #
+    # @example
+    #
+    #    def pay
+    #      # Genarate a URL to redirect to Adyen's payment system.
+    #      adyen_url = Adyen::Form.redirect_url(:skin => :my_skin, :currency_code => 'USD',
+    #            :payment_amount => 1000, merchant_account => 'MyMerchant', ... )
+    #
+    #      respond_to do |format|
+    #        format.html { redirect_to(adyen_url) }
+    #      end
+    #    end
+    #
+    # @param [Hash] parameters The payment parameters to include in the payment request.
+    # @return [String] An absolute URL to redirect to the Adyen payment system.
+    def redirect_url(parameters = {})
+      url + '?' + flat_payment_parameters(parameters).map { |(k, v)|
+        "#{k}=#{CGI.escape(v)}"
+      }.join('&')
+    end
+
+    # @see Adyen::Form.redirect_url
+    #
+    # Returns an absolute URL very similar to the one returned by Adyen::Form.redirect_url
+    # except that it uses the directory.shtml call which returns a list of all available
+    # payment methods
+    #
+    # @param [Hash] parameters The payment parameters to include in the payment request.
+    # @return [String] An absolute URL to redirect to the Adyen payment system.
+    def payment_methods_url(parameters = {})
+      url(nil, :directory) + '?' + flat_payment_parameters(parameters).map { |(k, v)|
+        "#{k}=#{CGI.escape(v)}"
+      }.join('&')
+    end
+
+    # Returns a HTML snippet of hidden INPUT tags with the provided payment parameters.
+    # The snippet can be included in a payment form that POSTs to the Adyen payment system.
+    #
+    # The payment parameters that are provided to this method will be merged with the
+    # {Adyen::Configuration#default_form_params} hash. The default parameter values will be
+    # overrided if another value is provided to this method.
+    #
+    # You do not have to provide the +:merchant_sig+ parameter: it will be calculated automatically
+    # if you provide either a registered skin name as the +:skin+ parameter or provide both the
+    # +:skin_code+ and +:shared_secret+ parameters.
+    #
+    # @example
+    #    <% form_tag(Adyen::Form.url) do %>
+    #      <%= Adyen::Form.hidden_fields(:skin => :my_skin, :currency_code => 'USD',
+    #            :payment_amount => 1000, ...) %>
+    #      <%= submit_tag("Pay invoice")
+    #    <% end %>
+    #
+    # @param [Hash] parameters The payment parameters to include in the payment request.
+    # @return [String] An HTML snippet that can be included in a form that POSTs to the
+    #       Adyen payment system.
+    def hidden_fields(parameters = {})
+
+      # Generate a hidden input tag per parameter, join them by newlines.
+      form_str = flat_payment_parameters(parameters).map { |key, value|
+        "<input type=\"hidden\" name=\"#{CGI.escapeHTML(key)}\" value=\"#{CGI.escapeHTML(value)}\" />"
+      }.join("\n")
+
+      form_str.respond_to?(:html_safe) ? form_str.html_safe : form_str
+    end
+
+    ######################################################
+    # MERCHANT SIGNATURE CALCULATION
+    ######################################################
+
+    # Generates the string that is used to calculate the request signature. This signature
+    # is used by Adyen to check whether the request is genuinely originating from you.
+    # @param [Hash] parameters The parameters that will be included in the payment request.
+    # @return [String] The string for which the siganture is calculated.
+    def calculate_signature_string(parameters)
+      merchant_sig_string = ""
+      merchant_sig_string << parameters[:payment_amount].to_s       << parameters[:currency_code].to_s         <<
+                             parameters[:ship_before_date].to_s     << parameters[:merchant_reference].to_s    <<
+                             parameters[:skin_code].to_s            << parameters[:merchant_account].to_s      <<
+                             parameters[:session_validity].to_s     << parameters[:shopper_email].to_s         <<
+                             parameters[:shopper_reference].to_s    << parameters[:recurring_contract].to_s    <<
+                             parameters[:allowed_methods].to_s      << parameters[:blocked_methods].to_s       <<
+                             parameters[:shopper_statement].to_s    << parameters[:merchant_return_data].to_s  <<
+                             parameters[:billing_address_type].to_s << parameters[:delivery_address_type].to_s <<
+                             parameters[:shopper_type].to_s         << parameters[:offset].to_s
+    end
+
+    # Calculates the payment request signature for the given payment parameters.
+    #
+    # This signature is used by Adyen to check whether the request is
+    # genuinely originating from you. The resulting signature should be
+    # included in the payment request parameters as the +merchantSig+
+    # parameter; the shared secret should of course not be included.
+    #
+    # @param [Hash] parameters The payment parameters for which to calculate
+    #    the payment request signature.
+    # @param [String] shared_secret The shared secret to use for this signature.
+    #    It should correspond with the skin_code parameter. This parameter can be
+    #    left out if the shared_secret is included as key in the parameters.
+    # @return [String] The signature of the payment request
+    # @raise [ArgumentError] Thrown if shared_secret is empty
+    def calculate_signature(parameters, shared_secret = nil)
+      shared_secret ||= parameters.delete(:shared_secret)
+      raise ArgumentError, "Cannot calculate payment request signature with empty shared_secret" if shared_secret.to_s.empty?
+      Adyen::Util.hmac_base64(shared_secret, calculate_signature_string(parameters))
+    end
+
+    # Generates the string that is used to calculate the request signature. This signature
+    # is used by Adyen to check whether the request is genuinely originating from you.
+    # @param [Hash] parameters The parameters that will be included in the billing address request.
+    # @return [String] The string for which the siganture is calculated.
+    def calculate_billing_address_signature_string(parameters)
+      %w(street house_number_or_name city postal_code state_or_province country).map do |key|
+        parameters[key.to_sym]
+      end.join
+    end
+
+    # Generates the string that is used to calculate the request signature. This signature
+    # is used by Adyen to check whether the request is genuinely originating from you.
+    # @param [Hash] parameters The parameters that will be included in the delivery address request.
+    # @return [String] The string for which the siganture is calculated.
+    def calculate_delivery_address_signature_string(parameters)
+      %w(street house_number_or_name city postal_code state_or_province country).map do |key|
+        parameters[key.to_sym]
+      end.join
+    end
+
+    # Calculates the billing address request signature for the given billing address parameters.
+    #
+    # This signature is used by Adyen to check whether the request is
+    # genuinely originating from you. The resulting signature should be
+    # included in the billing address request parameters as the +billingAddressSig+
+    # parameter; the shared secret should of course not be included.
+    #
+    # @param [Hash] parameters The billing address parameters for which to calculate
+    #    the billing address request signature.
+    # @param [String] shared_secret The shared secret to use for this signature.
+    #    It should correspond with the skin_code parameter. This parameter can be
+    #    left out if the shared_secret is included as key in the parameters.
+    # @return [String] The signature of the billing address request
+    # @raise [ArgumentError] Thrown if shared_secret is empty
+    def calculate_billing_address_signature(parameters, shared_secret = nil)
+      shared_secret ||= parameters.delete(:shared_secret)
+      raise ArgumentError, "Cannot calculate billing address request signature with empty shared_secret" if shared_secret.to_s.empty?
+      Adyen::Util.hmac_base64(shared_secret, calculate_billing_address_signature_string(parameters[:billing_address]))
+    end
+
+    # Calculates the delivery address request signature for the given delivery address parameters.
+    #
+    # This signature is used by Adyen to check whether the request is
+    # genuinely originating from you. The resulting signature should be
+    # included in the delivery address request parameters as the +deliveryAddressSig+
+    # parameter; the shared secret should of course not be included.
+    #
+    # @param [Hash] parameters The delivery address parameters for which to calculate
+    #    the delivery address request signature.
+    # @param [String] shared_secret The shared secret to use for this signature.
+    #    It should correspond with the skin_code parameter. This parameter can be
+    #    left out if the shared_secret is included as key in the parameters.
+    # @return [String] The signature of the delivery address request
+    # @raise [ArgumentError] Thrown if shared_secret is empty
+    def calculate_delivery_address_signature(parameters, shared_secret = nil)
+      shared_secret ||= parameters.delete(:shared_secret)
+      raise ArgumentError, "Cannot calculate delivery address request signature with empty shared_secret" if shared_secret.to_s.empty?
+      Adyen::Util.hmac_base64(shared_secret, calculate_delivery_address_signature_string(parameters[:delivery_address]))
+    end
+
+    # shopperSig: shopper.firstName + shopper.infix + shopper.lastName + shopper.gender + shopper.dateOfBirthDayOfMonth + shopper.dateOfBirthMonth + shopper.dateOfBirthYear + shopper.telephoneNumber
+    # (Note that you can send only shopper.firstName and shopper.lastName if you like. Do NOT include shopperSocialSecurityNumber in the shopperSig!)
+    def calculate_shopper_signature_string(parameters)
+      %w(first_name infix last_name gender date_of_birth_day_of_month date_of_birth_month date_of_birth_year telephone_number).map do |key|
+        parameters[key.to_sym]
+      end.join
+    end
+
+    def calculate_shopper_signature(parameters, shared_secret = nil)
+      shared_secret ||= parameters.delete(:shared_secret)
+      raise ArgumentError, "Cannot calculate shopper request signature with empty shared_secret" if shared_secret.to_s.empty?
+      Adyen::Util.hmac_base64(shared_secret, calculate_shopper_signature_string(parameters[:shopper]))
+    end
+
+    def calculate_open_invoice_signature_string(merchant_sig, parameters)
+      flattened = Adyen::Util.flatten(:merchant_sig => merchant_sig, :openinvoicedata => parameters)
+      pairs = flattened.to_a.sort
+      pairs.transpose.map { |it| it.join(':') }.join('|')
+    end
+
+    def calculate_open_invoice_signature(parameters, shared_secret = nil)
+      shared_secret ||= parameters.delete(:shared_secret)
+      raise ArgumentError, "Cannot calculate open invoice request signature with empty shared_secret" if shared_secret.to_s.empty?
+      merchant_sig = calculate_signature(parameters, shared_secret)
+      Adyen::Util.hmac_base64(shared_secret, calculate_open_invoice_signature_string(merchant_sig, parameters[:openinvoicedata]))
+    end
+
+    ######################################################
+    # REDIRECT SIGNATURE CHECKING
+    ######################################################
+
+    # Generates the string for which the redirect signature is calculated, using the request paramaters.
+    # @param [Hash] params A hash of HTTP GET parameters for the redirect request.
+    # @return [String] The signature string.
+    def redirect_signature_string(params)
+      params['authResult'].to_s + params['pspReference'].to_s + params['merchantReference'].to_s +
+        params['skinCode'].to_s + params['merchantReturnData'].to_s
+    end
+
+    # Computes the redirect signature using the request parameters, so that the
+    # redirect can be checked for forgery.
+    #
+    # @param [Hash] params A hash of HTTP GET parameters for the redirect request.
+    # @param [String] shared_secret The shared secret for the Adyen skin that was used for
+    #     the original payment form. You can leave this out of the skin is registered
+    #     using the {Adyen::Form.register_skin} method.
+    # @return [String] The redirect signature
+    # @raise [ArgumentError] Thrown if shared_secret is empty
+    def redirect_signature(params, shared_secret = nil)
+      shared_secret ||= Adyen.configuration.form_skin_shared_secret_by_code(params['skinCode'])
+      raise ArgumentError, "Cannot compute redirect signature with empty shared_secret" if shared_secret.to_s.empty?
+      Adyen::Util.hmac_base64(shared_secret, redirect_signature_string(params))
+    end
+
+    # Checks the redirect signature for this request by calcultating the signature from
+    # the provided parameters, and comparing it to the signature provided in the +merchantSig+
+    # parameter.
+    #
+    # If this method returns false, the request could be a forgery and should not be handled.
+    # Therefore, you should include this check in a +before_filter+, and raise an error of the
+    # signature check fails.
+    #
+    # @example
+    #   class PaymentsController < ApplicationController
+    #     before_filter :check_signature, :only => [:return_from_adyen]
+    #
+    #     def return_from_adyen
+    #       @invoice = Invoice.find(params[:merchantReference])
+    #       @invoice.set_paid! if params[:authResult] == 'AUTHORISED'
+    #     end
+    #
+    #     private
+    #
+    #     def check_signature
+    #       raise "Forgery!" unless Adyen::Form.redirect_signature_check(params)
+    #     end
+    #   end
+    #
+    # @param [Hash] params params A hash of HTTP GET parameters for the redirect request. This
+    #      should include the +:merchantSig+ parameter, which contains the signature.
+    # @param [String] shared_secret The shared secret for the Adyen skin that was used for
+    #     the original payment form. You can leave this out of the skin is registered
+    #     using the {Adyen::Configuration#register_form_skin} method.
+    # @return [true, false] Returns true only if the signature in the parameters is correct.
+    def redirect_signature_check(params, shared_secret = nil)
+      raise ArgumentError, "params should be a Hash" unless params.is_a?(Hash)
+      raise ArgumentError, "params should contain :merchantSig" unless params.key?('merchantSig')
+      params['merchantSig'] == redirect_signature(params, shared_secret)
+    end
+  end
+end