aktivemerchant 2.0.0

data/lib/active_merchant/billing/gateways/ideal/ideal_base.rb

@@ -0,0 +1,246 @@
+require File.dirname(__FILE__) + '/ideal_response'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # Implementation contains some simplifications
+    # - does not support multiple subID per merchant
+    # - language is fixed to 'nl'
+    class IdealBaseGateway < Gateway
+      class_attribute :server_pem, :pem_password, :default_expiration_period
+      self.default_expiration_period = 'PT10M'
+      self.default_currency = 'EUR'
+      self.pem_password = true
+
+      self.abstract_class = true
+
+      # These constants will never change for most users
+      AUTHENTICATION_TYPE = 'SHA1_RSA'
+      LANGUAGE = 'nl'
+      SUB_ID = '0'
+      API_VERSION = '1.1.0'
+
+      def initialize(options = {})
+        requires!(options, :login, :password, :pem)
+
+        options[:pem_password] = options[:password]
+        super
+      end
+
+      # Setup transaction. Get redirect_url from response.service_url
+      def setup_purchase(money, options = {})
+        requires!(options, :issuer_id, :return_url, :order_id, :currency, :description, :entrance_code)
+
+        commit(build_transaction_request(money, options))
+      end
+
+      # Check status of transaction and confirm payment
+      # transaction_id must be a valid transaction_id from a prior setup.
+      def capture(transaction, options = {})
+        options[:transaction_id] = transaction
+        commit(build_status_request(options))
+      end
+
+      # Get list of issuers from response.issuer_list
+      def issuers
+        commit(build_directory_request)
+      end
+
+      private
+
+      def url
+        (test? ? test_url : live_url)
+      end
+
+      def token
+        @token ||= create_fingerprint(@options[:pem])
+      end
+
+      # <?xml version="1.0" encoding="UTF-8"?>
+      # <AcquirerTrxReq xmlns="http://www.idealdesk.com/Message" version="1.1.0">
+      #  <createDateTimeStamp>2001-12-17T09:30:47.0Z</createDateTimeStamp>
+      #  <Issuer>
+      #   <issuerID>1003</issuerID>
+      #  </Issuer>
+      #   <Merchant>
+      #     <merchantID>000123456</merchantID>
+      #     <subID>0</subID>
+      #     <authentication>passkey</authentication>
+      #     <token>1</token>
+      #     <tokenCode>3823ad872eff23</tokenCode>
+      #     <merchantReturnURL>https://www.mijnwinkel.nl/betaalafhandeling
+      #      </merchantReturnURL>
+      #   </Merchant>
+      #   <Transaction>
+      #     <purchaseID>iDEAL-aankoop 21</purchaseID>
+      #     <amount>5999</amount>
+      #     <currency>EUR</currency>
+      #     <expirationPeriod>PT3M30S</expirationPeriod>
+      #     <language>nl</language>
+      #     <description>Documentensuite</description>
+      #     <entranceCode>D67tyx6rw9IhY71</entranceCode>
+      #   </Transaction>
+      # </AcquirerTrxReq>
+      def build_transaction_request(money, options)
+        date_time_stamp = create_time_stamp
+        message  = date_time_stamp +
+                   options[:issuer_id] +
+                   @options[:login] +
+                   SUB_ID +
+                   options[:return_url] +
+                   options[:order_id] +
+                   money.to_s +
+                   (options[:currency] || currency(money)) +
+                   LANGUAGE +
+                   options[:description] +
+                   options[:entrance_code]
+        token_code = sign_message(@options[:pem], @options[:password], message)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!
+        xml.tag! 'AcquirerTrxReq', 'xmlns' => 'http://www.idealdesk.com/Message', 'version' => API_VERSION do
+          xml.tag! 'createDateTimeStamp', date_time_stamp
+          xml.tag! 'Issuer' do
+            xml.tag! 'issuerID', options[:issuer_id]
+          end
+          xml.tag! 'Merchant' do
+            xml.tag! 'merchantID', @options[:login]
+            xml.tag! 'subID', SUB_ID
+            xml.tag! 'authentication', AUTHENTICATION_TYPE
+            xml.tag! 'token', token
+            xml.tag! 'tokenCode', token_code
+            xml.tag! 'merchantReturnURL', options[:return_url]
+          end
+          xml.tag! 'Transaction' do
+            xml.tag! 'purchaseID', options[:order_id]
+            xml.tag! 'amount', money
+            xml.tag! 'currency', options[:currency]
+            xml.tag! 'expirationPeriod', options[:expiration_period] || default_expiration_period
+            xml.tag! 'language', LANGUAGE
+            xml.tag! 'description', options[:description]
+            xml.tag! 'entranceCode', options[:entrance_code]
+          end
+          xml.target!
+        end
+      end
+
+      # <?xml version="1.0" encoding="UTF-8"?>
+      # <AcquirerStatusReq xmlns="http://www.idealdesk.com/Message" version="1.1.0">
+      #  <createDateTimeStamp>2001-12-17T09:30:47.0Z</createDateTimeStamp>
+      #  <Merchant>
+      #   <merchantID>000123456</merchantID>
+      #   <subID>0</subID>
+      #   <authentication>keyed hash</authentication>
+      #   <token>1</token>
+      #   <tokenCode>3823ad872eff23</tokenCode>
+      #  </Merchant>
+      #  <Transaction>
+      #   <transactionID>0001023456789112</transactionID>
+      #  </Transaction>
+      # </AcquirerStatusReq>
+      def build_status_request(options)
+        datetimestamp = create_time_stamp
+        message = datetimestamp + @options[:login] + SUB_ID + options[:transaction_id]
+        tokenCode = sign_message(@options[:pem], @options[:password], message)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!
+        xml.tag! 'AcquirerStatusReq', 'xmlns' => 'http://www.idealdesk.com/Message', 'version' => API_VERSION do
+          xml.tag! 'createDateTimeStamp', datetimestamp
+          xml.tag! 'Merchant' do
+            xml.tag! 'merchantID', @options[:login]
+            xml.tag! 'subID', SUB_ID
+            xml.tag! 'authentication' , AUTHENTICATION_TYPE
+            xml.tag! 'token', token
+            xml.tag! 'tokenCode', tokenCode
+          end
+          xml.tag! 'Transaction' do
+            xml.tag! 'transactionID', options[:transaction_id]
+          end
+        end
+        xml.target!
+      end
+
+      # <?xml version="1.0" encoding="UTF-8"?>
+      # <DirectoryReq xmlns="http://www.idealdesk.com/Message" version="1.1.0">
+      #  <createDateTimeStamp>2001-12-17T09:30:47.0Z</createDateTimeStamp>
+      #  <Merchant>
+      #   <merchantID>000000001</merchantID>
+      #   <subID>0</subID>
+      #   <authentication>1</authentication>
+      #   <token>hashkey</token>
+      #   <tokenCode>WajqV1a3nDen0be2r196g9FGFF=</tokenCode>
+      #  </Merchant>
+      # </DirectoryReq>
+      def build_directory_request
+        datetimestamp = create_time_stamp
+        message = datetimestamp + @options[:login] + SUB_ID
+        tokenCode = sign_message(@options[:pem], @options[:password], message)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!
+        xml.tag! 'DirectoryReq', 'xmlns' => 'http://www.idealdesk.com/Message', 'version' => API_VERSION do
+          xml.tag! 'createDateTimeStamp', datetimestamp
+          xml.tag! 'Merchant' do
+            xml.tag! 'merchantID', @options[:login]
+            xml.tag! 'subID', SUB_ID
+            xml.tag! 'authentication', AUTHENTICATION_TYPE
+            xml.tag! 'token', token
+            xml.tag! 'tokenCode', tokenCode
+          end
+        end
+        xml.target!
+      end
+
+      def commit(request)
+        raw_response = ssl_post(url, request)
+        response = Hash.from_xml(raw_response.to_s)
+        response_type = response.keys[0]
+
+        case response_type
+          when 'AcquirerTrxRes', 'DirectoryRes'
+            success = true
+          when 'ErrorRes'
+            success = false
+          when 'AcquirerStatusRes'
+            raise SecurityError, "Message verification failed.", caller unless status_response_verified?(response)
+            success = (response['AcquirerStatusRes']['Transaction']['status'] == 'Success')
+          else
+            raise ArgumentError, "Unknown response type.", caller
+        end
+
+        return IdealResponse.new(success, response.keys[0], response, :test => test?)
+      end
+
+      def create_fingerprint(cert_file)
+        cert_data   = OpenSSL::X509::Certificate.new(cert_file).to_s
+        cert_data   = cert_data.sub(/-----BEGIN CERTIFICATE-----/, '')
+        cert_data   = cert_data.sub(/-----END CERTIFICATE-----/, '')
+        fingerprint = Base64.decode64(cert_data)
+        fingerprint = Digest::SHA1.hexdigest(fingerprint)
+        return fingerprint.upcase
+      end
+
+      def sign_message(private_key_data, password, data)
+        private_key  = OpenSSL::PKey::RSA.new(private_key_data, password)
+        signature = private_key.sign(OpenSSL::Digest::SHA1.new, data.gsub('\s', ''))
+        return Base64.encode64(signature).gsub(/\n/, '')
+      end
+
+      def verify_message(cert_file, data, signature)
+        public_key = OpenSSL::X509::Certificate.new(cert_file).public_key
+        return public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), data)
+      end
+
+      def status_response_verified?(response)
+        transaction = response['AcquirerStatusRes']['Transaction']
+        message = response['AcquirerStatusRes']['createDateTimeStamp'] + transaction['transactionID' ] + transaction['status']
+        message << transaction['consumerAccountNumber'].to_s
+        verify_message(server_pem, message, response['AcquirerStatusRes']['Signature']['signatureValue'])
+      end
+
+      def create_time_stamp
+        Time.now.gmtime.strftime('%Y-%m-%dT%H:%M:%S.000Z')
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/ideal/ideal_rabobank.pem

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICQDCCAakCBELvbPYwDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhl
+c3NlbjESMBAGA1UEBxMJRnJhbmtmdXJ0MQ4wDAYDVQQKEwVpREVBTDEOMAwGA1UECxMFaURFQUwx
+EzARBgNVBAMTCmlERUFMIFJhYm8wHhcNMDUwODAyMTI1NDE0WhcNMTUwNzMxMTI1NDE0WjBnMQsw
+CQYDVQQGEwJERTEPMA0GA1UECBMGSGVzc2VuMRIwEAYDVQQHEwlGcmFua2Z1cnQxDjAMBgNVBAoT
+BWlERUFMMQ4wDAYDVQQLEwVpREVBTDETMBEGA1UEAxMKaURFQUwgUmFibzCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA486iIKVhr8RNjxH+PZ3yTWx/8k2fqDFm8XU8I1Z5esRmPFnXmlgA8cG7
+e9AaBPaLoP7Dc8dRQoUO66KMakzGI/WAVdHIJiiKrz8xOcioIgrzPSqec7aqse3J28UraEHkGESJ
+7dAW7Pw/shrmpmkzKsunLt6AkXss4W3JUndZUN0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCGy/FK
+Lotp2ZOTtuLMgvDy74eicq/Znv4bLfpglzAPHycRHcHsXuer/lNHyvpKf2gdYe+IFalUW3OJZWIM
+jpm4UniJ16RPdgwWVRJEdPr/P7JXMIqD2IEOgujuuTQ7x0VgCf9XrsPsP9ZR5DIPcDDhbrpSE0yF
+Do77nwG61xMaGA==
+-----END CERTIFICATE-----

data/lib/active_merchant/billing/gateways/ideal/ideal_response.rb

@@ -0,0 +1,29 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class IdealResponse < Response
+
+      def issuer_list      
+        list = @params.values[0]['Directory']['Issuer']
+        case list
+          when Hash
+            return [list]
+          when Array
+            return list
+        end  
+      end
+      
+      def service_url
+        @params.values[0]['Issuer']['issuerAuthenticationURL']
+      end
+      
+      def transaction
+        @params.values[0]['Transaction']
+      end
+      
+      def error
+        @params.values[0]['Error']
+      end
+      
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/ideal_rabobank.rb

@@ -0,0 +1,66 @@
+require File.dirname(__FILE__) + '/ideal/ideal_base'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # First, make sure you have everything setup correctly and all of your dependencies in place with:
+    #
+    #    require 'rubygems'
+    #    require 'active_merchant'
+    #
+    # ActiveMerchant expects the amounts to be given as an Integer in cents. In this case, 10 EUR becomes 1000.
+    #
+    # Create certificates for authentication:
+    #
+    # The PEM file expected should contain both the certificate and the generated PEM file.
+    # Some sample shell commands to generate the certificates:
+    #
+    #    openssl genrsa -aes128 -out priv.pem -passout pass:[YOUR PASSWORD] 1024
+    #    openssl req -x509 -new -key priv.pem -passin pass:[YOUR PASSWORD] -days 3000 -out cert.cer
+    #    cat cert.cer priv.pem > ideal.pem
+    #
+    # Following the steps above, upload cert.cer to the ideal web interface and pass the path of ideal.pem to the :pem option.
+    #
+    # Configure the gateway using your iDEAL bank account info and security settings:
+    #
+    # Create gateway:
+    #    gateway = ActiveMerchant::Billing::IdealRabobankGateway.new(
+    #      :login    => '123456789', # 9 digit merchant number
+    #      :pem      => File.read(Rails.root + 'config/ideal.pem'),
+    #      :password => 'password' # password for the PEM key
+    #    )
+    #
+    # Get list of issuers to fill selection list on your payment form:
+    #    response = gateway.issuers
+    #    list = response.issuer_list
+    #
+    # Request transaction:
+    #
+    #    options = {
+    #       :issuer_id         => '0001',
+    #       :expiration_period => 'PT10M',
+    #       :return_url        => 'http://www.return.url',
+    #       :order_id          => '1234567890123456',
+    #       :currency          => 'EUR',
+    #       :description       => 'Een omschrijving',
+    #       :entrance_code     => '1234'
+    #    }
+    #
+    #    response = gateway.setup_purchase(amount, options)
+    #    transaction_id = response.transaction['transactionID']
+    #    redirect_url = response.service_url
+    #
+    # Mandatory status request will confirm transaction:
+    #    response = gateway.capture(transaction_id)
+    #
+    # Implementation contains some simplifications
+    # - does not support multiple subID per merchant
+    # - language is fixed to 'nl'
+    class IdealRabobankGateway < IdealBaseGateway
+      class_attribute :test_url, :live_url
+
+      self.test_url = 'https://idealtest.rabobank.nl/ideal/iDeal'
+      self.live_url = 'https://ideal.rabobank.nl/ideal/iDeal'
+      self.server_pem = File.read(File.dirname(__FILE__) + '/ideal/ideal_rabobank.pem')
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/inspire.rb

@@ -0,0 +1,213 @@
+require File.join(File.dirname(__FILE__), '..', 'check.rb')
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class InspireGateway < Gateway
+      self.live_url = self.test_url = 'https://secure.inspiregateway.net/api/transact.php'
+
+      self.supported_countries = ['US']
+      self.supported_cardtypes = [:visa, :master, :american_express]
+      self.homepage_url = 'http://www.inspiregateway.com'
+      self.display_name = 'Inspire Commerce'
+
+      # Creates a new InspireGateway
+      #
+      # The gateway requires that a valid login and password be passed
+      # in the +options+ hash.
+      #
+      # ==== Options
+      #
+      # * <tt>:login</tt> -- The Inspire Username.
+      # * <tt>:password</tt> -- The Inspire Passowrd.
+      # See the Inspire Integration Guide for details. (default: +false+)
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      # Pass :store => true in the options to store the
+      # payment info at Inspire Gateway and get a generated
+      # customer_vault_id in the response.
+      # Pass :store => some_number_or_string to specify the
+      # customer_vault_id InspireGateway should use (make sure it's
+      # unique).
+      def authorize(money, creditcard, options = {})
+        post = {}
+        add_invoice(post, options)
+        add_payment_source(post, creditcard,options)
+        add_address(post, creditcard, options)
+        add_customer_data(post, options)
+
+        commit('auth', money, post)
+      end
+
+      def purchase(money, payment_source, options = {})
+        post = {}
+        add_invoice(post, options)
+        add_payment_source(post, payment_source, options)
+        add_address(post, payment_source, options)
+        add_customer_data(post, options)
+
+        commit('sale', money, post)
+      end
+
+      def capture(money, authorization, options = {})
+        post ={}
+        post[:transactionid] = authorization
+        commit('capture', money, post)
+      end
+
+      def void(authorization, options = {})
+        post ={}
+        post[:transactionid] = authorization
+        commit('void', nil, post)
+      end
+
+      # Update the values (such as CC expiration) stored at
+      # InspireGateway.  The CC number must be supplied in the
+      # CreditCard object.
+      def update(vault_id, creditcard, options = {})
+        post = {}
+        post[:customer_vault] = "update_customer"
+        add_customer_vault_id(post, vault_id)
+        add_creditcard(post, creditcard, options)
+        add_address(post, creditcard, options)
+        add_customer_data(post, options)
+
+        commit(nil, nil, post)
+      end
+
+      def delete(vault_id)
+        post = {}
+        post[:customer_vault] = "delete_customer"
+        add_customer_vault_id(post, vault_id)
+        commit(nil, nil, post)
+      end
+
+      # To match the other stored-value gateways, like TrustCommerce,
+      # store and unstore need to be defined
+      def store(creditcard, options = {})
+        billing_id = options.delete(:billing_id).to_s || true
+        authorize(100, creditcard, options.merge(:store => billing_id))
+      end
+
+      alias_method :unstore, :delete
+
+      private
+      def add_customer_data(post, options)
+        if options.has_key? :email
+          post[:email] = options[:email]
+        end
+
+        if options.has_key? :ip
+          post[:ipaddress] = options[:ip]
+        end
+      end
+
+      def add_address(post, creditcard, options)
+        if address = options[:billing_address] || options[:address]
+          post[:address1]    = address[:address1].to_s
+          post[:address2]    = address[:address2].to_s unless address[:address2].blank?
+          post[:company]    = address[:company].to_s
+          post[:phone]      = address[:phone].to_s
+          post[:zip]        = address[:zip].to_s
+          post[:city]       = address[:city].to_s
+          post[:country]    = address[:country].to_s
+          post[:state]      = address[:state].blank?  ? 'n/a' : address[:state]
+        end
+      end
+
+      def add_invoice(post, options)
+        post[:orderid] = options[:order_id].to_s.gsub(/[^\w.]/, '')
+        post[:orderdescription] = options[:description]
+      end
+
+      def add_payment_source(params, source, options={})
+        case determine_funding_source(source)
+        when :vault       then add_customer_vault_id(params, source)
+        when :credit_card then add_creditcard(params, source, options)
+        when :check       then add_check(params, source)
+        end
+      end
+
+      def add_customer_vault_id(params,vault_id)
+        params[:customer_vault_id] = vault_id
+      end
+
+      def add_creditcard(post, creditcard,options)
+        if options[:store]
+          post[:customer_vault] = "add_customer"
+          post[:customer_vault_id] = options[:store] unless options[:store] == true
+        end
+        post[:ccnumber]  = creditcard.number
+        post[:cvv] = creditcard.verification_value if creditcard.verification_value?
+        post[:ccexp]  = expdate(creditcard)
+        post[:firstname] = creditcard.first_name
+        post[:lastname]  = creditcard.last_name
+      end
+
+      def add_check(post, check)
+        post[:payment] = 'check' # Set transaction to ACH
+        post[:checkname] = check.name # The name on the customer's Checking Account
+        post[:checkaba] = check.routing_number # The customer's bank routing number
+        post[:checkaccount] = check.account_number # The customer's account number
+        post[:account_holder_type] = check.account_holder_type # The customer's type of ACH account
+        post[:account_type] = check.account_type # The customer's type of ACH account
+      end
+
+      def parse(body)
+        results = {}
+        body.split(/&/).each do |pair|
+          key,val = pair.split(/=/)
+          results[key] = val
+        end
+
+        results
+      end
+
+      def commit(action, money, parameters)
+        parameters[:amount]  = amount(money) if money
+
+        response = parse( ssl_post(self.live_url, post_data(action,parameters)) )
+
+        Response.new(response["response"] == "1", message_from(response), response,
+          :authorization => response["transactionid"],
+          :test => test?,
+          :cvv_result => response["cvvresponse"],
+          :avs_result => { :code => response["avsresponse"] }
+        )
+
+      end
+
+      def message_from(response)
+        case response["responsetext"]
+        when "SUCCESS","Approved"
+          "This transaction has been approved"
+        when "DECLINE"
+          "This transaction has been declined"
+        else
+          response["responsetext"]
+        end
+      end
+
+      def post_data(action, parameters = {})
+        post = {}
+        post[:username]      = @options[:login]
+        post[:password]   = @options[:password]
+        post[:type]       = action if action
+
+        request = post.merge(parameters).map {|key,value| "#{key}=#{CGI.escape(value.to_s)}"}.join("&")
+        request
+      end
+
+      def determine_funding_source(source)
+        case
+        when source.is_a?(String) then :vault
+        when CreditCard.card_companies.keys.include?(card_brand(source)) then :credit_card
+        when card_brand(source) == 'check' then :check
+        else raise ArgumentError, "Unsupported funding source provided"
+        end
+      end
+    end
+  end
+end
+