archetype2142_activemerchant 1.124.0

data/lib/active_merchant/billing/gateways/worldpay_online_payments.rb

@@ -0,0 +1,208 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class WorldpayOnlinePaymentsGateway < Gateway
+      self.live_url = 'https://api.worldpay.com/v1/'
+
+      self.default_currency = 'GBP'
+
+      self.money_format = :cents
+
+      self.supported_countries = %w(HK US GB BE CH CZ DE DK ES FI FR GR HU IE IT LU MT NL NO PL PT SE SG TR)
+      self.supported_cardtypes = %i[visa master american_express discover jcb maestro]
+
+      self.homepage_url = 'http://online.worldpay.com'
+      self.display_name = 'Worldpay Online Payments'
+
+      def initialize(options = {})
+        requires!(options, :client_key, :service_key)
+        @client_key = options[:client_key]
+        @service_key = options[:service_key]
+        super
+      end
+
+      def authorize(money, credit_card, options = {})
+        response = create_token(true, credit_card.first_name + ' ' + credit_card.last_name, credit_card.month, credit_card.year, credit_card.number, credit_card.verification_value)
+        if response.success?
+          options[:authorizeOnly] = true
+          post = create_post_for_auth_or_purchase(response.authorization, money, options)
+          response = commit(:post, 'orders', post, {}, 'authorize')
+        end
+        response
+      end
+
+      def capture(money, authorization, options = {})
+        if authorization
+          commit(:post, "orders/#{CGI.escape(authorization)}/capture", { 'captureAmount' => money }, options, 'capture')
+        else
+          Response.new(false,
+            'FAILED',
+            'FAILED',
+            test: test?,
+            authorization: false,
+            avs_result: {},
+            cvv_result: {},
+            error_code: false)
+        end
+      end
+
+      def purchase(money, credit_card, options = {})
+        response = create_token(true, credit_card.first_name + ' ' + credit_card.last_name, credit_card.month, credit_card.year, credit_card.number, credit_card.verification_value)
+        if response.success?
+          post = create_post_for_auth_or_purchase(response.authorization, money, options)
+          response = commit(:post, 'orders', post, options, 'purchase')
+        end
+        response
+      end
+
+      def refund(money, orderCode, options = {})
+        obj = money ? { 'refundAmount' => money } : {}
+        commit(:post, "orders/#{CGI.escape(orderCode)}/refund", obj, options, 'refund')
+      end
+
+      def void(orderCode, options = {})
+        response = commit(:delete, "orders/#{CGI.escape(orderCode)}", nil, options, 'void')
+        response = refund(nil, orderCode) if !response.success? && (response.params && response.params['customCode'] != 'ORDER_NOT_FOUND')
+        response
+      end
+
+      def verify(credit_card, options = {})
+        authorize(0, credit_card, options)
+      end
+
+      private
+
+      def create_token(reusable, name, exp_month, exp_year, number, cvc)
+        obj = {
+          'reusable' => reusable,
+          'paymentMethod' => {
+            'type' => 'Card',
+            'name' => name,
+            'expiryMonth' => exp_month,
+            'expiryYear' => exp_year,
+            'cardNumber' => number,
+            'cvc' => cvc
+          },
+          'clientKey' => @client_key
+        }
+        token_response = commit(:post, 'tokens', obj, { 'Authorization' => @service_key }, 'token')
+        token_response
+      end
+
+      def create_post_for_auth_or_purchase(token, money, options)
+        {
+          'token' => token,
+          'orderDescription' => options[:description] || 'Worldpay Order',
+          'amount' => money,
+          'currencyCode' => options[:currency] || default_currency,
+          'name' => options[:billing_address] && options[:billing_address][:name] ? options[:billing_address][:name] : '',
+          'billingAddress' => {
+            'address1' => options[:billing_address] && options[:billing_address][:address1] ? options[:billing_address][:address1] : '',
+            'address2' => options[:billing_address] && options[:billing_address][:address2] ? options[:billing_address][:address2] : '',
+            'address3' => '',
+            'postalCode' => options[:billing_address] && options[:billing_address][:zip] ? options[:billing_address][:zip] : '',
+            'city' => options[:billing_address] && options[:billing_address][:city] ? options[:billing_address][:city] : '',
+            'state' => options[:billing_address] && options[:billing_address][:state] ? options[:billing_address][:state] : '',
+            'countryCode' => options[:billing_address] && options[:billing_address][:country] ? options[:billing_address][:country] : ''
+          },
+          'customerOrderCode' => options[:order_id],
+          'orderType' => 'ECOM',
+          'authorizeOnly' => options[:authorizeOnly] ? true : false
+        }
+      end
+
+      def parse(body)
+        body ? JSON.parse(body) : {}
+      end
+
+      def headers(options = {})
+        headers = {
+          'Authorization' => @service_key,
+          'Content-Type' => 'application/json',
+          'User-Agent' => "Worldpay/v1 ActiveMerchantBindings/#{ActiveMerchant::VERSION}",
+          'X-Worldpay-Client-User-Agent' => user_agent,
+          'X-Worldpay-Client-User-Metadata' => { ip: options[:ip] }.to_json
+        }
+        headers['Authorization'] = options['Authorization'] if options['Authorization']
+        headers
+      end
+
+      def commit(method, url, parameters = nil, options = {}, type = false)
+        raw_response = response = nil
+        success = false
+        begin
+          json = parameters ? parameters.to_json : nil
+
+          raw_response = ssl_request(method, self.live_url + url, json, headers(options))
+
+          if raw_response != ''
+            response = parse(raw_response)
+            if type == 'token'
+              success = response.key?('token')
+            else
+              if response.key?('httpStatusCode')
+                success = false
+              else
+                if type == 'authorize' && response['paymentStatus'] == 'AUTHORIZED'
+                  success = true
+                elsif type == 'purchase' && response['paymentStatus'] == 'SUCCESS'
+                  success = true
+                elsif type == 'capture' || type == 'refund' || type == 'void'
+                  success = true
+                end
+              end
+            end
+          else
+            success = true
+            response = {}
+          end
+        rescue ResponseError => e
+          raw_response = e.response.body
+          response = response_error(raw_response)
+        rescue JSON::ParserError
+          response = json_error(raw_response)
+        end
+
+        if response['orderCode']
+          authorization = response['orderCode']
+        elsif response['token']
+          authorization = response['token']
+        else
+          authorization = response['message']
+        end
+
+        Response.new(success,
+          success ? 'SUCCESS' : response['message'],
+          response,
+          test: test?,
+          authorization: authorization,
+          avs_result: {},
+          cvv_result: {},
+          error_code: success ? nil : response['customCode'])
+      end
+
+      def test?
+        @service_key[0] == 'T'
+      end
+
+      def response_error(raw_response)
+        parse(raw_response)
+      rescue JSON::ParserError
+        json_error(raw_response)
+      end
+
+      def json_error(raw_response)
+        msg = 'Invalid response received from the Worldpay Online Payments API.  Please contact techsupport.online@worldpay.com if you continue to receive this message.'
+        msg += "  (The raw response returned by the API was #{raw_response.inspect})"
+        {
+          'error' => {
+            'message' => msg
+          }
+        }
+      end
+
+      def handle_response(response)
+        response.body
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/worldpay_us.rb

@@ -0,0 +1,221 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class WorldpayUsGateway < Gateway
+      class_attribute :backup_url
+
+      self.display_name = 'Worldpay US'
+      self.homepage_url = 'http://www.worldpay.com/us'
+
+      # No sandbox, just use test cards.
+      self.live_url   = 'https://trans.worldpay.us/cgi-bin/process.cgi'
+      self.backup_url = 'https://trans.gwtx01.com/cgi-bin/process.cgi'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master american_express discover jcb]
+
+      def initialize(options = {})
+        requires!(options, :acctid, :subid, :merchantpin)
+        super
+      end
+
+      def purchase(money, payment_method, options = {})
+        post = {}
+        add_invoice(post, money, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+
+        commit('purchase', options, post)
+      end
+
+      def authorize(money, payment, options = {})
+        post = {}
+        add_invoice(post, money, options)
+        add_credit_card(post, payment)
+        add_customer_data(post, options)
+
+        commit('authorize', options, post)
+      end
+
+      def capture(amount, authorization, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+
+        commit('capture', options, post)
+      end
+
+      def refund(amount, authorization, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+
+        commit('refund', options, post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        add_reference(post, authorization)
+
+        commit('void', options, post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((&?merchantpin=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?ccnum=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?ckacct=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?cvv2=)[^&]*)i, '\1[FILTERED]')
+      end
+
+      private
+
+      def url(options)
+        options[:use_backup_url].to_s == 'true' ? self.backup_url : self.live_url
+      end
+
+      def add_customer_data(post, options)
+        if (billing_address = (options[:billing_address] || options[:address]))
+          post[:ci_companyname] = billing_address[:company]
+          post[:ci_billaddr1]   = billing_address[:address1]
+          post[:ci_billaddr2]   = billing_address[:address2]
+          post[:ci_billcity]    = billing_address[:city]
+          post[:ci_billstate]   = billing_address[:state]
+          post[:ci_billzip]     = billing_address[:zip]
+          post[:ci_billcountry] = billing_address[:country]
+
+          post[:ci_phone]       = billing_address[:phone]
+          post[:ci_email]       = billing_address[:email]
+          post[:ci_ipaddress]   = billing_address[:ip]
+        end
+
+        if (shipping_address = options[:shipping_address])
+          post[:ci_shipaddr1] = shipping_address[:address1]
+          post[:ci_shipaddr2] = shipping_address[:address2]
+          post[:ci_shipcity] = shipping_address[:city]
+          post[:ci_shipstate] = shipping_address[:state]
+          post[:ci_shipzip] = shipping_address[:zip]
+          post[:ci_shipcountry] = shipping_address[:country]
+        end
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money)
+        post[:currencycode] = (options[:currency] || currency(money))
+        post[:merchantordernumber] = options[:order_id] if options[:order_id]
+      end
+
+      def add_payment_method(post, payment_method)
+        if card_brand(payment_method) == 'check'
+          add_check(post, payment_method)
+        else
+          add_credit_card(post, payment_method)
+        end
+      end
+
+      def add_credit_card(post, payment_method)
+        post[:ccname] = payment_method.name
+        post[:ccnum] = payment_method.number
+        post[:cvv2] = payment_method.verification_value
+        post[:expyear] = format(payment_method.year, :four_digits)
+        post[:expmon] = format(payment_method.month, :two_digits)
+      end
+
+      ACCOUNT_TYPES = {
+        'checking' => '1',
+        'savings' => '2'
+      }
+
+      def add_check(post, payment_method)
+        post[:action] = 'ns_quicksale_check'
+        post[:ckacct] = payment_method.account_number
+        post[:ckaba] = payment_method.routing_number
+        post[:ckno] = payment_method.number
+        post[:ckaccttype] = ACCOUNT_TYPES[payment_method.account_type] if ACCOUNT_TYPES[payment_method.account_type]
+      end
+
+      def split_authorization(authorization)
+        historyid, orderid = authorization.split('|')
+        [historyid, orderid]
+      end
+
+      def add_reference(post, authorization)
+        historyid, orderid = split_authorization(authorization)
+        post[:postonly] = historyid
+        post[:historykeyid] = historyid
+        post[:orderkeyid] = orderid
+      end
+
+      def parse(xml)
+        response = {}
+        doc = Nokogiri::XML(xml)
+        message = doc.xpath('//plaintext')
+        message.text.split(/\r?\n/).each do |line|
+          key, value = line.split(%r{=})
+          response[key] = value if key
+        end
+        response
+      end
+
+      ACTIONS = {
+        'purchase' => 'ns_quicksale_cc',
+        'refund' => 'ns_credit',
+        'authorize' => 'ns_quicksale_cc',
+        'capture' => 'ns_quicksale_cc',
+        'void' => 'ns_void'
+      }
+
+      def commit(action, options, post)
+        post[:action] = ACTIONS[action] unless post[:action]
+        post[:acctid] = @options[:acctid]
+        post[:subid] = @options[:subid]
+        post[:merchantpin] = @options[:merchantpin]
+
+        post[:authonly] = '1' if action == 'authorize'
+
+        raw = parse(ssl_post(url(options), post.to_query))
+
+        succeeded = success_from(raw['result'])
+        Response.new(
+          succeeded,
+          message_from(succeeded, raw),
+          raw,
+          authorization: authorization_from(raw),
+          test: test?
+        )
+      end
+
+      def success_from(result)
+        result == '1'
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          'Succeeded'
+        else
+          (response['transresult'] || response['Reason'] || 'Unable to read error message')
+        end
+      end
+
+      def authorization_from(response)
+        [response['historyid'], response['orderid']].join('|')
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways.rb

@@ -0,0 +1,14 @@
+require 'pathname'
+
+module ActiveMerchant
+  module Billing
+    load_path = Pathname.new(__FILE__ + '/../../..')
+    Dir[File.dirname(__FILE__) + '/gateways/**/*.rb'].each do |filename|
+      gateway_name      = File.basename(filename, '.rb')
+      gateway_classname = "#{gateway_name}_gateway".camelize
+      gateway_filename  = Pathname.new(filename).relative_path_from(load_path).sub_ext('')
+
+      autoload(gateway_classname, gateway_filename)
+    end
+  end
+end

data/lib/active_merchant/billing/model.rb

@@ -0,0 +1,30 @@
+require 'active_merchant/billing/compatibility'
+require 'active_merchant/empty'
+
+module ActiveMerchant
+  module Billing
+    class Model
+      include Compatibility::Model
+      include Empty
+
+      def initialize(attributes = {})
+        attributes.each do |key, value|
+          send("#{key}=", value)
+        end
+      end
+
+      def validate
+        {}
+      end
+
+      private
+
+      def errors_hash(array)
+        array.inject({}) do |hash, (attribute, error)|
+          (hash[attribute] ||= []) << error
+          hash
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/network_tokenization_credit_card.rb

@@ -0,0 +1,39 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class NetworkTokenizationCreditCard < CreditCard
+      # A +NetworkTokenizationCreditCard+ object represents a tokenized credit card
+      # using the EMV Network Tokenization specification, http://www.emvco.com/specifications.aspx?id=263.
+      #
+      # It includes all fields of the +CreditCard+ class with additional fields for
+      # verification data that must be given to gateways through existing fields (3DS / EMV).
+      #
+      # The only tested usage of this at the moment is with an Apple Pay decrypted PKPaymentToken,
+      # https://developer.apple.com/library/ios/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html
+
+      # These are not relevant (verification) or optional (name) for Apple Pay
+      self.require_verification_value = false
+      self.require_name = false
+
+      attr_accessor :payment_cryptogram, :eci, :transaction_id
+      attr_writer :source
+
+      SOURCES = %i(apple_pay android_pay google_pay network_token)
+
+      def source
+        if defined?(@source) && SOURCES.include?(@source)
+          @source
+        else
+          :apple_pay
+        end
+      end
+
+      def credit_card?
+        true
+      end
+
+      def type
+        'network_tokenization'
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/payment_token.rb

@@ -0,0 +1,21 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # Base class representation of cryptographic payment data tokens that may be used for EMV-style transactions
+    # like Apple Pay. Payment data may be transmitted via any data type, and may also be padded
+    # with metadata specific to the cryptographer. This metadata should be parsed and interpreted in concrete
+    # implementations of your given cryptographer. Like credit cards, you must also return a string representing
+    # the token's type, like 'apple_pay' or 'stripe' should your target payment gateway process these tokens.
+    class PaymentToken
+      attr_reader :payment_data
+
+      def initialize(payment_data, options = {})
+        @payment_data = payment_data
+        @metadata = options.with_indifferent_access
+      end
+
+      def type
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/rails.rb

@@ -0,0 +1,3 @@
+require 'active_merchant/billing/compatibility'
+
+ActiveMerchant::Billing::Compatibility.rails_required!

data/lib/active_merchant/billing/response.rb

@@ -0,0 +1,97 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class Error < ActiveMerchantError #:nodoc:
+    end
+
+    class Response
+      attr_reader :params, :message, :test, :authorization, :avs_result, :cvv_result, :error_code, :emv_authorization, :network_transaction_id
+
+      def success?
+        @success
+      end
+
+      def failure?
+        !success?
+      end
+
+      def test?
+        @test
+      end
+
+      def fraud_review?
+        @fraud_review
+      end
+
+      def initialize(success, message, params = {}, options = {})
+        @success, @message, @params = success, message, params.stringify_keys
+        @test = options[:test] || false
+        @authorization = options[:authorization]
+        @fraud_review = options[:fraud_review]
+        @error_code = options[:error_code]
+        @emv_authorization = options[:emv_authorization]
+        @network_transaction_id = options[:network_transaction_id]
+
+        @avs_result = if options[:avs_result].kind_of?(AVSResult)
+                        options[:avs_result].to_hash
+                      else
+                        AVSResult.new(options[:avs_result]).to_hash
+                      end
+
+        @cvv_result = if options[:cvv_result].kind_of?(CVVResult)
+                        options[:cvv_result].to_hash
+                      else
+                        CVVResult.new(options[:cvv_result]).to_hash
+                      end
+      end
+    end
+
+    class MultiResponse < Response
+      def self.run(use_first_response = false, &block)
+        new(use_first_response).tap(&block)
+      end
+
+      attr_reader :responses, :primary_response
+
+      def initialize(use_first_response = false)
+        @responses = []
+        @use_first_response = use_first_response
+        @primary_response = nil
+      end
+
+      def process(ignore_result = false)
+        return unless success?
+
+        response = yield
+        self << response
+
+        unless ignore_result
+          if @use_first_response && response.success?
+            @primary_response ||= response
+          else
+            @primary_response = response
+          end
+        end
+      end
+
+      def <<(response)
+        if response.is_a?(MultiResponse)
+          response.responses.each { |r| @responses << r }
+        else
+          @responses << response
+        end
+      end
+
+      def success?
+        (primary_response ? primary_response.success? : true)
+      end
+
+      %w(params message test authorization avs_result cvv_result error_code emv_authorization test? fraud_review?).each do |m|
+        class_eval %(
+          def #{m}
+            (@responses.empty? ? nil : primary_response.#{m})
+          end
+        )
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/three_d_secure_eci_mapper.rb

@@ -0,0 +1,27 @@
+module ActiveMerchant
+  module Billing
+    module ThreeDSecureEciMapper
+      NON_THREE_D_SECURE_TRANSACTION = :non_three_d_secure_transaction
+      ATTEMPTED_AUTHENTICATION_TRANSACTION = :attempted_authentication_transaction
+      FULLY_AUTHENTICATED_TRANSACTION = :fully_authenticated_transaction
+
+      ECI_00_01_02_MAP = { '00' => NON_THREE_D_SECURE_TRANSACTION, '01' => ATTEMPTED_AUTHENTICATION_TRANSACTION, '02' => FULLY_AUTHENTICATED_TRANSACTION }.freeze
+      ECI_05_06_07_MAP = { '05' => FULLY_AUTHENTICATED_TRANSACTION, '06' => ATTEMPTED_AUTHENTICATION_TRANSACTION, '07' => NON_THREE_D_SECURE_TRANSACTION }.freeze
+      BRAND_TO_ECI_MAP = {
+        american_express: ECI_05_06_07_MAP,
+        dankort: ECI_05_06_07_MAP,
+        diners_club: ECI_05_06_07_MAP,
+        discover: ECI_05_06_07_MAP,
+        elo: ECI_05_06_07_MAP,
+        jcb: ECI_05_06_07_MAP,
+        maestro: ECI_00_01_02_MAP,
+        master: ECI_00_01_02_MAP,
+        visa: ECI_05_06_07_MAP
+      }.freeze
+
+      def self.map(brand, eci)
+        BRAND_TO_ECI_MAP.dig(brand, eci)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing.rb

@@ -0,0 +1,16 @@
+require 'active_merchant/errors'
+
+require 'active_merchant/billing/avs_result'
+require 'active_merchant/billing/cvv_result'
+require 'active_merchant/billing/credit_card_methods'
+require 'active_merchant/billing/credit_card_formatting'
+require 'active_merchant/billing/credit_card'
+require 'active_merchant/billing/network_tokenization_credit_card'
+require 'active_merchant/billing/base'
+require 'active_merchant/billing/check'
+require 'active_merchant/billing/payment_token'
+require 'active_merchant/billing/apple_pay_payment_token'
+require 'active_merchant/billing/response'
+require 'active_merchant/billing/gateways'
+require 'active_merchant/billing/gateway'
+require 'active_merchant/billing/three_d_secure_eci_mapper'