archetype2142_activemerchant 1.124.0

data/lib/active_merchant/billing/gateways/cecabank.rb

@@ -0,0 +1,249 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class CecabankGateway < Gateway
+      self.test_url = 'https://tpv.ceca.es'
+      self.live_url = 'https://pgw.ceca.es'
+
+      self.supported_countries = ['ES']
+      self.supported_cardtypes = %i[visa master american_express]
+      self.homepage_url = 'http://www.ceca.es/es/'
+      self.display_name = 'Cecabank'
+      self.default_currency = 'EUR'
+      self.money_format = :cents
+
+      #### CECA's MAGIC NUMBERS
+      CECA_NOTIFICATIONS_URL = 'NONE'
+      CECA_ENCRIPTION = 'SHA2'
+      CECA_DECIMALS = '2'
+      CECA_MODE = 'SSL'
+      CECA_UI_LESS_LANGUAGE = 'XML'
+      CECA_UI_LESS_LANGUAGE_REFUND = '1'
+      CECA_UI_LESS_REFUND_PAGE = 'anulacion_xml'
+      CECA_ACTION_REFUND   = 'anulaciones/anularParcial' # use partial refund's URL to avoid time frame limitations and decision logic on client side
+      CECA_ACTION_PURCHASE = 'tpv/compra'
+      CECA_CURRENCIES_DICTIONARY = { 'EUR' => 978, 'USD' => 840, 'GBP' => 826 }
+
+      # Creates a new CecabankGateway
+      #
+      # The gateway requires four values for connection to be passed
+      # in the +options+ hash.
+      #
+      # ==== Options
+      #
+      # * <tt>:merchant_id</tt>  -- Cecabank's merchant_id (REQUIRED)
+      # * <tt>:acquirer_bin</tt> -- Cecabank's acquirer_bin (REQUIRED)
+      # * <tt>:terminal_id</tt>  -- Cecabank's terminal_id (REQUIRED)
+      # * <tt>:key</tt>          -- Cecabank's cypher key (REQUIRED)
+      # * <tt>:test</tt> -- +true+ or +false+. If true, perform transactions against the test server.
+      #   Otherwise, perform transactions against the production server.
+      def initialize(options = {})
+        requires!(options, :merchant_id, :acquirer_bin, :terminal_id, :key)
+        super
+      end
+
+      # Perform a purchase, which is essentially an authorization and capture in a single operation.
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be purchased as an Integer value in cents.
+      # * <tt>creditcard</tt> -- The CreditCard details for the transaction.
+      # * <tt>options</tt> -- A hash of optional parameters.
+      #
+      # ==== Options
+      #
+      # * <tt>:order_id</tt>    -- order_id passed used purchase. (REQUIRED)
+      # * <tt>:currency</tt>    -- currency. Supported: EUR, USD, GBP.
+      # * <tt>:description</tt> -- description to be pased to the gateway.
+      def purchase(money, creditcard, options = {})
+        requires!(options, :order_id)
+
+        post = { 'Descripcion' => options[:description],
+                'Num_operacion' => options[:order_id],
+                'Idioma' => CECA_UI_LESS_LANGUAGE,
+                'Pago_soportado' => CECA_MODE,
+                'URL_OK' => CECA_NOTIFICATIONS_URL,
+                'URL_NOK' => CECA_NOTIFICATIONS_URL,
+                'Importe' => amount(money),
+                'TipoMoneda' => CECA_CURRENCIES_DICTIONARY[options[:currency] || currency(money)] }
+
+        add_creditcard(post, creditcard)
+
+        commit(CECA_ACTION_PURCHASE, post)
+      end
+
+      # Refund a transaction.
+      #
+      # This transaction indicates to the gateway that
+      # money should flow from the merchant to the customer.
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be credited to the customer as an Integer value in cents.
+      # * <tt>identification</tt> -- The reference given from the gateway on purchase (reference, not operation).
+      # * <tt>options</tt> -- A hash of parameters.
+      def refund(money, identification, options = {})
+        reference, order_id = split_authorization(identification)
+
+        post = { 'Referencia' => reference,
+                'Num_operacion' => order_id,
+                'Idioma' => CECA_UI_LESS_LANGUAGE_REFUND,
+                'Pagina' => CECA_UI_LESS_REFUND_PAGE,
+                'Importe' => amount(money),
+                'TipoMoneda' => CECA_CURRENCIES_DICTIONARY[options[:currency] || currency(money)] }
+
+        commit(CECA_ACTION_REFUND, post)
+      end
+
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((&?pan=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?cvv2=)[^&]*)i, '\1[FILTERED]')
+      end
+
+      private
+
+      def add_creditcard(post, creditcard)
+        post['PAN'] = creditcard.number
+        post['Caducidad'] = expdate(creditcard)
+        post['CVV2'] = creditcard.verification_value
+        post['Pago_elegido'] = CECA_MODE
+      end
+
+      def expdate(creditcard)
+        "#{format(creditcard.year, :four_digits)}#{format(creditcard.month, :two_digits)}"
+      end
+
+      def parse(body)
+        response = {}
+
+        root = REXML::Document.new(body).root
+
+        response[:success] = (root.attributes['valor'] == 'OK')
+        response[:date] = root.attributes['fecha']
+        response[:operation_number] = root.attributes['numeroOperacion']
+        response[:message] = root.attributes['valor']
+
+        if root.elements['OPERACION']
+          response[:operation_type] = root.elements['OPERACION'].attributes['tipo']
+          response[:amount] = root.elements['OPERACION/importe'].text.strip
+        end
+
+        response[:description] = root.elements['OPERACION/descripcion'].text if root.elements['OPERACION/descripcion']
+        response[:authorization_number] = root.elements['OPERACION/numeroAutorizacion'].text if root.elements['OPERACION/numeroAutorizacion']
+        response[:reference] = root.elements['OPERACION/referencia'].text if root.elements['OPERACION/referencia']
+        response[:pan] = root.elements['OPERACION/pan'].text if root.elements['OPERACION/pan']
+
+        if root.elements['ERROR']
+          response[:error_code] = root.elements['ERROR/codigo'].text
+          response[:error_message] = root.elements['ERROR/descripcion'].text
+        else
+          if root.elements['OPERACION'].attributes['numeroOperacion'] == '000'
+            response[:authorization] = root.elements['OPERACION/numeroAutorizacion'].text if root.elements['OPERACION/numeroAutorizacion']
+          else
+            response[:authorization] = root.attributes['numeroOperacion']
+          end
+        end
+
+        return response
+      rescue REXML::ParseException => e
+        response[:success] = false
+        response[:message] = 'Unable to parse the response.'
+        response[:error_message] = e.message
+        response
+      end
+
+      def commit(action, parameters)
+        parameters.merge!(
+          'Cifrado' => CECA_ENCRIPTION,
+          'Firma' => generate_signature(action, parameters),
+          'Exponente' => CECA_DECIMALS,
+          'MerchantID' => options[:merchant_id],
+          'AcquirerBIN' => options[:acquirer_bin],
+          'TerminalID' => options[:terminal_id]
+        )
+        url = (test? ? self.test_url : self.live_url) + "/tpvweb/#{action}.action"
+        xml = ssl_post("#{url}?", post_data(parameters))
+        response = parse(xml)
+        Response.new(
+          response[:success],
+          message_from(response),
+          response,
+          test: test?,
+          authorization: build_authorization(response),
+          error_code: response[:error_code]
+        )
+      end
+
+      def message_from(response)
+        if response[:message] == 'ERROR' && response[:error_message]
+          response[:error_message]
+        elsif response[:error_message]
+          "#{response[:message]} #{response[:error_message]}"
+        else
+          response[:message]
+        end
+      end
+
+      def post_data(params)
+        return nil unless params
+
+        params.map do |key, value|
+          next if value.blank?
+
+          if value.is_a?(Hash)
+            h = {}
+            value.each do |k, v|
+              h["#{key}.#{k}"] = v unless v.blank?
+            end
+            post_data(h)
+          else
+            "#{key}=#{CGI.escape(value.to_s)}"
+          end
+        end.compact.join('&')
+      end
+
+      def build_authorization(response)
+        [response[:reference], response[:authorization]].join('|')
+      end
+
+      def split_authorization(authorization)
+        authorization.split('|')
+      end
+
+      def generate_signature(action, parameters)
+        signature_fields =
+          case action
+          when CECA_ACTION_REFUND
+            options[:key].to_s +
+            options[:merchant_id].to_s +
+            options[:acquirer_bin].to_s +
+            options[:terminal_id].to_s +
+            parameters['Num_operacion'].to_s +
+            parameters['Importe'].to_s +
+            parameters['TipoMoneda'].to_s +
+            CECA_DECIMALS +
+            parameters['Referencia'].to_s +
+            CECA_ENCRIPTION
+          else
+            options[:key].to_s +
+            options[:merchant_id].to_s +
+            options[:acquirer_bin].to_s +
+            options[:terminal_id].to_s +
+            parameters['Num_operacion'].to_s +
+            parameters['Importe'].to_s +
+            parameters['TipoMoneda'].to_s +
+            CECA_DECIMALS +
+            CECA_ENCRIPTION +
+            CECA_NOTIFICATIONS_URL +
+            CECA_NOTIFICATIONS_URL
+          end
+        Digest::SHA2.hexdigest(signature_fields)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/cenpos.rb

@@ -0,0 +1,328 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class CenposGateway < Gateway
+      self.display_name = 'CenPOS'
+      self.homepage_url = 'https://www.cenpos.com/'
+
+      self.live_url = 'https://ww3.cenpos.net/6/transact.asmx'
+
+      self.supported_countries = %w(AD AI AG AR AU AT BS BB BE BZ BM BR BN BG CA HR CY CZ DK DM EE FI FR DE GR GD GY HK HU IS IL IT JP LV LI LT LU MY MT MX MC MS NL PA PL PT KN LC MF VC SM SG SK SI ZA ES SR SE CH TR GB US UY)
+      self.default_currency = 'USD'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      def initialize(options = {})
+        requires!(options, :merchant_id, :password, :user_id)
+        super
+      end
+
+      def purchase(amount, payment_method, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+
+        commit('Sale', post)
+      end
+
+      def authorize(amount, payment_method, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+
+        commit('Auth', post)
+      end
+
+      def capture(amount, authorization, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+
+        commit('SpecialForce', post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        add_void_required_elements(post)
+        add_reference(post, authorization)
+        add_remembered_amount(post, authorization)
+        add_tax(post, options)
+        add_order_id(post, options)
+
+        commit('Void', post)
+      end
+
+      def refund(amount, authorization, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+
+        commit('SpecialReturn', post)
+      end
+
+      def credit(amount, payment_method, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+
+        commit('Credit', post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<acr1:CardNumber>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<acr1:CardVerificationNumber>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<acr:Password>)[^<]+(<))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def add_invoice(post, money, options)
+        post[:Amount] = amount(money)
+        post[:CurrencyCode] = options[:currency] || currency(money)
+        post[:InvoiceDetail] = options[:invoice_detail] if options[:invoice_detail]
+        post[:CustomerCode] = options[:customer_code] if options[:customer_code]
+        add_order_id(post, options)
+        add_tax(post, options)
+      end
+
+      def add_payment_method(post, payment_method)
+        post[:NameOnCard] = payment_method.name
+        post[:CardNumber] = payment_method.number
+        post[:CardVerificationNumber] = payment_method.verification_value
+        post[:CardExpirationDate] = format(payment_method.month, :two_digits) + format(payment_method.year, :two_digits)
+        post[:CardLastFourDigits] = payment_method.last_digits
+        post[:MagneticData] = payment_method.track_data if payment_method.track_data
+      end
+
+      def add_customer_data(post, options)
+        if (billing_address = (options[:billing_address] || options[:address]))
+          post[:CustomerEmailAddress] = billing_address[:email]
+          post[:CustomerPhone] = billing_address[:phone]
+          post[:CustomerBillingAddress] = billing_address[:address1]
+          post[:CustomerCity] = billing_address[:city]
+          post[:CustomerState] = billing_address[:state]
+          post[:CustomerZipCode] = billing_address[:zip]
+        end
+      end
+
+      def add_void_required_elements(post)
+        post[:GeoLocationInformation] = nil
+        post[:IMEI] = nil
+      end
+
+      def add_order_id(post, options)
+        post[:InvoiceNumber] = options[:order_id]
+      end
+
+      def add_tax(post, options)
+        post[:TaxAmount] = amount(options[:tax] || 0)
+      end
+
+      def add_reference(post, authorization)
+        reference_number, last_four_digits = split_authorization(authorization)
+        post[:ReferenceNumber] = reference_number
+        post[:CardLastFourDigits] = last_four_digits
+      end
+
+      def add_remembered_amount(post, authorization)
+        post[:Amount] = split_authorization(authorization).last
+      end
+
+      def commit(action, post)
+        post[:MerchantId] = @options[:merchant_id]
+        post[:Password] = @options[:password]
+        post[:UserId] = @options[:user_id]
+        post[:TransactionType] = action
+
+        data = build_request(post)
+        begin
+          xml = ssl_post(self.live_url, data, headers)
+          raw = parse(xml)
+        rescue ActiveMerchant::ResponseError => e
+          if e.response.code == '500' && e.response.body.start_with?('<s:Envelope')
+            raw = {
+              message: 'See transcript for detailed error description.'
+            }
+          else
+            raise
+          end
+        end
+
+        succeeded = success_from(raw[:result])
+        Response.new(
+          succeeded,
+          message_from(succeeded, raw),
+          raw,
+          authorization: authorization_from(post, raw),
+          error_code: error_code_from(succeeded, raw),
+          test: test?,
+          cvv_result: cvv_result_from_xml(xml),
+          avs_result: avs_result_from_xml(xml)
+        )
+      end
+
+      def headers
+        {
+          'Accept-Encoding' => 'identity',
+          'Content-Type' => 'text/xml;charset=UTF-8',
+          'SOAPAction' => 'http://tempuri.org/Transactional/ProcessCreditCard'
+        }
+      end
+
+      def build_request(post)
+        xml = Builder::XmlMarkup.new indent: 8
+        xml.tag!('acr:MerchantId', post.delete(:MerchantId))
+        xml.tag!('acr:Password', post.delete(:Password))
+        xml.tag!('acr:UserId', post.delete(:UserId))
+        post.sort.each do |field, value|
+          xml.tag!("acr1:#{field}", value)
+        end
+        envelope(xml.target!)
+      end
+
+      def envelope(body)
+        <<~XML
+          <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/" xmlns:acr="http://schemas.datacontract.org/2004/07/Acriter.ABI.CenPOS.EPayment.VirtualTerminal.Common" xmlns:acr1="http://schemas.datacontract.org/2004/07/Acriter.ABI.CenPOS.EPayment.VirtualTerminal.v6.Common" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+          <soapenv:Header/>
+             <soapenv:Body>
+                <tem:ProcessCreditCard>
+                   <tem:request>
+                     #{body}
+                   </tem:request>
+                </tem:ProcessCreditCard>
+             </soapenv:Body>
+          </soapenv:Envelope>
+        XML
+      end
+
+      def parse(xml)
+        response = {}
+
+        doc = Nokogiri::XML(xml)
+        doc.remove_namespaces!
+        body = doc.xpath('//ProcessCreditCardResult')
+        body.children.each do |node|
+          if node.elements.size == 0
+            response[node.name.underscore.to_sym] = node.text
+          else
+            node.elements.each do |childnode|
+              name = "#{node.name.underscore}_#{childnode.name.underscore}"
+              response[name.to_sym] = childnode.text
+            end
+          end
+        end unless doc.root.nil?
+
+        response
+      end
+
+      def success_from(response)
+        response == '0'
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          'Succeeded'
+        else
+          response[:message] || 'Unable to read error message'
+        end
+      end
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        '211' => STANDARD_ERROR_CODE[:invalid_number],
+        '252' => STANDARD_ERROR_CODE[:invalid_expiry_date],
+        '257' => STANDARD_ERROR_CODE[:invalid_cvc],
+        '333' => STANDARD_ERROR_CODE[:expired_card],
+        '1' => STANDARD_ERROR_CODE[:card_declined],
+        '99' => STANDARD_ERROR_CODE[:processing_error]
+      }
+
+      def authorization_from(request, response)
+        [response[:reference_number], request[:CardLastFourDigits], request[:Amount]].join('|')
+      end
+
+      def split_authorization(authorization)
+        reference_number, last_four_digits, original_amount = authorization.split('|')
+        [reference_number, last_four_digits, original_amount]
+      end
+
+      def error_code_from(succeeded, response)
+        succeeded ? nil : STANDARD_ERROR_CODE_MAPPING[response[:result]]
+      end
+
+      def cvv_result_from_xml(xml)
+        ActiveMerchant::Billing::CVVResult.new(cvv_result_code(xml))
+      end
+
+      def avs_result_from_xml(xml)
+        ActiveMerchant::Billing::AVSResult.new(code: avs_result_code(xml))
+      end
+
+      def cvv_result_code(xml)
+        cvv = validation_result_element(xml, 'CVV')
+        return nil unless cvv
+
+        validation_result_matches?(*validation_result_element_text(cvv.parent)) ? 'M' : 'N'
+      end
+
+      def avs_result_code(xml)
+        billing_address_elem = validation_result_element(xml, 'Billing Address')
+        zip_code_elem = validation_result_element(xml, 'Zip Code')
+
+        return nil unless billing_address_elem && zip_code_elem
+
+        billing_matches = avs_result_matches(billing_address_elem)
+        zip_matches = avs_result_matches(zip_code_elem)
+
+        if billing_matches && zip_matches
+          'D'
+        elsif !billing_matches && zip_matches
+          'P'
+        elsif billing_matches && !zip_matches
+          'B'
+        else
+          'C'
+        end
+      end
+
+      def avs_result_matches(elem)
+        validation_result_matches?(*validation_result_element_text(elem.parent))
+      end
+
+      def validation_result_element(xml, name)
+        doc = Nokogiri::XML(xml)
+        doc.remove_namespaces!
+        doc.at_xpath("//ParameterValidationResultList//ParameterValidationResult//Name[text() = '#{name}']")
+      end
+
+      def validation_result_element_text(element)
+        result_text = element.elements.detect { |elem|
+          elem.name == 'Result'
+        }.children.detect(&:text).text
+
+        result_text.split(';').collect(&:strip)
+      end
+
+      def validation_result_matches?(present, match)
+        present.downcase.start_with?('present') &&
+          match.downcase.start_with?('match')
+      end
+    end
+  end
+end