archetype2142_activemerchant 1.124.0

data/lib/active_merchant/billing/gateways/psl_card.rb

@@ -0,0 +1,295 @@
+module ActiveMerchant
+  module Billing
+    #
+    # ActiveMerchant PSL Card Gateway
+    #
+    # Notes:
+    #   -To be able to use the capture function, the IP address of the machine must be
+    #    registered with PSL
+    #   -ESALE_KEYED should only be used in situations where the cardholder perceives the
+    #    transaction to be Internet-based, such as purchasing from a web site/on-line store.
+    #    If the Internet is used purely for the transport of information from the merchant
+    #    directly to the gateway then the appropriate cardholder present or not present message
+    #    type should be used rather than the ‘E’ equivalent.
+    #   -The CV2 / AVS policies are set up with the account settings when signing up for an account
+    class PslCardGateway < Gateway
+      self.money_format = :cents
+      self.default_currency = 'GBP'
+
+      self.supported_countries = ['GB']
+      # Visa Credit, Visa Debit, Mastercard, Maestro, Electron,
+      # American Express, Diners Club, JCB, International Maestro,
+      # Style, Clydesdale Financial Services, Other
+
+      self.supported_cardtypes = %i[visa master american_express diners_club jcb maestro]
+      self.homepage_url = 'http://www.paymentsolutionsltd.com/'
+      self.display_name = 'PSL Payment Solutions'
+
+      # Default ISO 3166 country code (GB)
+      cattr_accessor :location
+      self.location = 826
+
+      # PslCard server self.live_url - The url is the same whether testing or live - use
+      # the test account when testing...
+      self.live_url = self.test_url = 'https://pslcard3.paymentsolutionsltd.com/secure/transact.asp?'
+
+      # eCommerce sale transaction, details keyed by merchant or cardholder
+      MESSAGE_TYPE = 'ESALE_KEYED'
+
+      # The type of response that we want to get from PSL, options are HTML, XML or REDIRECT
+      RESPONSE_ACTION = 'HTML'
+
+      # Currency Codes
+      CURRENCY_CODES = {
+        'AUD' => 036,
+        'GBP' => 826,
+        'USD' => 840
+      }
+
+      # The terminal used - only for swipe transactions, so hard coded to 32 for online
+      EMV_TERMINAL_TYPE = 32
+
+      # Different Dispatch types
+      DISPATCH_LATER  = 'LATER'
+      DISPATCH_NOW    = 'NOW'
+
+      # Return codes
+      APPROVED = '00'
+
+      # Nominal amount to authorize for a 'dispatch later' type
+      # The nominal amount is held straight away, when the goods are ready
+      # to be dispatched, PSL is informed and the full amount is the
+      # taken.
+      NOMINAL_AMOUNT = 101
+
+      AVS_CODE = {
+        'ALL MATCH'	=> 'Y',
+        'SECURITY CODE MATCH ONLY' => 'N',
+        'ADDRESS MATCH ONLY' => 'Y',
+        'NO DATA MATCHES'	=> 'N',
+        'DATA NOT CHECKED'	=> 'R',
+        'SECURITY CHECKS NOT SUPPORTED'	=> 'X'
+      }
+
+      CVV_CODE = {
+        'ALL MATCH'	=> 'M',
+        'SECURITY CODE MATCH ONLY' => 'M',
+        'ADDRESS MATCH ONLY' => 'N',
+        'NO DATA MATCHES'	=> 'N',
+        'DATA NOT CHECKED'	=> 'P',
+        'SECURITY CHECKS NOT SUPPORTED'	=> 'X'
+      }
+
+      # Create a new PslCardGateway
+      #
+      # The gateway requires that a valid :login be passed in the options hash
+      #
+      # Paramaters:
+      #   -options:
+      #     :login -    the PslCard account login (required)
+      def initialize(options = {})
+        requires!(options, :login)
+
+        super
+      end
+
+      # Purchase the item straight away
+      #
+      # Parameters:
+      #   -money: Amount to be charged as an Integer value in cents
+      #   -authorization: the PSL cross reference from the previous authorization
+      #   -options:
+      #
+      # Returns:
+      #   -ActiveMerchant::Billing::Response object
+      #
+      def purchase(money, credit_card, options = {})
+        post = {}
+
+        add_amount(post, money, DISPATCH_NOW, options)
+        add_credit_card(post, credit_card)
+        add_address(post, options)
+        add_invoice(post, options)
+        add_purchase_details(post)
+
+        commit(post)
+      end
+
+      # Authorize the transaction
+      #
+      # Reserves the funds on the customer's credit card, but does not
+      # charge the card.
+      #
+      # This implementation does not authorize the full amount, rather it checks that the full amount
+      # is available and only 'reserves' the nominal amount (currently a pound and a penny)
+      #
+      # Parameters:
+      #   -money: Amount to be charged as an Integer value in cents
+      #   -authorization: the PSL cross reference from the previous authorization
+      #   -options:
+      #
+      # Returns:
+      #   -ActiveMerchant::Billing::Response object
+      #
+      def authorize(money, credit_card, options = {})
+        post = {}
+
+        add_amount(post, money, DISPATCH_LATER, options)
+        add_credit_card(post, credit_card)
+        add_address(post, options)
+        add_invoice(post, options)
+        add_purchase_details(post)
+
+        commit(post)
+      end
+
+      # Post an authorization.
+      #
+      # Captures the funds from an authorized transaction.
+      #
+      # Parameters:
+      #   -money: Amount to be charged as an Integer value in cents
+      #   -authorization: The PSL Cross Reference
+      #   -options:
+      #
+      # Returns:
+      #   -ActiveMerchant::Billing::Response object
+      #
+      def capture(money, authorization, options = {})
+        post = {}
+
+        add_amount(post, money, DISPATCH_NOW, options)
+        add_reference(post, authorization)
+        add_purchase_details(post)
+
+        commit(post)
+      end
+
+      private
+
+      def add_credit_card(post, credit_card)
+        post[:QAName] = credit_card.name
+        post[:CardNumber] = credit_card.number
+        post[:EMVTerminalType] = EMV_TERMINAL_TYPE
+        post[:ExpMonth] = credit_card.month
+        post[:ExpYear] = credit_card.year
+
+        # CV2 check
+        post[:AVSCV2Check] = credit_card.verification_value? ? 'YES' : 'NO'
+        post[:CV2] = credit_card.verification_value if credit_card.verification_value?
+      end
+
+      def add_address(post, options)
+        address = options[:billing_address] || options[:address]
+        return if address.nil?
+
+        post[:QAAddress] = %i[address1 address2 city state].collect { |a| address[a] }.reject(&:blank?).join(' ')
+        post[:QAPostcode] = address[:zip]
+      end
+
+      def add_invoice(post, options)
+        post[:MerchantName] = options[:merchant] || 'Merchant Name' # May use this as the order_id field
+        post[:OrderID] = options[:order_id] unless options[:order_id].blank?
+      end
+
+      def add_reference(post, authorization)
+        post[:CrossReference] = authorization
+      end
+
+      def add_amount(post, money, dispatch_type, options)
+        post[:CurrencyCode] = currency_code(options[:currency] || currency(money))
+
+        if dispatch_type == DISPATCH_LATER
+          post[:amount] = amount(NOMINAL_AMOUNT)
+          post[:DispatchLaterAmount] = amount(money)
+        else
+          post[:amount] = amount(money)
+        end
+
+        post[:Dispatch] = dispatch_type
+      end
+
+      def add_purchase_details(post)
+        post[:EchoAmount] = 'YES'
+        post[:SCBI] = 'YES' # Return information about the transaction
+        post[:MessageType] = MESSAGE_TYPE
+      end
+
+      # Get the currency code for the passed money object
+      #
+      # The money class stores the currency as an ISO 4217:2001 Alphanumeric,
+      # however PSL requires the ISO 4217:2001 Numeric code.
+      #
+      # Parameters:
+      #   -money: Integer value in cents
+      #
+      # Returns:
+      #   -the ISO 4217:2001 Numberic currency code
+      #
+      def currency_code(currency)
+        CURRENCY_CODES[currency]
+      end
+
+      # Parse the PSL response and create a Response object
+      #
+      # Parameters:
+      #   -body:  The response string returned from PSL, Formatted:
+      #           Key=value&key=value...
+      #
+      # Returns:
+      #   -a hash with all of the values returned in the PSL response
+      #
+      def parse(body)
+        fields = {}
+        for line in body.split('&')
+          key, value = *line.scan(%r{^(\w+)\=(.*)$}).flatten
+          fields[key] = CGI.unescape(value)
+        end
+        fields.symbolize_keys
+      end
+
+      # Send the passed data to PSL for processing
+      #
+      # Parameters:
+      #   -request: The data that is to be sent to PSL
+      #
+      # Returns:
+      #   - ActiveMerchant::Billing::Response object
+      #
+      def commit(request)
+        response = parse(ssl_post(self.live_url, post_data(request)))
+
+        Response.new(response[:ResponseCode] == APPROVED, response[:Message], response,
+          test: test?,
+          authorization: response[:CrossReference],
+          cvv_result: CVV_CODE[response[:AVSCV2Check]],
+          avs_result: { code: AVS_CODE[response[:AVSCV2Check]] })
+      end
+
+      # Put the passed data into a format that can be submitted to PSL
+      # Key=Value&Key=Value...
+      #
+      # Any ampersands and equal signs are removed from the data being posted
+      # as PSL puts them back into the response string which then cannot be parsed.
+      # This is after escaping before sending the request to PSL - this is a work
+      # around for the time being
+      #
+      # Parameters:
+      #   -post: Hash of all the data to be sent
+      #
+      # Returns:
+      #   -String: the data to be sent
+      #
+      def post_data(post)
+        post[:CountryCode] = self.location
+        post[:MerchantID] = @options[:login]
+        post[:ValidityID] = @options[:password]
+        post[:ResponseAction] = RESPONSE_ACTION
+
+        post.collect { |key, value|
+          "#{key}=#{CGI.escape(value.to_s.tr('&=', ' '))}"
+        }.join('&')
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/qbms.rb

@@ -0,0 +1,302 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class QbmsGateway < Gateway
+      API_VERSION = '4.0'
+
+      class_attribute :test_url, :live_url
+
+      self.test_url = 'https://webmerchantaccount.ptc.quickbooks.com/j/AppGateway'
+      self.live_url = 'https://webmerchantaccount.quickbooks.com/j/AppGateway'
+
+      self.homepage_url = 'http://payments.intuit.com/'
+      self.display_name = 'QuickBooks Merchant Services'
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master discover american_express diners_club jcb]
+      self.supported_countries = ['US']
+
+      TYPES = {
+        authorize: 'CustomerCreditCardAuth',
+        capture: 'CustomerCreditCardCapture',
+        purchase: 'CustomerCreditCardCharge',
+        refund: 'CustomerCreditCardTxnVoidOrRefund',
+        void: 'CustomerCreditCardTxnVoid',
+        query: 'MerchantAccountQuery'
+      }
+
+      # Creates a new QbmsGateway
+      #
+      # The gateway requires that a valid app id, app login, and ticket be passed
+      # in the +options+ hash.
+      #
+      # ==== Options
+      #
+      # * <tt>:login</tt> -- The App Login (REQUIRED)
+      # * <tt>:ticket</tt> -- The Connection Ticket. (REQUIRED)
+      # * <tt>:pem</tt> -- The PEM-encoded SSL client key and certificate. (REQUIRED)
+      # * <tt>:test</tt> -- +true+ or +false+. If true, perform transactions against the test server.
+      #   Otherwise, perform transactions against the production server.
+      #
+      def initialize(options = {})
+        requires!(options, :login, :ticket)
+        super
+      end
+
+      # Performs an authorization, which reserves the funds on the customer's credit card, but does not
+      # charge the card.
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be authorized as an Integer value in cents.
+      # * <tt>creditcard</tt> -- The CreditCard details for the transaction.
+      # * <tt>options</tt> -- A hash of optional parameters.
+      #
+      def authorize(money, creditcard, options = {})
+        commit(:authorize, money, options.merge(credit_card: creditcard))
+      end
+
+      # Perform a purchase, which is essentially an authorization and capture in a single operation.
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be purchased as an Integer value in cents.
+      # * <tt>creditcard</tt> -- The CreditCard details for the transaction.
+      # * <tt>options</tt> -- A hash of optional parameters.
+      #
+      def purchase(money, creditcard, options = {})
+        commit(:purchase, money, options.merge(credit_card: creditcard))
+      end
+
+      # Captures the funds from an authorized transaction.
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be captured as an Integer value in cents.
+      # * <tt>authorization</tt> -- The authorization returned from the previous authorize request.
+      #
+      def capture(money, authorization, options = {})
+        commit(:capture, money, options.merge(transaction_id: authorization))
+      end
+
+      # Void a previous transaction
+      #
+      # ==== Parameters
+      #
+      # * <tt>authorization</tt> - The authorization returned from the previous authorize request.
+      #
+      def void(authorization, options = {})
+        commit(:void, nil, options.merge(transaction_id: authorization))
+      end
+
+      # Credit an account.
+      #
+      # This transaction is also referred to as a Refund and indicates to the gateway that
+      # money should flow from the merchant to the customer.
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be credited to the customer as an Integer value in cents.
+      # * <tt>identification</tt> -- The ID of the original transaction against which the credit is being issued.
+      # * <tt>options</tt> -- A hash of parameters.
+      #
+      #
+      def credit(money, identification, options = {})
+        ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
+        refund(money, identification, {})
+      end
+
+      def refund(money, identification, options = {})
+        commit(:refund, money, options.merge(transaction_id: identification))
+      end
+
+      # Query the merchant account status
+      def query
+        commit(:query, nil, {})
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<ConnectionTicket>)[^<]*(</ConnectionTicket>))i, '\1[FILTERED]\2').
+          gsub(%r((<CreditCardNumber>)[^<]*(</CreditCardNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardSecurityCode>)[^<]*(</CardSecurityCode>))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def hosted?
+        @options[:pem]
+      end
+
+      def commit(action, money, parameters)
+        url = test? ? self.test_url : self.live_url
+
+        type = TYPES[action]
+        parameters[:trans_request_id] ||= SecureRandom.hex(10)
+
+        req = build_request(type, money, parameters)
+
+        data = ssl_post(url, req, 'Content-Type' => 'application/x-qbmsxml')
+        response = parse(type, data)
+        message = (response[:status_message] || '').strip
+
+        Response.new(success?(response), message, response,
+          test: test?,
+          authorization: response[:credit_card_trans_id],
+          fraud_review: fraud_review?(response),
+          avs_result: { code: avs_result(response) },
+          cvv_result: cvv_result(response))
+      end
+
+      def success?(response)
+        response[:status_code] == 0
+      end
+
+      def fraud_review?(response)
+        [10100, 10101].member? response[:status_code]
+      end
+
+      def parse(type, body)
+        xml = REXML::Document.new(body)
+
+        signon = REXML::XPath.first(xml, "//SignonMsgsRs/#{hosted? ? 'SignonAppCertRs' : 'SignonDesktopRs'}")
+        status_code = signon.attributes['statusCode'].to_i
+
+        if status_code != 0
+          return {
+            status_code: status_code,
+            status_message: signon.attributes['statusMessage']
+          }
+        end
+
+        response = REXML::XPath.first(xml, "//QBMSXMLMsgsRs/#{type}Rs")
+
+        results = {
+          status_code: response.attributes['statusCode'].to_i,
+          status_message: response.attributes['statusMessage']
+        }
+
+        response.elements.each do |e|
+          name  = e.name.underscore.to_sym
+          value = e.text()
+
+          if old_value = results[name]
+            results[name] = [old_value] if !old_value.kind_of?(Array)
+            results[name] << value
+          else
+            results[name] = value
+          end
+        end
+
+        results
+      end
+
+      def build_request(type, money, parameters = {})
+        xml = Builder::XmlMarkup.new(indent: 0)
+
+        xml.instruct!(:xml, version: '1.0', encoding: 'utf-8')
+        xml.instruct!(:qbmsxml, version: API_VERSION)
+
+        xml.tag!('QBMSXML') do
+          xml.tag!('SignonMsgsRq') do
+            xml.tag!(hosted? ? 'SignonAppCertRq' : 'SignonDesktopRq') do
+              xml.tag!('ClientDateTime', Time.now.xmlschema)
+              xml.tag!('ApplicationLogin', @options[:login])
+              xml.tag!('ConnectionTicket', @options[:ticket])
+            end
+          end
+
+          xml.tag!('QBMSXMLMsgsRq') do
+            xml.tag!("#{type}Rq") do
+              method("build_#{type}").call(xml, money, parameters)
+            end
+          end
+        end
+
+        xml.target!
+      end
+
+      def build_CustomerCreditCardAuth(xml, money, parameters)
+        cc = parameters[:credit_card]
+        name = "#{cc.first_name} #{cc.last_name}"[0...30]
+
+        xml.tag!('TransRequestID', parameters[:trans_request_id])
+        xml.tag!('CreditCardNumber', cc.number)
+        xml.tag!('ExpirationMonth', cc.month)
+        xml.tag!('ExpirationYear', cc.year)
+        xml.tag!('IsECommerce', 'true')
+        xml.tag!('Amount', amount(money))
+        xml.tag!('NameOnCard', name)
+        add_address(xml, parameters)
+        xml.tag!('CardSecurityCode', cc.verification_value) if cc.verification_value?
+      end
+
+      def build_CustomerCreditCardCapture(xml, money, parameters)
+        xml.tag!('TransRequestID', parameters[:trans_request_id])
+        xml.tag!('CreditCardTransID', parameters[:transaction_id])
+        xml.tag!('Amount', amount(money))
+      end
+
+      def build_CustomerCreditCardCharge(xml, money, parameters)
+        cc = parameters[:credit_card]
+        name = "#{cc.first_name} #{cc.last_name}"[0...30]
+
+        xml.tag!('TransRequestID', parameters[:trans_request_id])
+        xml.tag!('CreditCardNumber', cc.number)
+        xml.tag!('ExpirationMonth', cc.month)
+        xml.tag!('ExpirationYear', cc.year)
+        xml.tag!('IsECommerce', 'true')
+        xml.tag!('Amount', amount(money))
+        xml.tag!('NameOnCard', name)
+        add_address(xml, parameters)
+        xml.tag!('CardSecurityCode', cc.verification_value) if cc.verification_value?
+      end
+
+      def build_CustomerCreditCardTxnVoidOrRefund(xml, money, parameters)
+        xml.tag!('TransRequestID', parameters[:trans_request_id])
+        xml.tag!('CreditCardTransID', parameters[:transaction_id])
+        xml.tag!('Amount', amount(money))
+      end
+
+      def build_CustomerCreditCardTxnVoid(xml, money, parameters)
+        xml.tag!('TransRequestID', parameters[:trans_request_id])
+        xml.tag!('CreditCardTransID', parameters[:transaction_id])
+      end
+
+      # Called reflectively by build_request
+      def build_MerchantAccountQuery(xml, money, parameters)
+      end
+
+      def add_address(xml, parameters)
+        if address = parameters[:billing_address] || parameters[:address]
+          xml.tag!('CreditCardAddress', (address[:address1] || '')[0...30])
+          xml.tag!('CreditCardPostalCode', (address[:zip] || '')[0...9])
+        end
+      end
+
+      def cvv_result(response)
+        case response[:card_security_code_match]
+        when 'Pass'         then 'M'
+        when 'Fail'         then 'N'
+        when 'NotAvailable' then 'P'
+        end
+      end
+
+      def avs_result(response)
+        case "#{response[:avs_street]}|#{response[:avs_zip]}"
+        when 'Pass|Pass'                 then 'D'
+        when 'Pass|Fail'                 then 'A'
+        when 'Pass|NotAvailable'         then 'B'
+        when 'Fail|Pass'                 then 'Z'
+        when 'Fail|Fail'                 then 'C'
+        when 'Fail|NotAvailable'         then 'N'
+        when 'NotAvailable|Pass'         then 'P'
+        when 'NotAvailable|Fail'         then 'N'
+        when 'NotAvailable|NotAvailable' then 'U'
+        end
+      end
+    end
+  end
+end