authorize_net 0.0.3 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 25131b6aba3bdd77249b7c79294ae7a0016cba76
4
- data.tar.gz: 1a66aeec86f8ff7e6f2396ece8f27b1034fad314
3
+ metadata.gz: 2f6bd562739bb8e06f0f8bce4b17e9bb6f455236
4
+ data.tar.gz: c1354c19a0c83fdd2bc514427c5a90347f132e7f
5
5
  SHA512:
6
- metadata.gz: 33541d2b9b109398bfecbdc1635b5362a4dcb347bcfca77a6ce876dcce587ca916e2dce93208117489bedd0bf2be77789a97c43d07976c1057c6b10d7deb300f
7
- data.tar.gz: 6cf8ec0d218442015876e7ee7fc8d70be1d2871646b446308789aad7d00e7a40aeb3a40abb9e30d6831068cfe12fd72b667d1408b5bf9cb1060103498690b164
6
+ metadata.gz: 2ae07841af1a1587e311fcccf3c5a7101cc32c17fe1419b71869b929cd05ca15f1f21bfcb4359344aa066fe9c1c0c77463ca69b25edd6cc9211f74af6723b327
7
+ data.tar.gz: e6ab0deb8c4b96a64b44491d935436aa076dd38210f1c1003a8270b9f74685cfeec51c7f8f192b37e4ca3fa54f151a915bbfa10a1b6798534cb90c1135417cb2
@@ -1,4 +1,5 @@
1
1
  require 'nokogiri'
2
+ require 'openssl'
2
3
 
3
4
  # ===============================================================
4
5
  # This class uses the AuthroizeRequest object to interact with
@@ -8,10 +9,11 @@ require 'nokogiri'
8
9
  # ===============================================================
9
10
  class AuthorizeNet::Api
10
11
 
11
- def initialize(api_login_id, api_transaction_key, is_test_api)
12
+ def initialize(api_login_id, api_transaction_key, options={})
12
13
  @api_login_id = api_login_id
13
14
  @api_transaction_key = api_transaction_key
14
- @is_test_api = is_test_api
15
+ @is_sandbox = options[:sandbox]
16
+ @md5_hash = options[:md5_hash]
15
17
  @logger = nil
16
18
  @log_full_request = false
17
19
  end
@@ -45,6 +47,7 @@ class AuthorizeNet::Api
45
47
  end
46
48
 
47
49
  response = sendRequest("createTransactionRequest", xml_obj)
50
+ validate_hash(response, amount, use_api_login: true)
48
51
  if !response.nil?
49
52
  return AuthorizeNet::Transaction.parse(response)
50
53
  end
@@ -77,12 +80,12 @@ class AuthorizeNet::Api
77
80
  "id" => customer_profile.merchant_id,
78
81
  "email" => customer_profile.email,
79
82
  "description" => customer_profile.description,
80
- "billTo" => payment_profile.billing_address.to_h,
81
83
  },
84
+ "billTo" => payment_profile.billing_address.to_h,
82
85
  }
83
86
 
84
87
  response = sendRequest("createTransactionRequest", xml_obj)
85
-
88
+ validate_hash(response, amount, use_api_login: true)
86
89
  if !response.nil?
87
90
  return {
88
91
  :transaction => AuthorizeNet::Transaction.parse(response),
@@ -115,6 +118,7 @@ class AuthorizeNet::Api
115
118
  }
116
119
 
117
120
  response = sendRequest("createTransactionRequest", xml_obj)
121
+ validate_hash(response, amount, use_api_login: false)
118
122
  if !response.nil?
119
123
  return AuthorizeNet::Transaction.parse(response)
120
124
  end
@@ -270,13 +274,46 @@ class AuthorizeNet::Api
270
274
  end
271
275
  end
272
276
 
277
+ # =============================================
278
+ # Validates that the returned transaction hash
279
+ # value is what we expect it to be
280
+ #
281
+ # @throws AuthorizeNet::Exception
282
+ # =============================================
283
+ def validate_hash(response_xml, amount, options={})
284
+ if @md5_hash.nil?
285
+ return
286
+ end
287
+
288
+ digest = OpenSSL::Digest.new('md5')
289
+ transaction_id = AuthorizeNet::Util.getXmlValue(response_xml, "transId")
290
+ trans_hash = AuthorizeNet::Util.getXmlValue(response_xml, "transHash").downcase
291
+ formatted_amount = "%.2f" % amount
292
+
293
+ if options[:use_api_login]
294
+ calculated_hash = digest.hexdigest("#{@md5_hash}#{@api_login_id}#{transaction_id}#{formatted_amount}")
295
+ else
296
+ calculated_hash = digest.hexdigest("#{@md5_hash}#{transaction_id}#{formatted_amount}")
297
+ end
298
+
299
+ if calculated_hash != trans_hash
300
+ if @logger.respond_to? :error
301
+ @logger.error("[AuthorizeNet] Response Transaction Hash doesn't equal expected value. trans_hash=#{trans_hash} calculated_hash=#{calculated_hash}")
302
+ end
303
+
304
+ e = AuthorizeNet::Exception.new("[AuthorizeNet] Returned hash doesn't match expected value.")
305
+ e.errors.push({:text => "Something went wrong. Please contact customer assistance or try again later"})
306
+ raise e
307
+ end
308
+ end
309
+
273
310
  # =============================================
274
311
  # Send HTTP request to Authorize Net
275
312
  # @param Net::HTTPResponse
276
313
  # @return response
277
314
  # =============================================
278
315
  def sendRequest(type, xml_obj)
279
- uri = @is_test_api ? AuthorizeNet::TEST_URI : AuthorizeNet::URI
316
+ uri = @is_sandbox ? AuthorizeNet::TEST_URI : AuthorizeNet::URI
280
317
  request = AuthorizeNet::Request.new(type, xml_obj, uri)
281
318
 
282
319
  if @logger.respond_to? :info
@@ -5,8 +5,8 @@ class AuthorizeNet::Exception < Exception
5
5
  attr_accessor :message
6
6
  attr_accessor :errors
7
7
 
8
- def initialize
9
- @message = GENERIC_ERROR_MESSAGE
8
+ def initialize(message=GENERIC_ERROR_MESSAGE)
9
+ @message = message
10
10
  @errors = []
11
11
  end
12
12
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authorize_net
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Avenir Interactive LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-03-11 00:00:00.000000000 Z
11
+ date: 2016-04-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -70,7 +70,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
70
70
  version: '0'
71
71
  requirements: []
72
72
  rubyforge_project:
73
- rubygems_version: 2.5.2
73
+ rubygems_version: 2.6.3
74
74
  signing_key:
75
75
  specification_version: 4
76
76
  summary: API interface for Authorize.net payment gateway