authorizenet 1.9.4 → 2.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: fdc6b7f7d2066705389a3e6de82342122e5f0269
-  data.tar.gz: af3dfb28bfd9821e610a811464970066b7c6fcb4
+SHA256:
+  metadata.gz: 97d213dfc079edcb493e06b538e45ea48b7109dcc8a9ee0048c19a37f810b677
+  data.tar.gz: 384c4b78ca409bd61f0b19dd7aa0291ec26a47e5687fc68a6e5938e620cc8b4d
 SHA512:
-  metadata.gz: a3c1047f8a572d31cf9798f2343043c85a8913abb42e24117253d052c79fbd03174f33f8b343be732685f8bdfaa4bf0bb457a1cce3bd62270b0b432fae07eb2d
-  data.tar.gz: 4ce68ca0f15b4a0304541927ba010bc7e5373c8acef649cca9356bcded77a55aa47bfab552ddf1c8c2299c13547393116b75a0cd5e47fac0bbfa8e1b6d5be617
+  metadata.gz: e08e6c0a987090ffd06ba7abfa855bee01fb1d6dedbef668a78c106a0bac0a4fdf6da2ec733f2882d8fd276caac87aaf2fcbad0a414c238e72fff6e3aa49b1b3
+  data.tar.gz: 6f774b50617975905fda052796d92f0c00c576d48e4b446183c3c5f4ed99433bbd8b2eab8082ee13988aee9d598901b8f12dec5f05269c3d02d7a88cf8011129

data/lib/app/helpers/authorize_net_helper.rb

@@ -1,13 +1,12 @@
 # The Authorize.Net Rails Helper module. Provides methods to assist with integrating the various APIs.
 
 module AuthorizeNetHelper
-  
   # Generates a collection of hidden form fields (as a raw HTML string) for a AuthorizeNet::SIM::Transaction
   # (sim_transaction). You can specify any html_options that hidden_field_tag accepts, and the
   # hidden fields will be built with those options.
   def sim_fields(sim_transaction, html_options = {})
     fields = sim_transaction.form_fields.collect do |k, v|
-      if v.kind_of? Array
+      if v.is_a? Array
         v.collect { |val| hidden_field_tag(k, val, html_options) }
       else
         hidden_field_tag(k, v, html_options)
@@ -21,4 +20,4 @@ module AuthorizeNetHelper
       return field_str
     end
   end
-end
+end

data/lib/authorize_net.rb

@@ -2,7 +2,7 @@
 # the current runtime to see if Rails is present. If it is, we inject our helper into
 # ActiveSupport.
 
-#coverall
+# coverall
 # require 'coveralls'
 # Coveralls.wear!
 
@@ -16,78 +16,33 @@ require 'date'
 
 # TODO: Add local data validation where possible
 
-$:.unshift File.dirname(__FILE__)
+$LOAD_PATH.unshift File.dirname(__FILE__)
 
 require "authorize_net/authorize_net"
-require "authorize_net/payment_methods/credit_card"
-require "authorize_net/payment_methods/echeck"
-require "authorize_net/addresses/address"
-require "authorize_net/addresses/shipping_address"
-require "authorize_net/customer"
-require "authorize_net/email_receipt"
-require "authorize_net/order"
-require "authorize_net/line_item"
-require "authorize_net/cim/payment_profile"
-require "authorize_net/cim/customer_profile"
-require "authorize_net/reporting/batch"
-require "authorize_net/reporting/batch_statistics"
-require "authorize_net/reporting/transaction_details"
-require "authorize_net/reporting/fds_filter"
-require "authorize_net/reporting/returned_item"
+# require "authorize_net/customer"
+# require "authorize_net/email_receipt"
+# require "authorize_net/order"
+# require "authorize_net/line_item"
 require "authorize_net/response"
-require "authorize_net/key_value_response"
+# require "authorize_net/key_value_response"
 require "authorize_net/xml_response"
 require "authorize_net/transaction"
-require "authorize_net/key_value_transaction"
+# require "authorize_net/key_value_transaction"
 require "authorize_net/xml_transaction"
-require "authorize_net/fields"
-
-# AIM
-
-require "authorize_net/aim/transaction"
-require "authorize_net/aim/response"
 
 # API
 require "authorize_net/api/schema"
 require "authorize_net/api/api_transaction"
 require "authorize_net/api/transaction"
 
-# SIM
-
-require "authorize_net/sim/hosted_payment_form"
-require "authorize_net/sim/hosted_receipt_page"
-require "authorize_net/sim/transaction"
-require "authorize_net/sim/response"
-
-# ARB
-
-require "authorize_net/arb/paging"
-require "authorize_net/arb/sorting"
-require "authorize_net/arb/subscription_list_response"
-require "authorize_net/arb/subscription_detail"
-require "authorize_net/arb/fields"
-require "authorize_net/arb/subscription"
-require "authorize_net/arb/response"
-require "authorize_net/arb/transaction"
-
-# CIM
-
-require "authorize_net/cim/response"
-require "authorize_net/cim/transaction"
-
-# Reporting
-
-require "authorize_net/reporting/response"
-require "authorize_net/reporting/transaction"
-
 # Load our Rails plugin
 
 if defined?(Rails)
   if defined?(Rails::Railtie)
     module AuthorizeNet
       class Railtie < Rails::Railtie
-        initializer "authorize_net.load_path_initialize" do |app|
-          %w{ models controllers helpers }.each do |dir|
+        initializer "authorize_net.load_path_initialize" do |_app|
+          %w[models controllers helpers].each do |dir|
             path = File.join(File.dirname(__FILE__), 'app', dir)
             $LOAD_PATH << path
             ActiveSupport::Dependencies.autoload_paths << path
@@ -97,7 +52,7 @@ if defined?(Rails)
       end
     end
   else
-    %w{ models controllers helpers }.each do |dir|
+    %w[models controllers helpers].each do |dir|
       path = File.join(File.dirname(__FILE__), 'app', dir)
       $LOAD_PATH << path
       ActiveSupport::Dependencies.load_paths << path

data/lib/authorize_net/api/LogHelper.rb

@@ -0,0 +1,97 @@
+require 'logger'
+require 'yaml'
+require File.join File.dirname(__FILE__), 'SensitiveDataFilter'
+
+module AuthorizeNet::API
+class Log
+    @@shouldLog = false
+    @@loglevels = ['debug','info','warn','error']
+    def initialize()
+        begin	
+	    filepath = './LogConfig.yml'
+	    if(File.file?(filepath))
+		cnf = YAML::load(File.open(filepath))
+		if(@@loglevels.include? cnf['loglevel'].downcase)
+			@@shouldLog = true
+			@logger = Logger.new(cnf['filepath'])
+			@logger.level = LogLevelMapper(cnf['loglevel'].downcase)
+			if(cnf['maskSensitiveData'])
+		            @logger.formatter = SensitiveDataFilter.new 
+			else
+      			      constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
+			      @logger.formatter = proc do |severity, datetime, progname, msg|
+			      progname = constants['clientId']
+		              date_format = datetime.strftime("%Y-%m-%d %H:%M:%S")
+			      if severity == "INFO" or severity == "WARN"
+			      "[#{date_format}] #{severity}  (#{progname}): #{msg}\n"
+			      else        
+			      "[#{date_format}] #{severity} (#{progname}): #{msg}\n"
+			      end
+			   end
+			end
+		else
+		    raise "Invalid log levels"
+		end
+	    else
+		@@shouldLog = false
+	    end
+	rescue
+       		@@shouldLog = false
+	end
+    end
+    def debug(message)
+	if(@@shouldLog)
+             begin
+		@logger.debug message
+             rescue Exception => ex
+                ex
+             end
+	end
+    end
+    def info(message)
+	if(@@shouldLog)
+             begin 
+		@logger.info message
+             rescue Exception => ex
+                ex
+             end 
+	end
+    end
+    def warn(message)
+	if(@@shouldLog)
+             begin
+		@logger.warn message
+             rescue Exception => ex
+                ex
+             end
+	end
+    end
+    def error(message)
+	if(@@shouldLog)
+             begin
+		@logger.error message
+             rescue Exception => ex
+                ex
+             end
+	end
+    end
+    def LogLevelMapper(loglevel)
+	case loglevel
+       	when 'debug'
+			Logger::DEBUG
+		when 'info'
+			Logger::INFO
+		when 'warn'
+			Logger::WARN
+		when 'error'
+			Logger::ERROR
+		end
+    end
+end
+
+class LogHelper
+   def self.log
+      Log.new
+   end
+end
+end

data/lib/authorize_net/api/SensitiveDataFilter.rb

@@ -0,0 +1,92 @@
+require 'logger'
+
+module AuthorizeNet::API
+class SensitiveTag
+	attr_accessor :tagName, :pattern, :replacement, :disableMask
+	def initialize(tagName, pattern, replacement, disableMask)
+		@tagName = tagName
+		@pattern = pattern
+		@replacement = replacement
+		@disableMask = disableMask
+	end
+end
+
+class SensitiveDataConfigType
+	attr_accessor :sensitiveTags, :sensitiveStringRegexes
+	def initialize
+	@sensitiveTags = Array.new([SensitiveTag.new("cardCode", "", "XXX", false),
+		      SensitiveTag.new("cardNumber", "(\\p{N}+)(\\p{N}{4})", "XXXX-\\2", false), 
+		      SensitiveTag.new("expirationDate", "", "XXX", false),
+		      SensitiveTag.new("accountNumber", "(\\p{N}+)(\\p{N}{4})", "XXXX-\\2", false),
+		      SensitiveTag.new("nameOnAccount", "", "XXX", false),
+		      SensitiveTag.new("transactionKey", "", "XXX", false)]).freeze
+	@sensitiveStringRegexes = ["4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+			          "4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
+            			  "5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+		                  "6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+		                  "35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+		                  "3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"].freeze
+	end
+end
+
+class SensitiveDataFilter < Logger::Formatter
+        @@sensitiveTagConfig = nil
+	@@tagPatterns = nil
+	@@tagReplacements = nil
+	@@cardPatterns = nil
+
+        def initialize
+	    @@sensitiveTagConfig = SensitiveDataConfigType.new
+	    @@cardPatterns       = @@sensitiveTagConfig.sensitiveStringRegexes
+            @@tagPatterns        = Array.new(@@sensitiveTagConfig.sensitiveStringRegexes.length)
+	    @@tagReplacements    = Array.new(@@sensitiveTagConfig.sensitiveTags.length)
+
+	    @@sensitiveTagConfig.sensitiveTags.each_with_index do |sensitiveTag, index|
+	    tagName = sensitiveTag.tagName
+	    replacement = sensitiveTag.replacement
+
+		    if sensitiveTag.pattern.nil? || sensitiveTag.pattern.empty?
+	  	       pattern = "(.*)"
+		    else
+		       pattern = sensitiveTag.pattern
+		    end
+
+	    @@tagPatterns[index] = "<"+tagName+">"+pattern+"</"+tagName+">"
+	    @@tagReplacements[index] = "<"+tagName+">"+replacement+"</"+tagName+">"
+	    end
+        end
+
+        def call(severity, time, progname, msg)
+            xmlMaskedLog = maskSensitiveXmlString(msg)
+            ccMasked = maskCreditCards(xmlMaskedLog)
+	    return formatLogEntry(severity, time, progname, ccMasked)
+        end
+
+        def maskCreditCards(input)
+	    input = input.force_encoding("UTF-8")
+	    @@cardPatterns.each {|cardNumberRegex| 
+	    input = input.gsub(/#{cardNumberRegex}/, "XXX")
+	    }
+            return input
+        end
+
+	def maskSensitiveXmlString(input)
+	    input = input.force_encoding("UTF-8")
+            @@tagPatterns.each_with_index do |item, index| 
+		 input = input.gsub(/#{item}/,@@tagReplacements[index])
+            end
+            return input
+	end
+
+	def formatLogEntry(severity, time, progname, msg)
+              constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
+	      progname = constants['clientId']
+              date_format = time.strftime("%Y-%m-%d %H:%M:%S")
+	      if severity == "INFO" or severity == "WARN"
+	      "[#{date_format}] #{severity}  (#{progname}): #{msg}\n"
+	      else        
+	      "[#{date_format}] #{severity} (#{progname}): #{msg}\n"
+	      end
+        end
+end
+end

data/lib/authorize_net/api/api_transaction.rb

@@ -1,105 +1,110 @@
+require File.join File.dirname(__FILE__), 'LogHelper'
+
 module AuthorizeNet::API
   class ApiTransaction < AuthorizeNet::XmlTransaction
-    
     module Type
-      API_CREATE_TRANSACTION = "createTransactionRequest"
-      API_UPDATE_SPLIT_TENDER_GROUP = "updateSplitTenderGroupRequest"
-
-      API_CREATE_SUBSCRIPTION = "ARBCreateSubscriptionRequest"
-      API_UPDATE_SUBSCRIPTION = "ARBUpdateSubscriptionRequest"
-      API_CANCEL_SUBSCRIPTION = "ARBCancelSubscriptionRequest"
-      API_GET_SUBSCRIPTION_STATUS = "ARBGetSubscriptionStatusRequest"
-      API_GET_SUBSCRIPTION_LIST = "ARBGetSubscriptionListRequest"
-
-      API_GET_CUSTOMER_PROFILE_IDS = "getCustomerProfileIdsRequest"
-
-      API_CREATE_CUSTOMER_PROFILE = "createCustomerProfileRequest"
-      API_GET_CUSTOMER_PROFILE = "getCustomerProfileRequest"
-      API_UPDATE_CUSTOMER_PROFILE = "updateCustomerProfileRequest"
-      API_DELETE_CUSTOMER_PROFILE = "deleteCustomerProfileRequest"
-
-      API_CREATE_CUSTOMER_PAYMENT_PROFILE = "createCustomerPaymentProfileRequest"
-      API_GET_CUSTOMER_PAYMENT_PROFILE = "getCustomerPaymentProfileRequest"
-      API_UPDATE_CUSTOMER_PAYMENT_PROFILE = "updateCustomerPaymentProfileRequest"
-      API_VALIDATE_CUSTOMER_PAYMENT_PROFILE = "validateCustomerPaymentProfileRequest"
-      API_DELETE_CUSTOMER_PAYMENT_PROFILE = "deleteCustomerPaymentProfileRequest"
-
-      API_CREATE_CUSTOMER_SHIPPING_PROFILE = "createCustomerShippingAddressRequest"
-      API_GET_CUSTOMER_SHIPPING_PROFILE = "getCustomerShippingAddressRequest"
-      API_UPDATE_CUSTOMER_SHIPPING_PROFILE = "updateCustomerShippingAddressRequest"
-      API_DELETE_CUSTOMER_SHIPPING_PROFILE = "deleteCustomerShippingAddressRequest"
-
-      API_CREATE_CUSTOMER_PROFILE_FROM_TRANSACTION = "createCustomerProfileFromTransactionRequest"
-
-      API_GET_SETTLED_BATCH_LIST = "getSettledBatchListRequest"
-      API_GET_TRANSACTION_LIST = "getTransactionListRequest"
-      API_GET_TRANSACTION_DETAILS = "getTransactionDetailsRequest"
-      API_GET_UNSETTLED_TRANSACTION_LIST = "getUnsettledTransactionListRequest"
-      API_GET_BATCH_STATISTICS = "getBatchStatisticsRequest"
-	  API_GET_TRANSACTION_LIST_FOR_CUSTOMER = "getTransactionListForCustomerRequest"
-	  
-      API_GET_HOSTED_PROFILE_PAGE = "getHostedProfilePageRequest"
-
-
-      API_DECRYPT_PAYMENT_DATA = "decryptPaymentDataRequest"
-      API_AUTHENTICATE_TEST_REQUEST = "authenticateTestRequest"
-      
-      API_GET_CUSTOMER_PAYMENT_PROFILE_LIST = "getCustomerPaymentProfileListRequest"
-      
-      API_ARB_GET_SUBSCRIPTION_REQUEST = "ARBGetSubscriptionRequest"
-
-      API_GET_MERCHANT_DETAILS = "getMerchantDetailsRequest"
-      API_GET_HOSTED_PAYMENT_PAGE = "getHostedPaymentPageRequest"
-      API_UDPATE_HELD_TRANSACTION = "updateHeldTransactionRequest"
-      API_UPDATE_MERCHANT_DETAILS = "updateMerchantDetailsRequest"
+      API_CREATE_TRANSACTION = "createTransactionRequest".freeze
+      API_UPDATE_SPLIT_TENDER_GROUP = "updateSplitTenderGroupRequest".freeze
+
+      API_CREATE_SUBSCRIPTION = "ARBCreateSubscriptionRequest".freeze
+      API_UPDATE_SUBSCRIPTION = "ARBUpdateSubscriptionRequest".freeze
+      API_CANCEL_SUBSCRIPTION = "ARBCancelSubscriptionRequest".freeze
+      API_GET_SUBSCRIPTION_STATUS = "ARBGetSubscriptionStatusRequest".freeze
+      API_GET_SUBSCRIPTION_LIST = "ARBGetSubscriptionListRequest".freeze
+
+      API_GET_CUSTOMER_PROFILE_IDS = "getCustomerProfileIdsRequest".freeze
+
+      API_CREATE_CUSTOMER_PROFILE = "createCustomerProfileRequest".freeze
+      API_GET_CUSTOMER_PROFILE = "getCustomerProfileRequest".freeze
+      API_UPDATE_CUSTOMER_PROFILE = "updateCustomerProfileRequest".freeze
+      API_DELETE_CUSTOMER_PROFILE = "deleteCustomerProfileRequest".freeze
+
+      API_CREATE_CUSTOMER_PAYMENT_PROFILE = "createCustomerPaymentProfileRequest".freeze
+      API_GET_CUSTOMER_PAYMENT_PROFILE = "getCustomerPaymentProfileRequest".freeze
+      API_UPDATE_CUSTOMER_PAYMENT_PROFILE = "updateCustomerPaymentProfileRequest".freeze
+      API_VALIDATE_CUSTOMER_PAYMENT_PROFILE = "validateCustomerPaymentProfileRequest".freeze
+      API_DELETE_CUSTOMER_PAYMENT_PROFILE = "deleteCustomerPaymentProfileRequest".freeze
+
+      API_CREATE_CUSTOMER_SHIPPING_PROFILE = "createCustomerShippingAddressRequest".freeze
+      API_GET_CUSTOMER_SHIPPING_PROFILE = "getCustomerShippingAddressRequest".freeze
+      API_UPDATE_CUSTOMER_SHIPPING_PROFILE = "updateCustomerShippingAddressRequest".freeze
+      API_DELETE_CUSTOMER_SHIPPING_PROFILE = "deleteCustomerShippingAddressRequest".freeze
+
+      API_CREATE_CUSTOMER_PROFILE_FROM_TRANSACTION = "createCustomerProfileFromTransactionRequest".freeze
+
+      API_GET_SETTLED_BATCH_LIST = "getSettledBatchListRequest".freeze
+      API_GET_TRANSACTION_LIST = "getTransactionListRequest".freeze
+      API_GET_TRANSACTION_DETAILS = "getTransactionDetailsRequest".freeze
+      API_GET_UNSETTLED_TRANSACTION_LIST = "getUnsettledTransactionListRequest".freeze
+      API_GET_BATCH_STATISTICS = "getBatchStatisticsRequest".freeze
+      API_GET_TRANSACTION_LIST_FOR_CUSTOMER = "getTransactionListForCustomerRequest".freeze
+
+      API_GET_HOSTED_PROFILE_PAGE = "getHostedProfilePageRequest".freeze
+
+      API_DECRYPT_PAYMENT_DATA = "decryptPaymentDataRequest".freeze
+      API_AUTHENTICATE_TEST_REQUEST = "authenticateTestRequest".freeze
+
+      API_GET_CUSTOMER_PAYMENT_PROFILE_LIST = "getCustomerPaymentProfileListRequest".freeze
+
+      API_ARB_GET_SUBSCRIPTION_REQUEST = "ARBGetSubscriptionRequest".freeze
 
+      API_GET_MERCHANT_DETAILS = "getMerchantDetailsRequest".freeze
+      API_GET_HOSTED_PAYMENT_PAGE = "getHostedPaymentPageRequest".freeze
+      API_UDPATE_HELD_TRANSACTION = "updateHeldTransactionRequest".freeze
+      API_UPDATE_MERCHANT_DETAILS = "updateMerchantDetailsRequest".freeze
+      API_GET_CUSTOMER_PAYMENT_PROFILE_NONCE = "getCustomerPaymentProfileNonceRequest".freeze
+     
     end
-    
+
     def initialize(api_login_id = nil, api_transaction_key = nil, options = {})
-       super
-    end
-	
-    def setOAuthOptions()
-	   super
-	end
-	
-    def make_request(request,responseClass,type)
-	 setOAuthOptions()
-	 unless responseClass.nil? or request.nil?
-       begin
-        @xml = serialize(request,type)
-        respXml = send_request(@xml)
-        @response = deserialize(respXml.body,responseClass) 
-       rescue Exception => ex  
-          ex  
-       end 
-     end
+      super
     end
+
+    def setOAuthOptions
+      super
+  end
     
-    def serialize(object,type)
+    def make_request(request, responseClass, type)
+      setOAuthOptions
+      unless responseClass.nil? || request.nil?
+        begin
+          @xml = serialize(request, type)
+          LogHelper.log.debug(@xml)
+          respXml = send_request(@xml)
+          @response = deserialize(respXml.body, responseClass)
+          LogHelper.log.debug(respXml.body)
+	  return @response
+        rescue Exception => ex
+	     LogHelper.log.error(ex.message)
+	     ex.backtrace.each {|line| LogHelper.log.error(line)}
+          ex
+        end
+        end
+    end
+
+    def serialize(object, type)
       doc = Nokogiri::XML::Document.new
       doc.root = object.to_xml
       constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
       clientId = constants['clientId']
 
-      builder = Nokogiri::XML::Builder.new(:encoding => 'utf-8') do |x|
-        x.send(type.to_sym, :xmlns => XML_NAMESPACE) {
-          x.merchantAuthentication {
-			if !@access_token.blank?
-				x.accessToken @access_token
-			end
-			if !@api_login_id.blank? || (@access_token.blank? && @api_login_id.blank?)
-				x.name @api_login_id
-				x.transactionKey @api_transaction_key
-			end
-            }
+      builder = Nokogiri::XML::Builder.new(encoding: 'utf-8') do |x|
+        x.send(type.to_sym, xmlns: XML_NAMESPACE) do
+          x.merchantAuthentication do
+            x.accessToken @access_token unless @access_token.blank?
+            if !@api_login_id.blank? || (@access_token.blank? && @api_login_id.blank?)
+              x.name @api_login_id
+              x.transactionKey @api_transaction_key
+            end
+          end
           x.clientId clientId
-         x.send:insert, doc.root.element_children
-      }
+          x.send :insert, doc.root.element_children
+        end
       end
-      builder.to_xml 
+      builder.to_xml
     end
-    
+
+
     def send_request(xml)
       url = URI.parse(@gateway)
 
@@ -113,11 +118,11 @@ module AuthorizeNet::API
       else
         connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
-      
-      response = connection.start {|http| http.request(httpRequest)}
+
+      response = connection.start { |http| http.request(httpRequest) }
     end
-    
-    def deserialize(xml,responseClass)
+
+    def deserialize(xml, responseClass)
       responseClass.from_xml(xml)
     end
   end