better_offsite_payments 2.3.0

data/lib/offsite_payments/integrations/first_data.rb

@@ -0,0 +1,133 @@
+module OffsitePayments #:nodoc:
+  module Integrations #:nodoc:
+    module FirstData
+      # Overwrite this if you want to change the ANS test url
+      mattr_accessor :test_url
+      self.test_url = 'https://demo.globalgatewaye4.firstdata.com/payment'
+
+      # Overwrite this if you want to change the ANS production url
+      mattr_accessor :production_url
+      self.production_url = 'https://checkout.globalgatewaye4.firstdata.com/payment'
+
+      def self.service_url
+        mode = OffsitePayments.mode
+        case mode
+        when :production
+          self.production_url
+        when :test
+          self.test_url
+        else
+          raise StandardError, "Integration mode set to an invalid value: #{mode}"
+        end
+      end
+
+      def self.notification(post)
+        Notification.new(post)
+      end
+
+      def self.return(query_string)
+        Return.new(query_string)
+      end
+
+      # First Data payment pages emulates the Authorize.Net SIM API. See
+      # OffsitePayments::Integrations::AuthorizeNetSim::Helper for
+      # more details.
+      #
+      # An example. Note the username as a parameter and transaction key you
+      # will want to use later.
+      #
+      #  payment_service_for('order_id', 'first_data_payment_page_id', :service => :first_data,  :amount => 157.0) do |service|
+      #
+      #    # You must call setup_hash and invoice
+      #
+      #    service.setup_hash :transaction_key => '8CP6zJ7uD875J6tY',
+      #        :order_timestamp => 1206836763
+      #    service.customer_id 8
+      #    service.customer :first_name => 'g',
+      #                       :last_name => 'g',
+      #                       :email => 'g@g.com',
+      #                       :phone => '3'
+      #   service.billing_address :zip => 'g',
+      #                   :country => 'United States of America',
+      #                   :address => 'g'
+      #
+      #   service.ship_to_address :first_name => 'g',
+      #                            :last_name => 'g',
+      #                            :city => '',
+      #                            :address => 'g',
+      #                            :address2 => '',
+      #                            :state => address.state,
+      #                            :country => 'United States of America',
+      #                            :zip => 'g'
+      #
+      #   service.invoice "516428355" # your invoice number
+      #   # The end-user is presented with the HTML produced by the notify_url
+      #   # (using the First Data Receipt Link feature).
+      #   service.return_url "http://mysite/first_data_receipt_generator_page"
+      #   service.payment_header 'My store name'
+      #   service.add_line_item :name => 'item name', :quantity => 1, :unit_price => 0
+      #   service.test_request 'true' # only if it's just a test
+      #   service.shipping '25.0'
+      #   # Tell it to display a "0" line item for shipping, with the price in
+      #   # the name, otherwise it isn't shown at all, leaving the end user to
+      #   # wonder why the total is different than the sum of the line items.
+      #   service.add_shipping_as_line_item
+      #   server.add_tax_as_line_item # same with tax
+      #   # See the helper.rb file for various custom fields
+      # end
+      class Helper < OffsitePayments::Integrations::AuthorizeNetSim::Helper
+        # Configure notify_url to use the "Relay Response" feature
+        mapping :notify_url, 'x_relay_url'
+
+        # Configure return_url to use the "Receipt Link" feature
+        mapping :return_url, 'x_receipt_link_url'
+      end
+
+      # First Data payment pages emulates the Authorize.Net SIM API. See
+      # OffsitePayments::Integrations::FirstData::Notification for
+      # more details.
+      #
+      # # Example:
+      # parser = FirstData::Notification.new(request.raw_post)
+      # passed = parser.complete?
+      #
+      # order = Order.find_by_order_number(parser.invoice_num)
+      #
+      # unless order
+      #   @message = 'Error--unable to find your transaction! Please contact us directly.'
+      #   return render :partial => 'first_data_payment_response'
+      # end
+      #
+      # if order.total != parser.gross.to_f
+      #   logger.error "First Data said they paid for #{parser.gross} and it should have been #{order.total}!"
+      #   passed = false
+      # end
+      #
+      # # Theoretically, First Data will *never* pass us the same transaction
+      # # ID twice, but we can double check that... by using
+      # # parser.transaction_id, and checking against previous orders' transaction
+      # # id's (which you can save when the order is completed)....
+      # unless parser.acknowledge FIRST_DATA_TRANSACTION_KEY, FIRST_DATA_RESPONSE_KEY
+      #  passed = false
+      #  logger.error "ALERT POSSIBLE FRAUD ATTEMPT"
+      # end
+      #
+      # unless parser.cavv_matches? and parser.avs_code_matches?
+      #   logger.error 'Warning--non matching CC!' + params.inspect
+      #   # Could fail them here, as well (recommended)...
+      # end
+      #
+      # if passed
+      #  # Set up your session, and render something that will redirect them to
+      #  # your site, most likely.
+      # else
+      #  # Render failure or redirect them to your site where you will render failure
+      # end
+      class Notification < OffsitePayments::Integrations::AuthorizeNetSim::Notification
+        def acknowledge(response_key, payment_page_id)
+          Digest::MD5.hexdigest(response_key + payment_page_id + params['x_trans_id'] + sprintf('%.2f', gross)) == params['x_MD5_Hash'].downcase
+        end
+      end
+    end
+  end
+end

data/lib/offsite_payments/integrations/gestpay.rb

@@ -0,0 +1,205 @@
+# With help from Giovanni Intini and his code for RGestPay - http://medlar.it/it/progetti/rgestpay
+
+module OffsitePayments #:nodoc:
+  module Integrations #:nodoc:
+    module Gestpay
+      mattr_accessor :service_url
+      self.service_url = 'https://ecomm.sella.it/gestpay/pagam.asp'
+
+      def self.notification(post, options = {})
+        Notification.new(post)
+      end
+
+      def self.return(query_string, options = {})
+        Return.new(query_string)
+      end
+
+      module Common
+        GestpayEncryptionResponseError = Class.new(StandardError)
+
+        VERSION = "2.0"
+        ENCRYPTION_PATH = "/CryptHTTPS/Encrypt.asp"
+        DECRYPTION_PATH = "/CryptHTTPS/Decrypt.asp"
+        DELIMITER = '*P1*'
+
+        CURRENCY_MAPPING = {
+          'EUR' => '242',
+          'ITL' => '18',
+          'BRL' => '234',
+          'USD' => '1',
+          'JPY' => '71',
+          'HKD' => '103'
+        }
+
+
+
+        def parse_response(response)
+          case response
+          when /#cryptstring#(.*)#\/cryptstring#/, /#decryptstring#(.*)#\/decryptstring#/
+            $1
+          when /#error#(.*)#\/error#/
+            raise GestpayEncryptionResponseError, "An error occurred retrieving the encrypted string from GestPay: #{$1}"
+          else
+            raise GestpayEncryptionResponseError, "No response was received by GestPay"
+          end
+        end
+
+        def ssl_get(url, path)
+          uri = URI.parse(url)
+          site = Net::HTTP.new(uri.host, uri.port)
+          site.use_ssl = true
+          site.verify_mode    = OpenSSL::SSL::VERIFY_NONE
+          site.get(path).body
+        rescue Timeout::Error, Errno::ECONNRESET, Errno::ETIMEDOUT
+          raise ActionViewHelperError, "Error occured while contacting payment gateway. Please try again."
+        end
+      end
+
+      class Helper < OffsitePayments::Helper
+        include Common
+        # Valid language codes
+        #   Italian   => 1
+        #   English   => 2
+        #   Spanish   => 3
+        #   French    => 4
+        #   Tedesco   => 5
+        def initialize(order, account, options = {})
+          super
+          add_field('PAY1_IDLANGUAGE', 2)
+        end
+
+        mapping :account, 'ShopLogin'
+
+        mapping :amount, 'PAY1_AMOUNT'
+        mapping :currency, 'PAY1_UICCODE'
+
+        mapping :order, 'PAY1_SHOPTRANSACTIONID'
+
+        # Buyer name PAY1_CHNAME
+        mapping :customer, :email => 'PAY1_CHEMAIL'
+
+        mapping :credit_card, :number       => 'PAY1_CARDNUMBER',
+                              :expiry_month => 'PAY1_EXPMONTH',
+                              :expiry_year  => 'PAY1_EXPYEAR',
+                              :verification_value => 'PAY1_CVV'
+
+        def customer(params = {})
+          add_field(mappings[:customer][:email], params[:email])
+          add_field('PAY1_CHNAME', "#{params[:first_name]} #{params[:last_name]}")
+        end
+
+        def currency=(currency_code)
+          code = CURRENCY_MAPPING[currency_code]
+          raise ActionViewHelperError, "Invalid currency code #{currency_code} specified" if code.nil?
+
+          add_field(mappings[:currency], code)
+        end
+
+        def form_fields
+          @encrypted_data ||= get_encrypted_string
+
+          {
+            'a' => @fields['ShopLogin'],
+            'b' => @encrypted_data
+          }
+        end
+
+        def get_encrypted_string
+          response = ssl_get(Gestpay.service_url, encryption_query_string)
+          parse_response(response)
+        rescue GestpayEncryptionResponseError => e
+          raise ActionViewHelperError.new(e)
+        end
+
+        def encryption_query_string
+          fields = ['PAY1_AMOUNT', 'PAY1_SHOPTRANSACTIONID', 'PAY1_UICCODE']
+
+          encoded_params = fields.collect{ |field| "#{field}=#{CGI.escape(@fields[field])}" }.join(DELIMITER)
+
+          "#{ENCRYPTION_PATH}?a=" + CGI.escape(@fields['ShopLogin']) + "&b=" + encoded_params + "&c=" + CGI.escape(VERSION)
+        end
+      end
+
+      class Notification < OffsitePayments::Notification
+        include Common
+
+        def complete?
+          status == 'Completed'
+        end
+
+        # The important param
+        def item_id
+          params['PAY1_SHOPTRANSACTIONID']
+        end
+
+        def transaction_id
+          params['PAY1_BANKTRANSACTIONID']
+        end
+
+        # the money amount we received in X.2 decimal.
+        def gross
+          params['PAY1_AMOUNT']
+        end
+
+        def currency
+          # Ruby 1.9 compat
+          method = CURRENCY_MAPPING.respond_to?(:key) ? :key : :index
+          CURRENCY_MAPPING.send(method, params['PAY1_UICCODE'])
+        end
+
+        def test?
+          false
+        end
+
+        def status
+          case params['PAY1_TRANSACTIONRESULT']
+          when 'OK'
+            'Completed'
+          else
+            'Failed'
+          end
+        end
+
+        def acknowledge(authcode = nil)
+          true
+        end
+
+        private
+        # Take the posted data and move the relevant data into a hash
+        def parse(query_string)
+          @raw = query_string
+
+          return if query_string.blank?
+          encrypted_params = parse_delimited_string(query_string)
+
+          return if encrypted_params['a'].blank? || encrypted_params['b'].blank?
+          @params = decrypt_data(encrypted_params['a'], encrypted_params['b'])
+        end
+
+        def parse_delimited_string(string, delimiter = '&', unencode_cgi = false)
+          result = {}
+          for line in string.split(delimiter)
+            key, value = *line.scan( %r{^(\w+)\=(.*)$} ).flatten
+            result[key] = unencode_cgi ? CGI.unescape(value) : value
+          end
+          result
+        end
+
+        def decrypt_data(shop_login, encrypted_string)
+          response = ssl_get(Gestpay.service_url, decryption_query_string(shop_login, encrypted_string))
+          encoded_response = parse_response(response)
+          parse_delimited_string(encoded_response, DELIMITER, true)
+        rescue GestpayEncryptionResponseError => e
+          { 'PAY1_TRANSACTIONRESULT' => 'Error' }
+        end
+
+        def decryption_query_string(shop_login, encrypted_string)
+          "#{DECRYPTION_PATH}?a=" + CGI.escape(shop_login) + "&b=" + encrypted_string + "&c=" + CGI.escape(VERSION)
+        end
+      end
+
+      class Return < OffsitePayments::Return
+      end
+    end
+  end
+end

data/lib/offsite_payments/integrations/hi_trust.rb

@@ -0,0 +1,179 @@
+module OffsitePayments #:nodoc:
+  module Integrations #:nodoc:
+    module HiTrust
+      TEST_URL = 'https://testtrustlink.hitrust.com.tw/TrustLink/TrxReqForJava'
+      LIVE_URL = 'https://trustlink.hitrust.com.tw/TrustLink/TrxReqForJava'
+
+      def self.service_url
+        OffsitePayments.mode == :test ? TEST_URL : LIVE_URL
+      end
+
+      def self.notification(post, options = {})
+        Notification.new(post)
+      end
+
+      def self.return(query_string, options = {})
+        Return.new(query_string)
+      end
+
+      class Helper < OffsitePayments::Helper
+        # Transaction types
+        # * Auth
+        # * AuthRe
+        # * Capture
+        # * CaptureRe
+        # * Refund
+        # * RefundRe
+        # * Query
+        def initialize(order, account, options = {})
+          super
+          # Perform an authorization by default
+          add_field('Type', 'Auth')
+
+          # Capture the payment right away
+          add_field('depositflag', '1')
+
+          # Disable auto query - who knows what it does?
+          add_field('queryflag', '1')
+
+          add_field('orderdesc', 'Store purchase')
+        end
+
+        mapping :account, 'storeid'
+        mapping :amount, 'amount'
+
+        def amount=(money)
+          cents = money.respond_to?(:cents) ? money.cents : money
+          raise ArgumentError, "amount must be a Money object or an integer" if money.is_a?(String)
+          raise ActionViewHelperError, "amount must be greater than $0.00" if cents.to_i <= 0
+
+          add_field(mappings[:amount], cents)
+        end
+        # Supported currencies include:
+        # * CNY：Chinese Yuan (Renminbi)
+        # * TWD：New Taiwan Dollar
+        # * HKD：Hong Kong Dollar
+        # * USD：US Dollar
+        # * AUD：Austrian Dollar
+        mapping :currency, 'currency'
+
+        mapping :order, 'ordernumber'
+        mapping :description, 'orderdesc'
+
+        mapping :notify_url, 'merUpdateURL'
+        mapping :return_url, 'returnURL'
+      end
+
+      class Notification < OffsitePayments::Notification
+        SUCCESS = '00'
+
+        self.production_ips = [ '203.75.242.8' ]
+
+        def complete?
+          status == 'Completed'
+        end
+
+        def transaction_id
+          params['authRRN']
+        end
+
+        def item_id
+          params['ordernumber']
+        end
+
+        def received_at
+          Time.parse(params['orderdate']) rescue nil
+        end
+
+        def currency
+          params['currency']
+        end
+
+        def gross
+          sprintf("%.2f", gross_cents.to_f / 100)
+        end
+
+        def gross_cents
+          params['approveamount'].to_i
+        end
+
+        def account
+          params['storeid']
+        end
+
+        def status
+          params['retcode'] == SUCCESS ? 'Completed' : 'Failed'
+        end
+
+        def test?
+          OffsitePayments.mode == :test
+        end
+
+        def acknowledge
+          true
+        end
+      end
+
+      class Return < OffsitePayments::Return
+        SUCCESS = "00"
+        CODES = { "00"   => "Operation completed successfully",
+                  "-1"  => "Unable to initialize winsock dll.",
+                  "-2"  => "Can't create stream socket.",
+                  "-3"  => "No Request Message.",
+                  "-4"  => "Can't connect to server.",
+                  "-5"  => "Send socket error.",
+                  "-6"  => "Couldn't receive data.",
+                  "-7"  => "Receive Broken message.",
+                  "-8"  => "Unable to initialize Envirnment.",
+                  "-9"  => "Can't Read Server RSA File.",
+                  "-10" => "Can't Read Client RSA File.",
+                  "-11" => "Web Server error.",
+                  "-12" => "Receive Message type error.",
+                  "-13" => "No Request Message.",
+                  "-14" => "No Response Content.",
+                  "-18" => "Merchant Update URL not found.",
+                  "-19" => "Server URL not find Domain or IP.",
+                  "-20" => "Server URL only can fill http or https.",
+                  "-21" => "Server Config File open error.",
+                  "-22" => "Server RSA Key File open error.",
+                  "-23" => "Server RSA Key File read error.",
+                  "-24" => "Server Config File have some errors, Please to check it.",
+                  "-25" => "Merchant Config File open error.",
+                  "-26" => "Merchant RSA Key File open error.",
+                  "-27" => "Merchant RSA Key File read error.",
+                  "-28" => "Merchant Config File has some errors, Please to check it.",
+                  "-29" => "Server Type is unknown.",
+                  "-30" => "Comm Type is unknown.",
+                  "-31" => "Input Parameter [ORDERNO] is null or empty.",
+                  "-32" => "Input Parameter [STOREID] is null or empty.",
+                  "-33" => "Input Parameter [ORDERDESC] is null or empty.",
+                  "-34" => "Input Parameter [CURRENCY] is null or empty.",
+                  "-35" => "Input Parameter [AMOUNT] is null or empty.",
+                  "-36" => "Input Parameter [ORDERURL] is null or empty.",
+                  "-37" => "Input Parameter [RETURNURL] is null or empty.",
+                  "-38" => "Input Parameter [DEPOSIT] is null or empty.",
+                  "-39" => "Input Parameter [QUERYFLAG] is null or empty.",
+                  "-40" => "Input Parameter [UPDATEURL] is null or empty.",
+                  "-41" => "Input Parameter [MERUPDATEURL] is null or empty.",
+                  "-42" => "Input Parameter [KEY] is null or empty.",
+                  "-43" => "Input Parameter [MAC] is null or empty.",
+                  "-44" => "Input Parameter [CIPHER] is null or empty.",
+                  "-45" => "Input Parameter [TrxType] is wrong.",
+                  "-100" => "TrustLink Server is closed. Or Merchant Server IP is not consistent with TrustLink Server setting.",
+                  "-101" => "TrustLink Server receives NULL.",
+                  "-308" => "Order Number already exists.",
+                  "positive" => "Response from Bank. Please contact with Acquirer Bank Service or HiTRUST Call Center."
+                }
+
+        def success?
+          params['retcode'] == SUCCESS
+        end
+
+        def message
+          return CODES["positive"] if params['retcode'].to_i > 0
+          CODES[ params['retcode'] ]
+        end
+      end
+    end
+  end
+end