cybersource_rest_client 0.0.80 → 0.0.81

data/lib/AuthenticationSDK/util/CertificateUtility.rb

@@ -7,34 +7,6 @@ public
   class CertificateUtility
     @@logger
 
-    def self.getCertificateCollectionAndPrivateKeyFromP12(certificateFilePath, merchantConfig)
-      if !CertificateUtility.class_variable_defined?(:@@logger) || @@logger.nil?
-        @@logger = Log.new merchantConfig.log_config, "CertificateUtility"
-      end
-      logger = @@logger.logger
-
-      p12File = File.binread(certificateFilePath)
-      p12Object = OpenSSL::PKCS12.new(p12File, merchantConfig.keyPass)
-
-      privateKey = OpenSSL::PKey::RSA.new(p12Object.key)
-
-      primaryX5Certificate = p12Object.certificate
-      additionalX5Certificates = p12Object.ca_certs
-
-      certificateList = [primaryX5Certificate]
-      certificateList.concat(additionalX5Certificates) if additionalX5Certificates
-
-      return [privateKey, certificateList]
-    end
-
-    def self.getCertificateBasedOnKeyAlias(certificateList, keyAlias)
-      return nil if certificateList.nil?
-
-      certificateList.find do |cert|
-        cert.subject.to_a.any? { |_, value, _| value.include?(keyAlias) }
-      end
-    end
-
     def self.getCertificatesFromPemFile(certificateFilePath)
       pem_data = File.read(certificateFilePath)
       certificateList = []
@@ -121,4 +93,112 @@ public
         raise IOError, "#{pathType} is not readable: #{path}"
       end
     end
-  end
+
+    def self.read_private_key_from_p12(p12_file_path, password)
+      begin
+        # `password` should be a String in Ruby
+        raise ArgumentError, "password must be a String" unless password.is_a?(String)
+
+        data = File.binread(p12_file_path)
+        pkcs12 = OpenSSL::PKCS12.new(data, password)
+
+        key = pkcs12.key
+        raise "No private key found in the P12 file" if key.nil?
+
+        jwk_private_key = self.convert_key_to_JWK(key)
+        return jwk_private_key
+      rescue OpenSSL::PKCS12::PKCS12Error => e
+        raise "Could not recover key from P12: #{e.message}"
+      rescue Errno::ENOENT => e
+        raise "P12 file not found: #{p12_file_path}"
+      end
+    end
+
+    def self.load_private_key_from_pem_file(key_file_path, password = nil)
+      begin
+        pem_data = File.binread(key_file_path)
+
+        # OpenSSL::PKey.read supports:
+        # - "BEGIN RSA/EC/PRIVATE KEY" (PKCS#1), encrypted or not (Proc-Type/DEK-Info)
+        # - "BEGIN PRIVATE KEY" (PKCS#8 unencrypted)
+        # - "BEGIN ENCRYPTED PRIVATE KEY" (PKCS#8 encrypted)
+        rsa_key = OpenSSL::PKey.read(pem_data, password)
+        jwk_private_key = self.convert_key_to_JWK(rsa_key)
+        return jwk_private_key
+      rescue OpenSSL::PKey::PKeyError => e
+        # Missing password for an encrypted PEM
+        if pem_data =~ /(BEGIN ENCRYPTED PRIVATE KEY|Proc-Type:\s*4,ENCRYPTED)/ && (password.nil? || password.to_s.empty?)
+          raise ArgumentError, "Private key is password protected, but no password was provided."
+        end
+
+        # Wrong password (common OpenSSL messages)
+        if password && e.message =~ /(bad decrypt|bad password|mac verify failure)/i
+          logger&.error("Failed to decrypt PKCS#8 private key - incorrect password provided")
+          raise ArgumentError, "Password is incorrect for the encrypted private key. Error: #{e.message}"
+        end
+
+        # Unsupported/invalid PEM contents
+        raise ArgumentError, "Unsupported PEM object or invalid key: #{e.message}"
+      rescue Errno::ENOENT
+        raise ArgumentError, "PEM file not found: #{key_file_path}"
+      end
+    end
+
+    def self.convert_key_to_JWK(keyValue, password=nil)
+      if !keyValue.nil?
+        case keyValue
+        when String
+          begin
+            if keyValue.encoding == Encoding::UTF_8
+              # This is for PEM formatted string
+              encrypted = keyValue.include?('BEGIN ENCRYPTED PRIVATE KEY')
+              pkey = nil
+
+              key = begin
+                if encrypted
+                  if password.nil? || password.empty?
+                    raise ArgumentError, "Encrypted PEM detected, but no password was provided."
+                  end
+                  pkey = OpenSSL::PKey.read(keyValue, password)
+                else
+                  # Try without password first
+                  pkey = OpenSSL::PKey.read(keyValue)
+                end
+              rescue OpenSSL::PKey::PKeyError
+                # If initial attempt failed and a password was provided, retry with password
+                if !password.nil? && !password.empty?
+                  begin
+                    pkey = OpenSSL::PKey.read(keyValue, password)
+                  rescue OpenSSL::PKey::PKeyError => e
+                    raise "Failed to load PEM private key. Incorrect password or corrupted/unsupported format. OpenSSL: #{e.message}"
+                  end
+                else
+                  raise "Failed to load PEM private key. Invalid key format or password required."
+                end
+              end
+              keyValue = JOSE::JWK.from_key(pkey)
+            else
+              # This is for P12 formatted string
+              begin
+                if !password.nil? && !password.empty?
+                  pkey = OpenSSL::PKCS12.new(keyValue, password)
+                else
+                  pkey = OpenSSL::PKCS12.new(keyValue)
+                end
+              rescue OpenSSL::PKCS12::PKCS12Error => e
+                raise "Could not recover key from P12 data: #{e.message}"
+              end
+
+              key = pkey.key
+              raise "No private key found in the P12 data" if key.nil?
+              keyValue = JOSE::JWK.from_key(key)
+            end
+          end
+        when OpenSSL::PKey::RSA
+          keyValue = JOSE::JWK.from_pem(keyValue.to_pem)
+        else
+          keyValue = JOSE::JWK.from_key(keyValue)
+        end
+      end
+    end
+  end

data/lib/AuthenticationSDK/util/Constants.rb

@@ -176,5 +176,9 @@
 
       DEFAULT_KEY_FILE_PATH = File.join(Dir.pwd, "resources")
 
+      MLE_CACHE_KEY_IDENTIFIER_FOR_RESPONSE_PRIVATE_KEY = "mleResponsePrivateKeyFromFile"
+
       PUBLIC_KEY_CACHE_IDENTIFIER = "FlexV2PublicKeys"
+      
+      RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER = "_responseMleP12Pfx"
   end

data/lib/AuthenticationSDK/util/MLEUtility.rb

@@ -1,6 +1,10 @@
 require_relative '../logging/log_factory.rb'
 require 'jose'
+require 'json'
 require_relative './Cache'
+require_relative './Constants'
+require_relative './ExceptionHandler'
+require_relative './AuthJWEUtility'
 
 public
   class MLEUtility
@@ -16,10 +20,10 @@ public
         is_mle_for_api = !merchant_config.disableRequestMLEForMandatoryApisGlobally
       end
 
-      if merchant_config.mapToControlMLEonAPI && operation_ids
+      if !merchant_config.internalMapToControlRequestMLEonAPI.nil? && !merchant_config.internalMapToControlRequestMLEonAPI.empty? && operation_ids
         operation_ids.each do |operation_id|
-          if merchant_config.mapToControlMLEonAPI.key?(operation_id)
-            is_mle_for_api = merchant_config.mapToControlMLEonAPI[operation_id]
+          if merchant_config.internalMapToControlRequestMLEonAPI.key?(operation_id)
+            is_mle_for_api = merchant_config.internalMapToControlRequestMLEonAPI[operation_id]
             break
           end
         end
@@ -45,11 +49,7 @@ public
       end
 
       begin
-        serial_number = extract_serial_number_from_certificate(mleCertificate)
-        if serial_number.nil?
-          @log_obj.logger.error('Serial number not found in certificate for MLE')
-          raise StandardError.new('Serial number not found in MLE certificate')
-        end
+        serial_number = self.extract_serial_number_from_certificate(mleCertificate)
 
         jwk = JOSE::JWK.from_key(mleCertificate.public_key)
         if jwk.nil?
@@ -66,7 +66,7 @@ public
         jwe = JOSE::JWE.block_encrypt(jwk, requestBody, headers)
 
         compact_jwe = jwe.compact
-        mle_request_body = create_request_payload(compact_jwe)
+        mle_request_body = self.create_request_payload(compact_jwe)
         @log_obj.logger.debug('LOG_REQUEST_AFTER_MLE: ' + mle_request_body)
         return mle_request_body
       rescue StandardError => e
@@ -76,14 +76,170 @@ public
     end
 
     def self.extract_serial_number_from_certificate(certificate)
-      return nil if certificate.subject.to_s.empty? && certificate.issuer.to_s.empty?
+      raise StandardError.new('Certificate cannot be nil') if certificate.nil?
+      raise StandardError.new('Certificate subject and issuer cannot both be empty') if certificate.subject.to_s.empty? && certificate.issuer.to_s.empty?
       certificate.subject.to_a.each do |attribute|
         return attribute[1] if attribute[0].include?('serialNumber')
       end
-      certificate.serial.nil? ? nil : certificate.serial.to_s
+      raise StandardError.new('Serial number not found in certificate subject')
     end
 
     def self.create_request_payload(compact_jwe)
       "{ \"encryptedRequest\": \"#{compact_jwe}\" }"
     end
+
+    def self.check_is_response_mle_for_api(merchant_config, operation_ids)
+      isResponseMLEForApi = false
+
+      if merchant_config.enableResponseMleGlobally
+        isResponseMLEForApi = true
+      end
+
+      # operation_ids is an array of the multiple public function for apiCallFunction such as apiCall, apiCallAsync
+      # Control the Response MLE only from map
+      # Special Note: If API expect MLE Response mandatory and map is saying to receive non MLE response then API might throw an error from CyberSource
+      if merchant_config.internalMapToControlResponseMLEonAPI
+        operation_ids.each do |operation_id|
+          if merchant_config.internalMapToControlResponseMLEonAPI.key?(operation_id)
+            isResponseMLEForApi = merchant_config.internalMapToControlResponseMLEonAPI[operation_id]
+            break
+          end
+        end
+      end
+
+      isResponseMLEForApi
+    end
+
+    def self.check_is_mle_encrypted_response(responseBody)
+      return false if responseBody.nil? || responseBody.strip.empty?
+
+      begin
+        jsonObject = JSON.parse(responseBody)
+        return false unless jsonObject.is_a?(Hash) && jsonObject.size == 1
+
+        jsonObject.key?('encryptedResponse') && jsonObject['encryptedResponse'].is_a?(String)
+      rescue JSON::ParserError, TypeError
+        false
+      end
+    end
+
+    def self.decrypt_mle_response_payload(merchantConfig, responseBody)
+      @log_obj ||= Log.new(merchantConfig.log_config, 'MLEUtility')
+
+      if !self.check_is_mle_encrypted_response(responseBody)
+        raise StandardError.new('Response body is not MLE encrypted.')
+      end
+
+      mlePrivateKey = self.get_mle_response_private_key(merchantConfig)
+      jweResponseToken = self.get_response_mle_token(responseBody)
+
+      # When mle token is empty or null then fall back to non mle encrypted response
+      if jweResponseToken.nil? || jweResponseToken.strip.empty?
+        return responseBody
+      end
+
+      begin
+        @log_obj.logger.info("LOG_NETWORK_RESPONSE_BEFORE_MLE_DECRYPTION: #{responseBody}")
+
+        decryptedResponse = AuthJWEUtility.decrypt_jwe_using_private_key(mlePrivateKey, jweResponseToken)
+
+        @log_obj.logger.info("LOG_NETWORK_RESPONSE_AFTER_MLE_DECRYPTION: #{decryptedResponse}")
+
+        return decryptedResponse
+      rescue => e
+        raise StandardError.new(Constants::ERROR_PREFIX + "An error occurred during MLE decryption: #{e.message}")
+      end
+    end
+
+    def self.get_response_mle_token(responseBody)
+      @log_obj ||= Log.new(merchantConfig.log_config, 'MLEUtility')
+
+      begin
+        jsonObject = JSON.parse(responseBody)
+        token = jsonObject['encryptedResponse']
+        token.is_a?(String) ? token : nil
+      rescue JSON::ParserError, TypeError => e
+        err = StandardError.new(Constants::ERROR_PREFIX + "Failed to extract Response MLE token: #{e.message}")
+        @log_obj.logger.error(ExceptionHandler.new.new_api_exception err)
+        raise err
+      end
+    end
+
+    private_class_method :get_response_mle_token
+
+    def self.get_mle_response_private_key(merchantConfig)
+      @log_obj ||= Log.new(merchantConfig.log_config, 'MLEUtility')
+
+      # First priority - Return private key provided in merchant config, if any
+      if !merchantConfig.responseMlePrivateKey.nil? && !merchantConfig.responseMlePrivateKey.to_s.strip.empty?
+        return merchantConfig.responseMlePrivateKey
+      end
+
+      # Second priority - Return private key loaded from merchantConfig.responseMlePrivateKeyFilePath
+      responseMlePrivateKey = Cache.new.getMLEResponsePrivateKeyFromFilePath(merchantConfig)
+      return responseMlePrivateKey
+    end
+
+    private_class_method :get_mle_response_private_key
+
+    def self.validate_and_auto_extract_response_mle_kid(merchant_config)
+      @log_obj ||= Log.new(merchant_config.log_config, 'MLEUtility')
+
+      if !merchant_config.responseMlePrivateKey.nil? && !merchant_config.responseMlePrivateKey.to_s.strip.empty?
+        @log_obj.logger.debug('responseMlePrivateKey is provided directly, using configured responseMleKID')
+        return merchant_config.responseMleKID
+      end
+
+      @log_obj.logger.debug('Validating responseMleKID for JWT token generation')
+      cybs_kid = nil
+      p12_file = false
+
+      # File path validity
+      begin
+        CertificateUtility.validatePathAndFile(merchant_config.responseMlePrivateKeyFilePath, 'responseMlePrivateKeyFilePath', merchant_config.log_config)
+        extension = File.extname(merchant_config.responseMlePrivateKeyFilePath).delete_prefix('.').downcase
+        if extension == 'p12' || extension == 'pfx'
+          p12_file = true
+        end
+      rescue IOError => e
+        @log_obj.logger.debug('No valid private key file path provided, skipping auto-extraction')
+      end
+
+      if p12_file
+        @log_obj.logger.debug('P12/PFX file detected, checking if it is a CyberSource certificate')
+        cached_data = Cache.new.get_mle_kid_data_from_cache(merchant_config)
+        if !cached_data.nil?
+          if !cached_data.kid.nil?
+            # KID present means it's a CyberSource P12, use it
+            cybs_kid = cached_data.kid
+          else
+            # KID is null means either non-CyberSource P12 or extraction failed
+            @log_obj.logger.debug('Private key file is not a CyberSource generated P12/PFX file, skipping auto-extraction')
+          end
+        end
+      else
+        @log_obj.logger.debug('Private key file is not a P12/PFX file, skipping auto-extraction')
+      end
+
+      if !cybs_kid.nil?
+        @log_obj.logger.debug('Successfully auto-extracted responseMleKID from CyberSource P12 certificate')
+      end
+
+      configured_kid = merchant_config.responseMleKID
+      if cybs_kid.nil? && configured_kid.nil?
+        raise StandardError.new('responseMleKID is required when response MLE is enabled. ' +
+                        'Could not auto-extract from certificate and no manual configuration provided. ' +
+                        'Please provide responseMleKID explicitly in your configuration.'
+        )
+      elsif cybs_kid.nil?
+        @log_obj.logger.debug('Using manually configured responseMleKID')
+        return configured_kid
+      elsif configured_kid.nil?
+        @log_obj.logger.debug('Using auto-extracted responseMleKID from CyberSource certificate')
+        return cybs_kid
+      elsif cybs_kid != configured_kid
+        @log_obj.logger.warn('Auto-extracted responseMleKID does not match manually configured responseMleKID. Using configured value as preference')
+      end
+      return configured_kid
+    end
   end

data/lib/AuthenticationSDK/util/Utility.rb

@@ -1,5 +1,6 @@
 require 'openssl'
 require 'base64'
+require_relative '../util/Constants.rb'
 
 public
 
@@ -32,5 +33,40 @@ public
       end
       return tempResponseCodeMessage
     end
-  end
 
+    def self.getCertificateBasedOnKeyAlias(certificateList, keyAlias)
+      return nil if certificateList.nil?
+
+      certificateList.find do |cert|
+        cert.subject.to_a.any? { |_, value, _| value.include?(keyAlias) }
+      end
+    end
+
+    def self.getCertificateCollectionAndPrivateKeyFromP12(certificateFilePath, keyPass)
+      p12File = File.binread(certificateFilePath)
+      p12Object = OpenSSL::PKCS12.new(p12File, keyPass)
+
+      privateKey = OpenSSL::PKey::RSA.new(p12Object.key)
+
+      primaryX5Certificate = p12Object.certificate
+      additionalX5Certificates = p12Object.ca_certs
+
+      certificateList = [primaryX5Certificate]
+      certificateList.concat(additionalX5Certificates) if additionalX5Certificates
+
+      return [privateKey, certificateList]
+    end
+
+    def self.isP12GeneratedByCyberSource(filePath, password, logger = nil)
+      begin
+        _, certificateList = getCertificateCollectionAndPrivateKeyFromP12(filePath, password)
+
+        foundCertificate = getCertificateBasedOnKeyAlias(certificateList, Constants::DEFAULT_ALIAS_FOR_MLE_CERT)
+
+        return !foundCertificate.nil?
+      rescue => e
+        logger&.error("Error while checking if P12 is generated by CyberSource: #{e.message}")
+        return false
+      end
+    end
+  end

data/lib/cybersource_rest_client/api/bank_account_validation_api.rb

@@ -71,7 +71,7 @@ module CyberSource
       post_body = @api_client.object_to_http_body(account_validations_request)
       sdk_tracker = SdkTracker.new
       post_body = sdk_tracker.insert_developer_id_tracker(post_body, 'AccountValidationsRequest', @api_client.config.host, @api_client.merchantconfig.defaultDeveloperId)
-      inbound_mle_status = "mandatory"      
+      inbound_mle_status = "mandatory"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["bank_account_validation_request","bank_account_validation_request_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -79,6 +79,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["bank_account_validation_request","bank_account_validation_request_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:POST, local_var_path,
         :header_params => header_params,
@@ -86,7 +89,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'InlineResponse20014')
+        :return_type => 'InlineResponse20014',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise

data/lib/cybersource_rest_client/api/batches_api.rb

@@ -76,7 +76,7 @@ module CyberSource
       else
         post_body = nil
       end
-      inbound_mle_status = "false"      
+      inbound_mle_status = "false"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["get_batch_report","get_batch_report_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -84,6 +84,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["get_batch_report","get_batch_report_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:GET, local_var_path,
         :header_params => header_params,
@@ -91,7 +94,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'InlineResponse20013')
+        :return_type => 'InlineResponse20013',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise
@@ -159,7 +163,7 @@ module CyberSource
       else
         post_body = nil
       end
-      inbound_mle_status = "false"      
+      inbound_mle_status = "false"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["get_batch_status","get_batch_status_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -167,6 +171,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["get_batch_status","get_batch_status_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:GET, local_var_path,
         :header_params => header_params,
@@ -174,7 +181,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'InlineResponse20012')
+        :return_type => 'InlineResponse20012',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise
@@ -244,7 +252,7 @@ module CyberSource
       else
         post_body = nil
       end
-      inbound_mle_status = "false"      
+      inbound_mle_status = "false"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["get_batches_list","get_batches_list_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -252,6 +260,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["get_batches_list","get_batches_list_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:GET, local_var_path,
         :header_params => header_params,
@@ -259,7 +270,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'InlineResponse20011')
+        :return_type => 'InlineResponse20011',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise
@@ -321,7 +333,7 @@ module CyberSource
       post_body = @api_client.object_to_http_body(body)
       sdk_tracker = SdkTracker.new
       post_body = sdk_tracker.insert_developer_id_tracker(post_body, 'Body', @api_client.config.host, @api_client.merchantconfig.defaultDeveloperId)
-      inbound_mle_status = "false"      
+      inbound_mle_status = "false"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["post_batch","post_batch_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -329,6 +341,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["post_batch","post_batch_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:POST, local_var_path,
         :header_params => header_params,
@@ -336,7 +351,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'InlineResponse202')
+        :return_type => 'InlineResponse202',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise

data/lib/cybersource_rest_client/api/billing_agreements_api.rb

@@ -76,7 +76,7 @@ module CyberSource
       post_body = @api_client.object_to_http_body(modify_billing_agreement)
       sdk_tracker = SdkTracker.new
       post_body = sdk_tracker.insert_developer_id_tracker(post_body, 'ModifyBillingAgreement', @api_client.config.host, @api_client.merchantconfig.defaultDeveloperId)
-      inbound_mle_status = "optional"      
+      inbound_mle_status = "optional"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["billing_agreements_de_registration","billing_agreements_de_registration_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -84,6 +84,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["billing_agreements_de_registration","billing_agreements_de_registration_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:PATCH, local_var_path,
         :header_params => header_params,
@@ -91,7 +94,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'PtsV2ModifyBillingAgreementPost201Response')
+        :return_type => 'PtsV2ModifyBillingAgreementPost201Response',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise
@@ -159,7 +163,7 @@ module CyberSource
       post_body = @api_client.object_to_http_body(intimate_billing_agreement)
       sdk_tracker = SdkTracker.new
       post_body = sdk_tracker.insert_developer_id_tracker(post_body, 'IntimateBillingAgreement', @api_client.config.host, @api_client.merchantconfig.defaultDeveloperId)
-      inbound_mle_status = "optional"      
+      inbound_mle_status = "optional"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["billing_agreements_intimation","billing_agreements_intimation_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -167,6 +171,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["billing_agreements_intimation","billing_agreements_intimation_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:POST, local_var_path,
         :header_params => header_params,
@@ -174,7 +181,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'PtsV2CreditsPost201Response1')
+        :return_type => 'PtsV2CreditsPost201Response1',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise
@@ -236,7 +244,7 @@ module CyberSource
       post_body = @api_client.object_to_http_body(create_billing_agreement)
       sdk_tracker = SdkTracker.new
       post_body = sdk_tracker.insert_developer_id_tracker(post_body, 'CreateBillingAgreement', @api_client.config.host, @api_client.merchantconfig.defaultDeveloperId)
-      inbound_mle_status = "optional"      
+      inbound_mle_status = "optional"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["billing_agreements_registration","billing_agreements_registration_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -244,6 +252,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["billing_agreements_registration","billing_agreements_registration_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:POST, local_var_path,
         :header_params => header_params,
@@ -251,7 +262,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'PtsV2CreateBillingAgreementPost201Response')
+        :return_type => 'PtsV2CreateBillingAgreementPost201Response',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise

data/lib/cybersource_rest_client/api/bin_lookup_api.rb

@@ -71,7 +71,7 @@ module CyberSource
       post_body = @api_client.object_to_http_body(create_bin_lookup_request)
       sdk_tracker = SdkTracker.new
       post_body = sdk_tracker.insert_developer_id_tracker(post_body, 'CreateBinLookupRequest', @api_client.config.host, @api_client.merchantconfig.defaultDeveloperId)
-      inbound_mle_status = "false"      
+      inbound_mle_status = "false"
       if MLEUtility.check_is_mle_for_API(@api_client.merchantconfig, inbound_mle_status, ["get_account_info","get_account_info_with_http_info"])
         begin
           post_body = MLEUtility.encrypt_request_payload(@api_client.merchantconfig, post_body)
@@ -79,6 +79,9 @@ module CyberSource
           raise
         end
       end
+
+      is_response_mle_for_api = MLEUtility.check_is_response_mle_for_api(@api_client.merchantconfig, ["get_account_info","get_account_info_with_http_info"])
+
       auth_names = []
       data, status_code, headers = @api_client.call_api(:POST, local_var_path,
         :header_params => header_params,
@@ -86,7 +89,8 @@ module CyberSource
         :form_params => form_params,
         :body => post_body,
         :auth_names => auth_names,
-        :return_type => 'InlineResponse2012')
+        :return_type => 'InlineResponse2012',
+        :isResponseMLEForApi => is_response_mle_for_api)
       if @api_client.config.debugging
         begin
         raise