cybersource_rest_client 0.0.84 → 0.0.85
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/AuthenticationSDK/core/MerchantConfig.rb +11 -10
- data/lib/AuthenticationSDK/logging/sensitive_logging.rb +265 -93
- data/lib/AuthenticationSDK/util/AuthJWEUtility.rb +53 -3
- data/lib/AuthenticationSDK/util/Cache.rb +13 -8
- data/lib/AuthenticationSDK/util/Constants.rb +87 -32
- data/lib/AuthenticationSDK/util/MLEUtility.rb +42 -2
- data/lib/cybersource_rest_client/api/{instructions_api.rb → agent_capabilities_api.rb} +106 -25
- data/lib/cybersource_rest_client/api/billing_agreements_api.rb +6 -6
- data/lib/cybersource_rest_client/api/capture_api.rb +2 -2
- data/lib/cybersource_rest_client/api/credentials_api.rb +1 -1
- data/lib/cybersource_rest_client/api/credit_api.rb +2 -2
- data/lib/cybersource_rest_client/api/invoice_settings_api.rb +2 -2
- data/lib/cybersource_rest_client/api/invoices_api.rb +6 -6
- data/lib/cybersource_rest_client/api/merchant_boarding_api.rb +2 -2
- data/lib/cybersource_rest_client/api/orders_api.rb +4 -4
- data/lib/cybersource_rest_client/api/payment_links_api.rb +4 -4
- data/lib/cybersource_rest_client/api/payment_tokens_api.rb +2 -2
- data/lib/cybersource_rest_client/api/payments_api.rb +21 -21
- data/lib/cybersource_rest_client/api/refund_api.rb +4 -4
- data/lib/cybersource_rest_client/api/reversal_api.rb +4 -4
- data/lib/cybersource_rest_client/api/void_api.rb +10 -10
- data/lib/cybersource_rest_client/api_client.rb +31 -2
- data/lib/cybersource_rest_client/configuration.rb +2 -2
- data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations.rb → account_updater_configurations.rb} +4 -4
- data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations_amex.rb → account_updater_configurations_amex.rb} +1 -1
- data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations_master_card.rb → account_updater_configurations_master_card.rb} +1 -1
- data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations_visa.rb → account_updater_configurations_visa.rb} +1 -1
- data/lib/cybersource_rest_client/models/{ptsv1pullfundstransfer_processing_information_funding_options.rb → aft_funding_options.rb} +2 -2
- data/lib/cybersource_rest_client/models/{ptsv1pullfundstransfer_processing_information_funding_options_initiator.rb → aft_funding_options_initiator.rb} +2 -2
- data/lib/cybersource_rest_client/models/{ptsv1pullfundstransfer_processing_info_funding_options_initiator_origin_ini_transaction.rb → aft_funding_options_initiator_originator_initiated_transaction.rb} +1 -1
- data/lib/cybersource_rest_client/models/agentic_cancel_purchase_intent_request.rb +3 -3
- data/lib/cybersource_rest_client/models/agentic_card_enrollment_request.rb +8 -8
- data/lib/cybersource_rest_client/models/agentic_confirm_transaction_events_request.rb +2 -2
- data/lib/cybersource_rest_client/models/agentic_create_purchase_intent_request.rb +5 -5
- data/lib/cybersource_rest_client/models/agentic_retrieve_payment_credentials_request.rb +2 -2
- data/lib/cybersource_rest_client/models/agentic_retrieve_payment_credentials_response200.rb +1 -1
- data/lib/cybersource_rest_client/models/agentic_update_purchase_intent_request.rb +5 -5
- data/lib/cybersource_rest_client/models/{payments_products_alternative_payment_methods_configuration_information_configurations_processors.rb → alternative_payments_processor_configuration.rb} +1 -1
- data/lib/cybersource_rest_client/models/bin_lookup403_response.rb +223 -0
- data/lib/cybersource_rest_client/models/bin_lookupv400_response.rb +235 -0
- data/lib/cybersource_rest_client/models/{card_processing_config_common_acquirer_agreement_acquirer_code.rb → boarding_acquirer_details.rb} +2 -2
- data/lib/cybersource_rest_client/models/{card_processing_config_common_acquirer_agreement_acquirer_code_payment_options.rb → boarding_acquirer_details_payment_options.rb} +1 -1
- data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information.rb → boarding_business_information.rb} +6 -6
- data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information_address.rb → boarding_business_information_address.rb} +1 -1
- data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information_business_contact.rb → boarding_business_information_business_contact.rb} +1 -1
- data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information_localized_names.rb → boarding_business_information_localized_names.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_payouts_configuration_information_configurations.rb → boarding_payouts_configurations.rb} +2 -2
- data/lib/cybersource_rest_client/models/{payments_products_payouts_configuration_information_configurations_common.rb → boarding_payouts_configurations_common.rb} +2 -2
- data/lib/cybersource_rest_client/models/{payments_products_payouts_configuration_information_configurations_common_aggregator.rb → boarding_payouts_configurations_common_aggregator.rb} +1 -1
- data/lib/cybersource_rest_client/models/boardingv1registrations_organization_information.rb +1 -1
- data/lib/cybersource_rest_client/models/boardingv1registrations_organization_information_owners.rb +1 -1
- data/lib/cybersource_rest_client/models/card_processing_config_common_acquirer_agreement.rb +1 -1
- data/lib/cybersource_rest_client/models/commerce_solutions_products_account_updater_configuration_information.rb +1 -1
- data/lib/cybersource_rest_client/models/create_subscription_response.rb +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument.rb → default_payment_instrument.rb} +9 -9
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument__embedded.rb → default_payment_instrument__embedded.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument__links.rb → default_payment_instrument__links.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument__links_self.rb → default_payment_instrument__links_self.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_bank_account.rb → default_payment_instrument_bank_account.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_bill_to.rb → default_payment_instrument_bill_to.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_buyer_information.rb → default_payment_instrument_buyer_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_buyer_info_issued_by.rb → default_payment_instrument_buyer_information_issued_by.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_buyer_info_personal_identification.rb → default_payment_instrument_buyer_information_personal_identification.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_card.rb → default_payment_instrument_card.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_card_tokenized_info.rb → default_payment_instrument_card_tokenized_information.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_instrument_identifier.rb → default_payment_instrument_instrument_identifier.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_metadata.rb → default_payment_instrument_metadata.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address.rb → default_shipping_address.rb} +4 -4
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address__links.rb → default_shipping_address__links.rb} +3 -3
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address__links_customer.rb → default_shipping_address__links_customer.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address__links_self.rb → default_shipping_address__links_self.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address_metadata.rb → default_shipping_address_metadata.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address_ship_to.rb → default_shipping_address_ship_to.rb} +1 -1
- data/lib/cybersource_rest_client/models/{pts_v2_payments_post201_response_watchlist_screening_information_watch_list.rb → export_compliance_watch_list.rb} +2 -2
- data/lib/cybersource_rest_client/models/{pts_v2_payments_post201_response_watchlist_screening_information_watch_list_matches.rb → export_compliance_watch_list_matches.rb} +1 -1
- data/lib/cybersource_rest_client/models/{get_subscription_response_1_payment_instrument_buyer_information.rb → follow_on_transaction_buyer_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/generate_unified_checkout_v1_capture_context_request.rb +2 -2
- data/lib/cybersource_rest_client/models/get_subscription_response_1_payment_instrument.rb +2 -2
- data/lib/cybersource_rest_client/models/get_subscription_response_1_shipping_address.rb +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_amount_detail.rb → icc_amount_detail.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_items.rb → icc_line_item.rb} +4 -4
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_items_additional_info.rb → icc_line_item_additional_info.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_items_policies.rb → icc_line_item_policies.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_merchant_information_merchant_descriptor.rb → icc_merchant_descriptor.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_processor_information_payment_instrument.rb → icc_payment_instrument.rb} +2 -2
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconf_processor_info_payment_instrument_verifi_results.rb → icc_payment_instrument_verification_results.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_order_information_shipping_details.rb → icc_shipping_details.rb} +1 -1
- data/lib/cybersource_rest_client/models/{agentic_retrieve_payment_credentials_response200_transaction_response_with_pending_events.rb → icc_transaction_response_pending_events.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructions_decline_threshold.rb → iccv1instructions_decline_threshold.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructions_mandates.rb → iccv1instructions_mandates.rb} +3 -3
- data/lib/cybersource_rest_client/models/{acpv1instructions_recurring_payment_information.rb → iccv1instructions_recurring_payment_information.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_confirmation_data.rb → iccv1instructionsinstruction_idconfirmations_confirmation_data.rb} +5 -5
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_merchant_information.rb → iccv1instructionsinstruction_idconfirmations_merchant_information.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_order_information.rb → iccv1instructionsinstruction_idconfirmations_order_information.rb} +5 -5
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_processor_information.rb → iccv1instructionsinstruction_idconfirmations_processor_information.rb} +3 -3
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_attachments.rb → iccv1instructionsinstruction_idcredentials_attachments.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_client_reference_information.rb → iccv1instructionsinstruction_idcredentials_client_reference_information.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_mandate_reference_data.rb → iccv1instructionsinstruction_idcredentials_mandate_reference_data.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_merchant_information.rb → iccv1instructionsinstruction_idcredentials_merchant_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information.rb → iccv1instructionsinstruction_idcredentials_order_information.rb} +4 -4
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_line_items.rb → iccv1instructionsinstruction_idcredentials_order_information_line_items.rb} +2 -2
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_ship_to.rb → iccv1instructionsinstruction_idcredentials_order_information_ship_to.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_payment_options.rb → iccv1instructionsinstruction_idcredentials_payment_options.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_transaction_data.rb → iccv1instructionsinstruction_idcredentials_transaction_data.rb} +7 -7
- data/lib/cybersource_rest_client/models/{acpv1mppcredentials_challenge.rb → iccv1mppcredentials_challenge.rb} +2 -2
- data/lib/cybersource_rest_client/models/{acpv1mppcredentials_challenge_encryption_jwk.rb → iccv1mppcredentials_challenge_encryption_jwk.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_assurance_data.rb → iccv1tokens_assurance_data.rb} +3 -3
- data/lib/cybersource_rest_client/models/{acpv1tokens_authenticated_identities.rb → iccv1tokens_authenticated_identities.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_authentication_context.rb → iccv1tokens_authentication_context.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_bill_to.rb → iccv1tokens_bill_to.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_buyer_information.rb → iccv1tokens_buyer_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/{acpv1tokens_buyer_information_personal_identification.rb → iccv1tokens_buyer_information_personal_identification.rb} +9 -9
- data/lib/cybersource_rest_client/models/{acpv1tokens_consent_data.rb → iccv1tokens_consent_data.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_consumer_identity.rb → iccv1tokens_consumer_identity.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_device_information.rb → iccv1tokens_device_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/{acpv1tokens_device_information_device_data.rb → iccv1tokens_device_information_device_data.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_enrollment_reference_data.rb → iccv1tokens_enrollment_reference_data.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information.rb → iccv1tokens_payment_information.rb} +4 -4
- data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information_customer.rb → iccv1tokens_payment_information_customer.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information_instrument_identifier.rb → iccv1tokens_payment_information_instrument_identifier.rb} +1 -1
- data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information_payment_instrument.rb → iccv1tokens_payment_information_payment_instrument.rb} +1 -1
- data/lib/cybersource_rest_client/models/inline_response_201_4_setups.rb +1 -1
- data/lib/cybersource_rest_client/models/inline_response_201_4_setups_commerce_solutions.rb +4 -4
- data/lib/cybersource_rest_client/models/inline_response_201_4_setups_risk.rb +3 -3
- data/lib/cybersource_rest_client/models/inline_response_201_4_setups_value_added_services.rb +5 -5
- data/lib/cybersource_rest_client/models/inline_response_400_11.rb +42 -35
- data/lib/cybersource_rest_client/models/inline_response_400_12.rb +16 -62
- data/lib/cybersource_rest_client/models/{inline_response_400_11_details.rb → inline_response_400_12_details.rb} +1 -1
- data/lib/cybersource_rest_client/models/inline_response_400_13.rb +281 -0
- data/lib/cybersource_rest_client/models/inline_response_502.rb +9 -53
- data/lib/cybersource_rest_client/models/inline_response_502_1.rb +24 -12
- data/lib/cybersource_rest_client/models/inline_response_502_2.rb +19 -47
- data/lib/cybersource_rest_client/models/inline_response_502_3.rb +251 -0
- data/lib/cybersource_rest_client/models/{payments_products_microform_configuration_information_configurations_features.rb → microform_config_features.rb} +2 -2
- data/lib/cybersource_rest_client/models/{payments_products_microform_configuration_information_configurations_features_gateway_agnostic.rb → microform_config_features_gateway_agnostic.rb} +1 -1
- data/lib/cybersource_rest_client/models/mpp_credentials_request.rb +1 -1
- data/lib/cybersource_rest_client/models/patch_customer_payment_instrument_request.rb +7 -7
- data/lib/cybersource_rest_client/models/patch_customer_shipping_address_request.rb +3 -3
- data/lib/cybersource_rest_client/models/patch_instrument_identifier_request.rb +1 -1
- data/lib/cybersource_rest_client/models/patch_payment_instrument_request.rb +7 -7
- data/lib/cybersource_rest_client/models/{payment_instrument_list__embedded_payment_instruments.rb → payment_instrument.rb} +8 -8
- data/lib/cybersource_rest_client/models/payment_instrument_list__embedded.rb +1 -1
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments.rb → payments_configuration_setup.rb} +23 -23
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_alternative_payment_methods.rb → payments_configuration_setup_alternative_payment_methods.rb} +3 -3
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_alternative_payment_methods_configuration_status.rb → payments_configuration_setup_alternative_payment_methods_configuration_status.rb} +1 -1
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_card_processing.rb → payments_configuration_setup_card_processing.rb} +3 -3
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_card_processing_configuration_status.rb → payments_configuration_setup_card_processing_configuration_status.rb} +1 -1
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_card_processing_subscription_status.rb → payments_configuration_setup_card_processing_subscription_status.rb} +1 -1
- data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_digital_payments.rb → payments_configuration_setup_digital_payments.rb} +2 -2
- data/lib/cybersource_rest_client/models/payments_products_alternative_payment_methods_configuration_information_configurations.rb +1 -1
- data/lib/cybersource_rest_client/models/payments_products_microform_configuration_information_configurations.rb +1 -1
- data/lib/cybersource_rest_client/models/payments_products_payouts_configuration_information.rb +1 -1
- data/lib/cybersource_rest_client/models/payments_products_unified_checkout_configuration_information.rb +1 -1
- data/lib/cybersource_rest_client/models/payments_products_unified_checkout_subscription_information.rb +1 -1
- data/lib/cybersource_rest_client/models/post_customer_payment_instrument_request.rb +7 -7
- data/lib/cybersource_rest_client/models/post_customer_shipping_address_request.rb +3 -3
- data/lib/cybersource_rest_client/models/post_instrument_identifier_enrollment_request.rb +1 -1
- data/lib/cybersource_rest_client/models/post_instrument_identifier_request.rb +1 -1
- data/lib/cybersource_rest_client/models/post_issuer_life_cycle_simulation_request.rb +1 -1
- data/lib/cybersource_rest_client/models/post_payment_credentials_request.rb +1 -1
- data/lib/cybersource_rest_client/models/post_payment_credentials_request_1.rb +1 -1
- data/lib/cybersource_rest_client/models/post_payment_instrument_request.rb +7 -7
- data/lib/cybersource_rest_client/models/{ptsv2payments_processing_information_authorization_options.rb → processing_info_authorization_options.rb} +2 -2
- data/lib/cybersource_rest_client/models/{ptsv2payments_processing_information_authorization_options_initiator.rb → processing_info_authorization_options_initiator.rb} +2 -2
- data/lib/cybersource_rest_client/models/{ptsv2payments_merchant_initiated_transaction.rb → processing_info_authorization_options_initiator_merchant_initiated_transaction.rb} +4 -4
- data/lib/cybersource_rest_client/models/{pts_v2_payments_post201_response_processor_information_seller_protection.rb → processor_information_seller_protection.rb} +1 -1
- data/lib/cybersource_rest_client/models/pts_v2_credits_post201_response.rb +1 -1
- data/lib/cybersource_rest_client/models/pts_v2_incremental_authorization_patch201_response_processor_information.rb +1 -1
- data/lib/cybersource_rest_client/models/pts_v2_payments_post201_response_1_processor_information.rb +1 -1
- data/lib/cybersource_rest_client/models/pts_v2_payments_post201_response_processor_information.rb +1 -1
- data/lib/cybersource_rest_client/models/pts_v2_payments_post201_response_watchlist_screening_information.rb +1 -1
- data/lib/cybersource_rest_client/models/pts_v2_payouts_post201_response_issuer_information.rb +166 -1
- data/lib/cybersource_rest_client/models/ptsv1pullfundstransfer_processing_information.rb +1 -1
- data/lib/cybersource_rest_client/models/ptsv1pushfundstransfer_recipient_information.rb +1 -1
- data/lib/cybersource_rest_client/models/ptsv2credits_processing_information.rb +1 -1
- data/lib/cybersource_rest_client/models/ptsv2credits_processing_information_refund_options.rb +22 -5
- data/lib/cybersource_rest_client/models/ptsv2payments_processing_information.rb +2 -2
- data/lib/cybersource_rest_client/models/ptsv2payments_processor_information.rb +22 -5
- data/lib/cybersource_rest_client/models/ptsv2paymentsidcaptures_processing_information.rb +1 -1
- data/lib/cybersource_rest_client/models/ptsv2paymentsidrefunds_processing_information.rb +1 -1
- data/lib/cybersource_rest_client/models/ptsv2paymentsidrefunds_processing_information_refund_options.rb +22 -5
- data/lib/cybersource_rest_client/models/ptsv2paymentsidreversals_processing_information.rb +1 -1
- data/lib/cybersource_rest_client/models/push_funds201_response.rb +11 -1
- data/lib/cybersource_rest_client/models/push_funds201_response_issuer_information.rb +344 -0
- data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information.rb → push_funds_transfer_payment_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card.rb → push_funds_transfer_payment_information_card.rb} +4 -4
- data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card_customer.rb → push_funds_transfer_payment_information_card_customer.rb} +1 -1
- data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card_instrument_identifier.rb → push_funds_transfer_payment_information_card_instrument_identifier.rb} +1 -1
- data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card_payment_instrument.rb → push_funds_transfer_payment_information_card_payment_instrument.rb} +1 -1
- data/lib/cybersource_rest_client/models/{rbsv1subscriptions_processing_information_authorization_options.rb → rbs_authorization_options.rb} +2 -2
- data/lib/cybersource_rest_client/models/{rbsv1subscriptions_processing_information_authorization_options_initiator.rb → rbs_authorization_options_initiator.rb} +1 -1
- data/lib/cybersource_rest_client/models/rbsv1subscriptions_processing_information.rb +1 -1
- data/lib/cybersource_rest_client/models/{reporting_v3_report_definitions_name_get200_response_default_settings.rb → report_definition_default_settings.rb} +1 -1
- data/lib/cybersource_rest_client/models/reporting_v3_report_definitions_get200_response_report_definitions.rb +1 -1
- data/lib/cybersource_rest_client/models/reporting_v3_report_definitions_name_get200_response.rb +1 -1
- data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address_verification_information.rb → risk_address_verification_information.rb} +3 -3
- data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address_verification_information_bar_code.rb → risk_address_verification_information_bar_code.rb} +1 -1
- data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address_verification_information_standard_address.rb → risk_address_verification_information_standard_address.rb} +2 -2
- data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address1.rb → risk_address_verification_information_standard_address_address1.rb} +1 -1
- data/lib/cybersource_rest_client/models/risk_v1_address_verifications_post201_response.rb +1 -1
- data/lib/cybersource_rest_client/models/shipping_address_list_for_customer__embedded.rb +1 -1
- data/lib/cybersource_rest_client/models/tms_embedded_instrument_identifier.rb +1 -1
- data/lib/cybersource_rest_client/models/{tmsv2tokenizedcardstokenized_card_idissuerlifecycleeventsimulations_metadata.rb → tms_issuer_life_cycle_event_simulation_metadata.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tmsv2tokenizedcardstokenized_card_idissuerlifecycleeventsimulations_metadata_card_art.rb → tms_issuer_life_cycle_event_simulation_metadata_card_art.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tms_issuerlifecycleeventsimulations_metadata_card_art_combined_asset.rb → tms_issuer_life_cycle_event_simulation_metadata_card_art_combined_asset.rb} +1 -1
- data/lib/cybersource_rest_client/models/{tms_embedded_instrument_identifier_point_of_sale_information.rb → tms_point_of_sale_information.rb} +2 -2
- data/lib/cybersource_rest_client/models/{tms_embedded_instrument_identifier_point_of_sale_information_emv_tags.rb → tms_point_of_sale_information_emv_tags.rb} +1 -1
- data/lib/cybersource_rest_client/models/tmsv2customers__embedded.rb +1 -1
- data/lib/cybersource_rest_client/models/tmsv2tokenize_token_information.rb +2 -2
- data/lib/cybersource_rest_client/models/tmsv2tokenize_token_information_customer__embedded.rb +2 -2
- data/lib/cybersource_rest_client/models/tmsv3tokenstoken_idpaymentcredentials_authenticated_identities.rb +19 -8
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_configuration_information_configurations.rb → uc_configurations.rb} +2 -2
- data/lib/cybersource_rest_client/models/uc_configurations_features.rb +209 -0
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_configuration_information_configurations_features.rb → uc_configurations_features_click_to_pay.rb} +9 -9
- data/lib/cybersource_rest_client/models/uc_configurations_features_click_to_pay_enrollment_data.rb +223 -0
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_configuration_information_configurations_features_paze.rb → uc_configurations_features_paze.rb} +2 -2
- data/lib/cybersource_rest_client/models/uc_configurations_features_portfolio_accessto_sensitive_data.rb +190 -0
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features.rb → uc_feature_subscription.rb} +22 -22
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_after_pay.rb → uc_feature_subscription_after_pay.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_apple_pay.rb → uc_feature_subscription_apple_pay.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_bancontact.rb → uc_feature_subscription_bancontact.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_click_to_pay.rb → uc_feature_subscription_click_to_pay.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_decision_manager.rb → uc_feature_subscription_decision_manager.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_dragon_pay.rb → uc_feature_subscription_dragon_pay.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_e_check.rb → uc_feature_subscription_e_check.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_google_pay.rb → uc_feature_subscription_google_pay.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_ideal.rb → uc_feature_subscription_ideal.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_konbini.rb → uc_feature_subscription_konbini.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_multibanco.rb → uc_feature_subscription_multibanco.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_my_bank.rb → uc_feature_subscription_my_bank.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_p24.rb → uc_feature_subscription_p24.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_pay_pal.rb → uc_feature_subscription_pay_pal.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_payer_authentication.rb → uc_feature_subscription_payer_authentication.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_paze_for_unified_checkout.rb → uc_feature_subscription_paze_for_unified_checkout.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_info_features_portfolio_accessof_sensi_data.rb → uc_feature_subscription_portfolio_accessof_sensitive_data.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_tink_pay_by_bank.rb → uc_feature_subscription_tink_pay_by_bank.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_token_management.rb → uc_feature_subscription_token_management.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_unified_click_to_pay_sdk.rb → uc_feature_subscription_unified_click_to_pay_sdk.rb} +1 -1
- data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_venmo.rb → uc_feature_subscription_venmo.rb} +1 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_complete_mandate.rb +1 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_data.rb +1 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_data_client_reference_information.rb +227 -0
- data/lib/cybersource_rest_client/models/ucv1sessions_data_order_information.rb +1 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_data_order_information_line_items.rb +2 -2
- data/lib/cybersource_rest_client/models/ucv1sessions_data_order_information_ship_to.rb +388 -0
- data/lib/cybersource_rest_client/models/ucv1sessions_data_processing_information_authorization_options_initiator.rb +1 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations.rb +11 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_googlepay.rb +1 -1
- data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_paypal.rb +211 -0
- data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_paypal_tokenized_payment_method.rb +213 -0
- data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_tms_token.rb +1 -1
- data/lib/cybersource_rest_client/models/{underwriting_configuration_organization_information_business_information_business_details.rb → underwriting_configuration_business_details.rb} +2 -2
- data/lib/cybersource_rest_client/models/underwriting_configuration_business_details_product_services_subscription.rb +1 -1
- data/lib/cybersource_rest_client/models/underwriting_configuration_organization_information_business_information.rb +1 -1
- data/lib/cybersource_rest_client/models/{upv1capturecontexts_data_processing_info_mit.rb → unified_checkout_merchant_initiated_transaction.rb} +1 -1
- data/lib/cybersource_rest_client/models/upv1capturecontexts_data_order_information.rb +4 -2
- data/lib/cybersource_rest_client/models/upv1capturecontexts_data_order_information_line_items.rb +2 -2
- data/lib/cybersource_rest_client/models/{upv1capturecontexts_data_order_information_line_items_passenger.rb → upv1capturecontexts_data_order_information_passenger.rb} +1 -1
- data/lib/cybersource_rest_client/models/{upv1capturecontexts_data_order_information_line_items_tax_details.rb → upv1capturecontexts_data_order_information_tax_details.rb} +1 -1
- data/lib/cybersource_rest_client/models/upv1capturecontexts_data_processing_information_authorization_options_initiator.rb +1 -1
- data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information.rb → virtual_terminal_global_payment_settings.rb} +4 -4
- data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information_basic_information.rb → virtual_terminal_global_payment_settings_basic_information.rb} +1 -1
- data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information_merchant_defined_data_fields.rb → virtual_terminal_global_payment_settings_merchant_defined_data_fields.rb} +1 -1
- data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information_payment_information.rb → virtual_terminal_global_payment_settings_payment_information.rb} +1 -1
- data/lib/cybersource_rest_client/models/vt_config_card_not_present.rb +1 -1
- data/lib/cybersource_rest_client.rb +160 -152
- metadata +161 -153
- data/lib/cybersource_rest_client/api/enrollment_api.rb +0 -104
- data/lib/cybersource_rest_client/models/tmsv3tokenstoken_idpaymentcredentials_merchant_information.rb +0 -189
- data/lib/cybersource_rest_client/models/tmsv3tokenstoken_idpaymentcredentials_merchant_information_merchant_descriptor.rb +0 -201
- data/lib/cybersource_rest_client/utilities/flex/token_verification.rb +0 -42
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 34454664d9ec155d9dd0094a993b16a4fa5fa3d15348271dad33d48ec0ca8dea
|
|
4
|
+
data.tar.gz: '09efd41467183272900951d0182defdb85e63ff12d0328ca340ceb94fd5b5752'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3eb75e9385dd046a83fd2fd9539e18f6e8e3510d544759608058efa5d36ac61d71ade3c8123ceef8ddee1e690dacd84d604135ede80a639c61f276827b6e76de
|
|
7
|
+
data.tar.gz: 770a3cf7980a42709df7fa1122fe22d8576ccd25363b25d48b10fc4046baef465608e726c27ae00be313c36113edb6f0de05a04754eb01194952dbc9ba996afb
|
|
@@ -590,19 +590,20 @@ public
|
|
|
590
590
|
|
|
591
591
|
def logAllProperties(merchantPropertyObj)
|
|
592
592
|
propertyObj = Marshal.load(Marshal.dump(merchantPropertyObj))
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
if
|
|
602
|
-
propertyObj
|
|
593
|
+
hiddenProperties = Constants::HIDDEN_MERCHANT_PROPERTIES.split(',').map(&:strip)
|
|
594
|
+
hiddenPropertiesLower = hiddenProperties.map(&:downcase)
|
|
595
|
+
sensitivePatterns = Constants::SENSITIVE_PROPERTY_PATTERNS
|
|
596
|
+
|
|
597
|
+
if propertyObj.respond_to?(:each_pair)
|
|
598
|
+
propertyObj.each_key do |key|
|
|
599
|
+
keyStr = key.to_s
|
|
600
|
+
keyLower = keyStr.downcase
|
|
601
|
+
if hiddenPropertiesLower.include?(keyLower) || sensitivePatterns.any? { |p| keyLower.include?(p) }
|
|
602
|
+
propertyObj[key] = Constants::REDACTED_VALUE
|
|
603
603
|
end
|
|
604
604
|
end
|
|
605
605
|
end
|
|
606
|
+
|
|
606
607
|
@log_obj.logger.info('Merchant Configuration :\n' + propertyObj.to_s)
|
|
607
608
|
end
|
|
608
609
|
|
|
@@ -1,118 +1,290 @@
|
|
|
1
1
|
require 'logger'
|
|
2
2
|
require 'json'
|
|
3
3
|
|
|
4
|
-
class
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
4
|
+
class SensitiveDataFilter < Logger::Formatter
|
|
5
|
+
SENSITIVE_KEYS = %w[
|
|
6
|
+
securitycode number cardnumber expirationmonth expirationyear expiration
|
|
7
|
+
expirationdate account routingnumber email firstname lastname phonenumber
|
|
8
|
+
type token signature prefix suffix bin pan encryptedrequest encryptedresponse
|
|
9
|
+
password secret apikey accesstoken refreshtoken ssn creditcard debitcard cvv pin
|
|
10
|
+
cardholder nameoncard holdername track1 track2 trackdata
|
|
11
|
+
iban swift bic dateofbirth birthdate taxid
|
|
12
|
+
privatekey publickey authorization bearer
|
|
13
|
+
cavv xid pares micr jwt jwe
|
|
14
|
+
paymentinformation paymentinstrument card billto shipto
|
|
15
|
+
customer driverlicense
|
|
16
|
+
].freeze
|
|
17
|
+
|
|
18
|
+
REDACTED_PAYLOAD = '[REDACTED]'.freeze
|
|
19
|
+
REDACTED_VALUE = ('X' * 10).freeze
|
|
20
|
+
|
|
21
|
+
def json_object?(str)
|
|
22
|
+
parsed = JSON.parse(str)
|
|
23
|
+
parsed.is_a?(Hash)
|
|
24
|
+
rescue JSON::ParserError, TypeError
|
|
25
|
+
false
|
|
11
26
|
end
|
|
12
|
-
end
|
|
13
27
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
SensitiveTag.new("prefix", "(\\p{N}{6})(\\p{N}*)", "\\2-XXXXX", false),
|
|
34
|
-
SensitiveTag.new("prefix", "(\\s*)(\\p{N}{4})(\\s*)(\\p{N}{2})(\\s*\\p{N}*\\s*)", "\\2-XXXX", false),
|
|
35
|
-
SensitiveTag.new("bin", "(\\s*)(\\p{N}{4})(\\s*)(\\p{N}{2})(\\s*\\p{N}*\\s*)", "\\2-XXXX", false)
|
|
36
|
-
]).freeze
|
|
37
|
-
|
|
38
|
-
@sensitiveStringRegexes = [
|
|
39
|
-
"4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
|
40
|
-
"4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
|
|
41
|
-
"5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
|
42
|
-
"6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
|
43
|
-
"35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
|
44
|
-
"3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"
|
|
45
|
-
].freeze
|
|
28
|
+
def maskSensitiveDataInJson(input)
|
|
29
|
+
str = input.to_s
|
|
30
|
+
parsed =
|
|
31
|
+
begin
|
|
32
|
+
JSON.parse(str)
|
|
33
|
+
rescue JSON::ParserError
|
|
34
|
+
# Fall back to Ruby Hash#inspect syntax (e.g. interpolated
|
|
35
|
+
# "#{hash}" in a log string produces {"k"=>"v"} or {:k=>"v"}).
|
|
36
|
+
# Convert heuristically to JSON without eval, then retry.
|
|
37
|
+
converted = rubyInspectToJson(str)
|
|
38
|
+
converted.nil? ? (raise) : JSON.parse(converted)
|
|
39
|
+
end
|
|
40
|
+
unless parsed.is_a?(Hash) || parsed.is_a?(Array)
|
|
41
|
+
return REDACTED_PAYLOAD
|
|
42
|
+
end
|
|
43
|
+
masked_data = maskJsonObject(parsed)
|
|
44
|
+
JSON.generate(masked_data)
|
|
45
|
+
rescue JSON::ParserError, TypeError, EncodingError
|
|
46
|
+
REDACTED_PAYLOAD
|
|
46
47
|
end
|
|
47
|
-
end
|
|
48
48
|
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
49
|
+
# Best-effort, eval-free conversion of Ruby Hash/Array#inspect output to
|
|
50
|
+
# JSON. Returns nil if the input cannot plausibly be Ruby inspect syntax
|
|
51
|
+
# (so the caller can fail closed). Handles:
|
|
52
|
+
# :symbol => "v" -> "symbol": "v" (legacy inspect)
|
|
53
|
+
# "k" => "v" -> "k": "v" (string-key inspect)
|
|
54
|
+
# { bareword: "v" } -> { "bareword": "v" } (Ruby 3.4+ shorthand)
|
|
55
|
+
# bare nil tokens -> null
|
|
56
|
+
# Does NOT attempt to handle every Ruby literal (Procs, Time, custom
|
|
57
|
+
# #inspect, etc.); anything unrecognized will cause JSON.parse to fail
|
|
58
|
+
# downstream and the span will be redacted.
|
|
59
|
+
def rubyInspectToJson(str)
|
|
60
|
+
out = +''
|
|
61
|
+
i = 0
|
|
62
|
+
len = str.length
|
|
63
|
+
in_string = false
|
|
64
|
+
escape = false
|
|
65
|
+
|
|
66
|
+
while i < len
|
|
67
|
+
ch = str[i]
|
|
68
|
+
if in_string
|
|
69
|
+
out << ch
|
|
70
|
+
if escape
|
|
71
|
+
escape = false
|
|
72
|
+
elsif ch == '\\'
|
|
73
|
+
escape = true
|
|
74
|
+
elsif ch == '"'
|
|
75
|
+
in_string = false
|
|
76
|
+
end
|
|
77
|
+
i += 1
|
|
78
|
+
next
|
|
69
79
|
end
|
|
70
80
|
|
|
71
|
-
|
|
72
|
-
|
|
81
|
+
if ch == '"'
|
|
82
|
+
in_string = true
|
|
83
|
+
out << ch
|
|
84
|
+
i += 1
|
|
85
|
+
next
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
# :symbol_key (legacy inspect): preceded by { , [ or whitespace
|
|
89
|
+
if ch == ':' && i + 1 < len && str[i + 1] =~ /[A-Za-z_]/ &&
|
|
90
|
+
(out.empty? || out[-1] =~ /[\{\[,\s]/)
|
|
91
|
+
j = i + 1
|
|
92
|
+
j += 1 while j < len && str[j] =~ /[A-Za-z0-9_]/
|
|
93
|
+
sym = str[(i + 1)...j]
|
|
94
|
+
out << '"' << sym << '"'
|
|
95
|
+
i = j
|
|
96
|
+
next
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
# bareword: shorthand (Ruby 3.4+ inspect): preceded by { , or
|
|
100
|
+
# whitespace; followed by ':' then whitespace (so we don't
|
|
101
|
+
# confuse with the '::' constant-resolution operator).
|
|
102
|
+
if ch =~ /[A-Za-z_]/ &&
|
|
103
|
+
(out.empty? || out[-1] =~ /[\{\[,\s]/)
|
|
104
|
+
j = i
|
|
105
|
+
j += 1 while j < len && str[j] =~ /[A-Za-z0-9_]/
|
|
106
|
+
if j < len && str[j] == ':' && str[j + 1] != ':' &&
|
|
107
|
+
(j + 1 >= len || str[j + 1] =~ /\s/)
|
|
108
|
+
word = str[i...j]
|
|
109
|
+
out << '"' << word << '":'
|
|
110
|
+
i = j + 1
|
|
111
|
+
next
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# => operator
|
|
116
|
+
if ch == '=' && str[i + 1] == '>'
|
|
117
|
+
out << ':'
|
|
118
|
+
i += 2
|
|
119
|
+
next
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
# bare nil -> null
|
|
123
|
+
if ch == 'n' && str[i, 3] == 'nil' &&
|
|
124
|
+
(i.zero? || str[i - 1] =~ /[\s,\{\[:]/) &&
|
|
125
|
+
(i + 3 >= len || str[i + 3] =~ /[\s,\}\]]/)
|
|
126
|
+
out << 'null'
|
|
127
|
+
i += 3
|
|
128
|
+
next
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
out << ch
|
|
132
|
+
i += 1
|
|
73
133
|
end
|
|
134
|
+
|
|
135
|
+
out
|
|
74
136
|
end
|
|
75
137
|
|
|
76
|
-
def
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
138
|
+
def maskJsonObject(obj)
|
|
139
|
+
case obj
|
|
140
|
+
when Hash
|
|
141
|
+
obj.each_with_object({}) do |(key, value), result|
|
|
142
|
+
result[key] = if isSensitiveKey?(key)
|
|
143
|
+
maskSensitiveValue(value)
|
|
144
|
+
else
|
|
145
|
+
maskJsonObject(value)
|
|
146
|
+
end
|
|
147
|
+
end
|
|
148
|
+
when Array
|
|
149
|
+
obj.map { |item| maskJsonObject(item) }
|
|
150
|
+
else
|
|
151
|
+
obj
|
|
152
|
+
end
|
|
82
153
|
end
|
|
83
154
|
|
|
84
|
-
def
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
155
|
+
def isSensitiveKey?(key)
|
|
156
|
+
normalized = key.to_s.downcase.gsub(/[^a-z0-9]/, '')
|
|
157
|
+
SENSITIVE_KEYS.any? { |sensitive| normalized.include?(sensitive) }
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
# When a sensitive key wraps a value, redact scalars directly. For nested
|
|
161
|
+
# Hash/Array containers, recurse via maskJsonObject so individual inner
|
|
162
|
+
# values are masked based on their own key names rather than blanket-
|
|
163
|
+
# redacting the entire container.
|
|
164
|
+
def maskSensitiveValue(value)
|
|
165
|
+
case value
|
|
166
|
+
when Hash, Array
|
|
167
|
+
maskJsonObject(value)
|
|
168
|
+
when String
|
|
169
|
+
REDACTED_VALUE
|
|
170
|
+
when Integer, Float
|
|
171
|
+
9_999
|
|
172
|
+
when TrueClass, FalseClass
|
|
173
|
+
false
|
|
90
174
|
else
|
|
91
|
-
|
|
175
|
+
value
|
|
92
176
|
end
|
|
93
177
|
end
|
|
94
178
|
|
|
95
|
-
def
|
|
96
|
-
|
|
97
|
-
@@cardPatterns.each {|cardNumberRegex|
|
|
98
|
-
encoded_input = encoded_input.gsub(/#{cardNumberRegex}/, "XXX")
|
|
99
|
-
}
|
|
100
|
-
return encoded_input
|
|
179
|
+
def maskValue(value)
|
|
180
|
+
maskSensitiveValue(value)
|
|
101
181
|
end
|
|
102
182
|
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
183
|
+
# Central defense-in-depth entry point. Regardless of how the log message
|
|
184
|
+
# is shaped (Ruby Hash/Array, pure JSON string, "label: {json}",
|
|
185
|
+
# "prefix {json} suffix", or even multiple embedded JSON blobs), every
|
|
186
|
+
# JSON Object/Array substring is extracted, parsed, and masked in-place.
|
|
187
|
+
# Any JSON-shaped substring that fails to parse is replaced with
|
|
188
|
+
# REDACTED_PAYLOAD (fail-closed) so a partially-decrypted or truncated
|
|
189
|
+
# body cannot leak through the wrapper.
|
|
190
|
+
def call(severity, time, progname, msg)
|
|
191
|
+
maskedMessage =
|
|
192
|
+
case msg
|
|
193
|
+
when Hash, Array
|
|
194
|
+
# Ruby Hash/Array passed directly to logger.<level>(obj). Walk
|
|
195
|
+
# the structure with maskJsonObject so individual sensitive
|
|
196
|
+
# fields are masked; Hash#to_s produces "key=>value" syntax
|
|
197
|
+
# which is NOT valid JSON, so we must not route it through
|
|
198
|
+
# the string-based parser path.
|
|
199
|
+
JSON.generate(maskJsonObject(msg))
|
|
200
|
+
else
|
|
201
|
+
msg_str = msg.to_s
|
|
202
|
+
begin
|
|
203
|
+
JSON.parse(msg_str)
|
|
204
|
+
maskSensitiveDataInJson(msg_str)
|
|
205
|
+
rescue JSON::ParserError, TypeError
|
|
206
|
+
maskEmbeddedJson(msg_str)
|
|
207
|
+
end
|
|
208
|
+
end
|
|
209
|
+
formatLogEntry(severity, time, progname, maskedMessage)
|
|
210
|
+
end
|
|
211
|
+
|
|
212
|
+
# Walk the string, extract every top-level balanced {...} or [...] span
|
|
213
|
+
# (respecting JSON string/escape rules), and mask each in place. If no
|
|
214
|
+
# JSON-shaped span is present, the original text is returned unchanged.
|
|
215
|
+
# If a span is found but cannot be parsed, the entire message is redacted.
|
|
216
|
+
def maskEmbeddedJson(msg_str)
|
|
217
|
+
return msg_str unless msg_str.include?('{') || msg_str.include?('[')
|
|
218
|
+
|
|
219
|
+
result = +''
|
|
220
|
+
i = 0
|
|
221
|
+
len = msg_str.length
|
|
222
|
+
found_any = false
|
|
223
|
+
|
|
224
|
+
while i < len
|
|
225
|
+
ch = msg_str[i]
|
|
226
|
+
if ch == '{' || ch == '['
|
|
227
|
+
span_end = find_balanced_json_end(msg_str, i)
|
|
228
|
+
if span_end.nil?
|
|
229
|
+
# Unbalanced JSON-looking content remaining: fail closed.
|
|
230
|
+
return REDACTED_PAYLOAD
|
|
231
|
+
end
|
|
232
|
+
candidate = msg_str[i..span_end]
|
|
233
|
+
masked = maskSensitiveDataInJson(candidate)
|
|
234
|
+
# maskSensitiveDataInJson returns REDACTED_PAYLOAD on parse failure,
|
|
235
|
+
# which is the safe outcome we want to propagate.
|
|
236
|
+
result << masked
|
|
237
|
+
i = span_end + 1
|
|
238
|
+
found_any = true
|
|
239
|
+
else
|
|
240
|
+
result << ch
|
|
241
|
+
i += 1
|
|
242
|
+
end
|
|
107
243
|
end
|
|
108
|
-
|
|
244
|
+
|
|
245
|
+
found_any ? result : msg_str
|
|
109
246
|
end
|
|
110
247
|
|
|
111
|
-
|
|
248
|
+
# Returns the index of the matching closing brace/bracket for the JSON
|
|
249
|
+
# span beginning at start_idx, honoring JSON string and escape rules.
|
|
250
|
+
# Returns nil if unbalanced.
|
|
251
|
+
def find_balanced_json_end(str, start_idx)
|
|
252
|
+
depth = 0
|
|
253
|
+
in_string = false
|
|
254
|
+
escape = false
|
|
255
|
+
i = start_idx
|
|
256
|
+
len = str.length
|
|
257
|
+
|
|
258
|
+
while i < len
|
|
259
|
+
ch = str[i]
|
|
260
|
+
if in_string
|
|
261
|
+
if escape
|
|
262
|
+
escape = false
|
|
263
|
+
elsif ch == '\\'
|
|
264
|
+
escape = true
|
|
265
|
+
elsif ch == '"'
|
|
266
|
+
in_string = false
|
|
267
|
+
end
|
|
268
|
+
else
|
|
269
|
+
case ch
|
|
270
|
+
when '"'
|
|
271
|
+
in_string = true
|
|
272
|
+
when '{', '['
|
|
273
|
+
depth += 1
|
|
274
|
+
when '}', ']'
|
|
275
|
+
depth -= 1
|
|
276
|
+
return i if depth.zero?
|
|
277
|
+
return nil if depth < 0
|
|
278
|
+
end
|
|
279
|
+
end
|
|
280
|
+
i += 1
|
|
281
|
+
end
|
|
282
|
+
nil
|
|
283
|
+
end
|
|
284
|
+
|
|
285
|
+
def formatLogEntry(severity, _time, progname, msg)
|
|
112
286
|
datetime = DateTime.now
|
|
113
|
-
date_format = datetime.strftime(
|
|
114
|
-
|
|
115
|
-
# $stdout.puts log_message
|
|
116
|
-
log_message
|
|
287
|
+
date_format = datetime.strftime('%Y-%m-%d %H:%M:%S')
|
|
288
|
+
"[#{date_format}] #{severity.ljust(10)} (#{progname}): #{msg}\n"
|
|
117
289
|
end
|
|
118
|
-
end
|
|
290
|
+
end
|
|
@@ -1,19 +1,69 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require_relative './Cache'
|
|
4
|
+
require_relative './Constants'
|
|
4
5
|
require 'stringio'
|
|
5
6
|
require 'jose'
|
|
7
|
+
require 'json'
|
|
8
|
+
require 'base64'
|
|
6
9
|
|
|
7
10
|
public
|
|
11
|
+
|
|
8
12
|
class AuthJWEUtility
|
|
9
13
|
# <b>DEPRECATED:</b> This method has been marked as Deprecated and will be removed in coming releases. Use <tt>decrypt_jwe_using_private_key()</tt> instead.
|
|
10
14
|
def self.decrypt_jwe_using_pem(merchant_config, encoded_response)
|
|
11
|
-
warn(
|
|
15
|
+
warn('[DEPRECATED] `decrypt_jwe_using_pem()` method is deprecated and will be removed in coming releases. Use `decrypt_jwe_using_private_key()` instead.')
|
|
16
|
+
validate_jwe_algorithms(encoded_response)
|
|
12
17
|
key = Cache.new.fetchPEMFileForNetworkTokenization(merchant_config.pemFileDirectory)
|
|
13
|
-
|
|
18
|
+
JOSE::JWE.block_decrypt(key, encoded_response).first
|
|
14
19
|
end
|
|
15
20
|
|
|
16
21
|
def self.decrypt_jwe_using_private_key(private_key, encoded_response)
|
|
17
|
-
|
|
22
|
+
validate_jwe_algorithms(encoded_response)
|
|
23
|
+
JOSE::JWE.block_decrypt(private_key, encoded_response).first
|
|
18
24
|
end
|
|
25
|
+
|
|
26
|
+
# Validates the JWE header algorithms before decryption to prevent algorithm
|
|
27
|
+
# substitution attacks (e.g., Bleichenbacher padding oracle via RSA1_5,
|
|
28
|
+
# or chosen-plaintext via 'dir').
|
|
29
|
+
#
|
|
30
|
+
# Only algorithms supported by CGK are permitted:
|
|
31
|
+
# alg: RSA-OAEP, RSA-OAEP-256
|
|
32
|
+
# enc: A128GCM, A256GCM
|
|
33
|
+
def self.validate_jwe_algorithms(encoded_response)
|
|
34
|
+
if encoded_response.nil? || encoded_response.to_s.strip.empty?
|
|
35
|
+
raise StandardError, 'Encoded JWE response is nil or empty'
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
parts = encoded_response.to_s.split('.')
|
|
39
|
+
unless parts.length == 5
|
|
40
|
+
raise StandardError, "Invalid JWE compact serialization: expected 5 parts, got #{parts.length}"
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
# Base64url-decode the JOSE header (first segment); add padding as needed
|
|
44
|
+
header_b64 = parts[0]
|
|
45
|
+
# Add padding if needed for proper base64url decoding
|
|
46
|
+
header_b64 += '=' * (4 - header_b64.length % 4) if header_b64.length % 4 != 0
|
|
47
|
+
header_json = Base64.urlsafe_decode64(header_b64)
|
|
48
|
+
begin
|
|
49
|
+
header = JSON.parse(header_json)
|
|
50
|
+
rescue JSON::ParserError => e
|
|
51
|
+
raise StandardError, "Invalid JWE header: failed to parse JSON - #{e.message}"
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
alg = header['alg']
|
|
55
|
+
enc = header['enc']
|
|
56
|
+
|
|
57
|
+
unless Constants::ALLOWED_JWE_KEY_ENCRYPTION_ALGORITHMS.include?(alg)
|
|
58
|
+
raise StandardError, "Unsupported JWE key encryption algorithm '#{alg}'. " \
|
|
59
|
+
"Allowed: #{Constants::ALLOWED_JWE_KEY_ENCRYPTION_ALGORITHMS.join(', ')}"
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
unless Constants::ALLOWED_JWE_CONTENT_ENCRYPTION_ALGORITHMS.include?(enc)
|
|
63
|
+
raise StandardError, "Unsupported JWE content encryption algorithm '#{enc}'. " \
|
|
64
|
+
"Allowed: #{Constants::ALLOWED_JWE_CONTENT_ENCRYPTION_ALGORITHMS.join(', ')}"
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
private_class_method :validate_jwe_algorithms
|
|
19
69
|
end
|
|
@@ -21,7 +21,7 @@ public
|
|
|
21
21
|
merchantId = merchantConfig.merchantId
|
|
22
22
|
certificateFilePath = merchantConfig.p12KeyFilePath
|
|
23
23
|
|
|
24
|
-
cacheKey =
|
|
24
|
+
cacheKey = File.expand_path(certificateFilePath) + "_JWT"
|
|
25
25
|
|
|
26
26
|
@@mutex.synchronize do
|
|
27
27
|
cachedCertificateInfo = @@cache_obj.read(cacheKey)
|
|
@@ -179,8 +179,8 @@ public
|
|
|
179
179
|
end
|
|
180
180
|
|
|
181
181
|
def get_mle_kid_data_from_cache(merchant_config)
|
|
182
|
-
cache_key = merchant_config.responseMlePrivateKeyFilePath + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
|
|
183
182
|
file_path = merchant_config.responseMlePrivateKeyFilePath
|
|
183
|
+
cache_key = File.expand_path(file_path) + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
|
|
184
184
|
|
|
185
185
|
@@mutex.synchronize do
|
|
186
186
|
if !@@cache_obj.exist?(cache_key)
|
|
@@ -216,7 +216,7 @@ public
|
|
|
216
216
|
logger = @@logger.logger
|
|
217
217
|
|
|
218
218
|
file_path = merchant_config.responseMlePrivateKeyFilePath
|
|
219
|
-
cache_key =
|
|
219
|
+
cache_key = File.expand_path(file_path) + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
|
|
220
220
|
|
|
221
221
|
# Get certificate from P12 file
|
|
222
222
|
_, certificate_list = Utility.getCertificateCollectionAndPrivateKeyFromP12(
|
|
@@ -272,21 +272,26 @@ public
|
|
|
272
272
|
def fetchPEMFileForNetworkTokenization(filePath)
|
|
273
273
|
warn("[DEPRECATED] 'fetchPEMFileForNetworkTokenization' method is deprecated and will be removed in coming releases.")
|
|
274
274
|
|
|
275
|
+
# Use normalised filePath-scoped cache keys to prevent cross-tenant data leakage
|
|
276
|
+
normalised_path = File.expand_path(filePath)
|
|
277
|
+
pem_cache_key = "privateKeyFromPEMFile_#{normalised_path}"
|
|
278
|
+
pem_time_cache_key = "cachedLastModifiedTimeOfPEMFile_#{normalised_path}"
|
|
279
|
+
|
|
275
280
|
# Thread-safe cache access for deprecated method
|
|
276
281
|
@@mutex.synchronize do
|
|
277
|
-
pem_file_cache = @@cache_obj.read(
|
|
278
|
-
cached_pem_file_last_updated_time = @@cache_obj.read(
|
|
282
|
+
pem_file_cache = @@cache_obj.read(pem_cache_key)
|
|
283
|
+
cached_pem_file_last_updated_time = @@cache_obj.read(pem_time_cache_key)
|
|
279
284
|
|
|
280
285
|
if File.exist?(filePath)
|
|
281
286
|
current_last_modified_time_of_PEM_file = File.mtime(filePath)
|
|
282
287
|
if pem_file_cache.nil? || pem_file_cache.to_s.empty? || current_last_modified_time_of_PEM_file > cached_pem_file_last_updated_time
|
|
283
288
|
private_key = JOSE::JWK.from_pem_file filePath
|
|
284
|
-
@@cache_obj.write(
|
|
285
|
-
@@cache_obj.write(
|
|
289
|
+
@@cache_obj.write(pem_cache_key, private_key)
|
|
290
|
+
@@cache_obj.write(pem_time_cache_key, current_last_modified_time_of_PEM_file)
|
|
286
291
|
end
|
|
287
292
|
end
|
|
288
293
|
|
|
289
|
-
return @@cache_obj.read(
|
|
294
|
+
return @@cache_obj.read(pem_cache_key)
|
|
290
295
|
end
|
|
291
296
|
end
|
|
292
297
|
|