cybersource_rest_client 0.0.84 → 0.0.85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (272) hide show
  1. checksums.yaml +4 -4
  2. data/lib/AuthenticationSDK/core/MerchantConfig.rb +11 -10
  3. data/lib/AuthenticationSDK/logging/sensitive_logging.rb +265 -93
  4. data/lib/AuthenticationSDK/util/AuthJWEUtility.rb +53 -3
  5. data/lib/AuthenticationSDK/util/Cache.rb +13 -8
  6. data/lib/AuthenticationSDK/util/Constants.rb +87 -32
  7. data/lib/AuthenticationSDK/util/MLEUtility.rb +42 -2
  8. data/lib/cybersource_rest_client/api/{instructions_api.rb → agent_capabilities_api.rb} +106 -25
  9. data/lib/cybersource_rest_client/api/billing_agreements_api.rb +6 -6
  10. data/lib/cybersource_rest_client/api/capture_api.rb +2 -2
  11. data/lib/cybersource_rest_client/api/credentials_api.rb +1 -1
  12. data/lib/cybersource_rest_client/api/credit_api.rb +2 -2
  13. data/lib/cybersource_rest_client/api/invoice_settings_api.rb +2 -2
  14. data/lib/cybersource_rest_client/api/invoices_api.rb +6 -6
  15. data/lib/cybersource_rest_client/api/merchant_boarding_api.rb +2 -2
  16. data/lib/cybersource_rest_client/api/orders_api.rb +4 -4
  17. data/lib/cybersource_rest_client/api/payment_links_api.rb +4 -4
  18. data/lib/cybersource_rest_client/api/payment_tokens_api.rb +2 -2
  19. data/lib/cybersource_rest_client/api/payments_api.rb +21 -21
  20. data/lib/cybersource_rest_client/api/refund_api.rb +4 -4
  21. data/lib/cybersource_rest_client/api/reversal_api.rb +4 -4
  22. data/lib/cybersource_rest_client/api/void_api.rb +10 -10
  23. data/lib/cybersource_rest_client/api_client.rb +31 -2
  24. data/lib/cybersource_rest_client/configuration.rb +2 -2
  25. data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations.rb → account_updater_configurations.rb} +4 -4
  26. data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations_amex.rb → account_updater_configurations_amex.rb} +1 -1
  27. data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations_master_card.rb → account_updater_configurations_master_card.rb} +1 -1
  28. data/lib/cybersource_rest_client/models/{commerce_solutions_products_account_updater_configuration_information_configurations_visa.rb → account_updater_configurations_visa.rb} +1 -1
  29. data/lib/cybersource_rest_client/models/{ptsv1pullfundstransfer_processing_information_funding_options.rb → aft_funding_options.rb} +2 -2
  30. data/lib/cybersource_rest_client/models/{ptsv1pullfundstransfer_processing_information_funding_options_initiator.rb → aft_funding_options_initiator.rb} +2 -2
  31. data/lib/cybersource_rest_client/models/{ptsv1pullfundstransfer_processing_info_funding_options_initiator_origin_ini_transaction.rb → aft_funding_options_initiator_originator_initiated_transaction.rb} +1 -1
  32. data/lib/cybersource_rest_client/models/agentic_cancel_purchase_intent_request.rb +3 -3
  33. data/lib/cybersource_rest_client/models/agentic_card_enrollment_request.rb +8 -8
  34. data/lib/cybersource_rest_client/models/agentic_confirm_transaction_events_request.rb +2 -2
  35. data/lib/cybersource_rest_client/models/agentic_create_purchase_intent_request.rb +5 -5
  36. data/lib/cybersource_rest_client/models/agentic_retrieve_payment_credentials_request.rb +2 -2
  37. data/lib/cybersource_rest_client/models/agentic_retrieve_payment_credentials_response200.rb +1 -1
  38. data/lib/cybersource_rest_client/models/agentic_update_purchase_intent_request.rb +5 -5
  39. data/lib/cybersource_rest_client/models/{payments_products_alternative_payment_methods_configuration_information_configurations_processors.rb → alternative_payments_processor_configuration.rb} +1 -1
  40. data/lib/cybersource_rest_client/models/bin_lookup403_response.rb +223 -0
  41. data/lib/cybersource_rest_client/models/bin_lookupv400_response.rb +235 -0
  42. data/lib/cybersource_rest_client/models/{card_processing_config_common_acquirer_agreement_acquirer_code.rb → boarding_acquirer_details.rb} +2 -2
  43. data/lib/cybersource_rest_client/models/{card_processing_config_common_acquirer_agreement_acquirer_code_payment_options.rb → boarding_acquirer_details_payment_options.rb} +1 -1
  44. data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information.rb → boarding_business_information.rb} +6 -6
  45. data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information_address.rb → boarding_business_information_address.rb} +1 -1
  46. data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information_business_contact.rb → boarding_business_information_business_contact.rb} +1 -1
  47. data/lib/cybersource_rest_client/models/{boardingv1registrations_organization_information_business_information_localized_names.rb → boarding_business_information_localized_names.rb} +1 -1
  48. data/lib/cybersource_rest_client/models/{payments_products_payouts_configuration_information_configurations.rb → boarding_payouts_configurations.rb} +2 -2
  49. data/lib/cybersource_rest_client/models/{payments_products_payouts_configuration_information_configurations_common.rb → boarding_payouts_configurations_common.rb} +2 -2
  50. data/lib/cybersource_rest_client/models/{payments_products_payouts_configuration_information_configurations_common_aggregator.rb → boarding_payouts_configurations_common_aggregator.rb} +1 -1
  51. data/lib/cybersource_rest_client/models/boardingv1registrations_organization_information.rb +1 -1
  52. data/lib/cybersource_rest_client/models/boardingv1registrations_organization_information_owners.rb +1 -1
  53. data/lib/cybersource_rest_client/models/card_processing_config_common_acquirer_agreement.rb +1 -1
  54. data/lib/cybersource_rest_client/models/commerce_solutions_products_account_updater_configuration_information.rb +1 -1
  55. data/lib/cybersource_rest_client/models/create_subscription_response.rb +1 -1
  56. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument.rb → default_payment_instrument.rb} +9 -9
  57. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument__embedded.rb → default_payment_instrument__embedded.rb} +1 -1
  58. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument__links.rb → default_payment_instrument__links.rb} +2 -2
  59. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument__links_self.rb → default_payment_instrument__links_self.rb} +1 -1
  60. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_bank_account.rb → default_payment_instrument_bank_account.rb} +1 -1
  61. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_bill_to.rb → default_payment_instrument_bill_to.rb} +1 -1
  62. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_buyer_information.rb → default_payment_instrument_buyer_information.rb} +2 -2
  63. data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_buyer_info_issued_by.rb → default_payment_instrument_buyer_information_issued_by.rb} +1 -1
  64. data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_buyer_info_personal_identification.rb → default_payment_instrument_buyer_information_personal_identification.rb} +2 -2
  65. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_card.rb → default_payment_instrument_card.rb} +2 -2
  66. data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_card_tokenized_info.rb → default_payment_instrument_card_tokenized_information.rb} +1 -1
  67. data/lib/cybersource_rest_client/models/{tmsv2tokenize_default_payment_instrument_instrument_identifier.rb → default_payment_instrument_instrument_identifier.rb} +1 -1
  68. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_payment_instrument_metadata.rb → default_payment_instrument_metadata.rb} +1 -1
  69. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address.rb → default_shipping_address.rb} +4 -4
  70. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address__links.rb → default_shipping_address__links.rb} +3 -3
  71. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address__links_customer.rb → default_shipping_address__links_customer.rb} +1 -1
  72. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address__links_self.rb → default_shipping_address__links_self.rb} +1 -1
  73. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address_metadata.rb → default_shipping_address_metadata.rb} +1 -1
  74. data/lib/cybersource_rest_client/models/{tmsv2tokenize_token_information_customer__embedded_default_shipping_address_ship_to.rb → default_shipping_address_ship_to.rb} +1 -1
  75. data/lib/cybersource_rest_client/models/{pts_v2_payments_post201_response_watchlist_screening_information_watch_list.rb → export_compliance_watch_list.rb} +2 -2
  76. data/lib/cybersource_rest_client/models/{pts_v2_payments_post201_response_watchlist_screening_information_watch_list_matches.rb → export_compliance_watch_list_matches.rb} +1 -1
  77. data/lib/cybersource_rest_client/models/{get_subscription_response_1_payment_instrument_buyer_information.rb → follow_on_transaction_buyer_information.rb} +2 -2
  78. data/lib/cybersource_rest_client/models/generate_unified_checkout_v1_capture_context_request.rb +2 -2
  79. data/lib/cybersource_rest_client/models/get_subscription_response_1_payment_instrument.rb +2 -2
  80. data/lib/cybersource_rest_client/models/get_subscription_response_1_shipping_address.rb +1 -1
  81. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_amount_detail.rb → icc_amount_detail.rb} +1 -1
  82. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_items.rb → icc_line_item.rb} +4 -4
  83. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_items_additional_info.rb → icc_line_item_additional_info.rb} +1 -1
  84. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_items_policies.rb → icc_line_item_policies.rb} +1 -1
  85. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_merchant_information_merchant_descriptor.rb → icc_merchant_descriptor.rb} +1 -1
  86. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_processor_information_payment_instrument.rb → icc_payment_instrument.rb} +2 -2
  87. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconf_processor_info_payment_instrument_verifi_results.rb → icc_payment_instrument_verification_results.rb} +1 -1
  88. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_order_information_shipping_details.rb → icc_shipping_details.rb} +1 -1
  89. data/lib/cybersource_rest_client/models/{agentic_retrieve_payment_credentials_response200_transaction_response_with_pending_events.rb → icc_transaction_response_pending_events.rb} +1 -1
  90. data/lib/cybersource_rest_client/models/{acpv1instructions_decline_threshold.rb → iccv1instructions_decline_threshold.rb} +1 -1
  91. data/lib/cybersource_rest_client/models/{acpv1instructions_mandates.rb → iccv1instructions_mandates.rb} +3 -3
  92. data/lib/cybersource_rest_client/models/{acpv1instructions_recurring_payment_information.rb → iccv1instructions_recurring_payment_information.rb} +1 -1
  93. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_confirmation_data.rb → iccv1instructionsinstruction_idconfirmations_confirmation_data.rb} +5 -5
  94. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_merchant_information.rb → iccv1instructionsinstruction_idconfirmations_merchant_information.rb} +1 -1
  95. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_order_information.rb → iccv1instructionsinstruction_idconfirmations_order_information.rb} +5 -5
  96. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idconfirmations_processor_information.rb → iccv1instructionsinstruction_idconfirmations_processor_information.rb} +3 -3
  97. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_attachments.rb → iccv1instructionsinstruction_idcredentials_attachments.rb} +1 -1
  98. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_client_reference_information.rb → iccv1instructionsinstruction_idcredentials_client_reference_information.rb} +1 -1
  99. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_mandate_reference_data.rb → iccv1instructionsinstruction_idcredentials_mandate_reference_data.rb} +1 -1
  100. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_merchant_information.rb → iccv1instructionsinstruction_idcredentials_merchant_information.rb} +2 -2
  101. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information.rb → iccv1instructionsinstruction_idcredentials_order_information.rb} +4 -4
  102. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_line_items.rb → iccv1instructionsinstruction_idcredentials_order_information_line_items.rb} +2 -2
  103. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_order_information_ship_to.rb → iccv1instructionsinstruction_idcredentials_order_information_ship_to.rb} +1 -1
  104. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_payment_options.rb → iccv1instructionsinstruction_idcredentials_payment_options.rb} +1 -1
  105. data/lib/cybersource_rest_client/models/{acpv1instructionsinstruction_idcredentials_transaction_data.rb → iccv1instructionsinstruction_idcredentials_transaction_data.rb} +7 -7
  106. data/lib/cybersource_rest_client/models/{acpv1mppcredentials_challenge.rb → iccv1mppcredentials_challenge.rb} +2 -2
  107. data/lib/cybersource_rest_client/models/{acpv1mppcredentials_challenge_encryption_jwk.rb → iccv1mppcredentials_challenge_encryption_jwk.rb} +1 -1
  108. data/lib/cybersource_rest_client/models/{acpv1tokens_assurance_data.rb → iccv1tokens_assurance_data.rb} +3 -3
  109. data/lib/cybersource_rest_client/models/{acpv1tokens_authenticated_identities.rb → iccv1tokens_authenticated_identities.rb} +1 -1
  110. data/lib/cybersource_rest_client/models/{acpv1tokens_authentication_context.rb → iccv1tokens_authentication_context.rb} +1 -1
  111. data/lib/cybersource_rest_client/models/{acpv1tokens_bill_to.rb → iccv1tokens_bill_to.rb} +1 -1
  112. data/lib/cybersource_rest_client/models/{acpv1tokens_buyer_information.rb → iccv1tokens_buyer_information.rb} +2 -2
  113. data/lib/cybersource_rest_client/models/{acpv1tokens_buyer_information_personal_identification.rb → iccv1tokens_buyer_information_personal_identification.rb} +9 -9
  114. data/lib/cybersource_rest_client/models/{acpv1tokens_consent_data.rb → iccv1tokens_consent_data.rb} +1 -1
  115. data/lib/cybersource_rest_client/models/{acpv1tokens_consumer_identity.rb → iccv1tokens_consumer_identity.rb} +1 -1
  116. data/lib/cybersource_rest_client/models/{acpv1tokens_device_information.rb → iccv1tokens_device_information.rb} +2 -2
  117. data/lib/cybersource_rest_client/models/{acpv1tokens_device_information_device_data.rb → iccv1tokens_device_information_device_data.rb} +1 -1
  118. data/lib/cybersource_rest_client/models/{acpv1tokens_enrollment_reference_data.rb → iccv1tokens_enrollment_reference_data.rb} +1 -1
  119. data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information.rb → iccv1tokens_payment_information.rb} +4 -4
  120. data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information_customer.rb → iccv1tokens_payment_information_customer.rb} +1 -1
  121. data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information_instrument_identifier.rb → iccv1tokens_payment_information_instrument_identifier.rb} +1 -1
  122. data/lib/cybersource_rest_client/models/{acpv1tokens_payment_information_payment_instrument.rb → iccv1tokens_payment_information_payment_instrument.rb} +1 -1
  123. data/lib/cybersource_rest_client/models/inline_response_201_4_setups.rb +1 -1
  124. data/lib/cybersource_rest_client/models/inline_response_201_4_setups_commerce_solutions.rb +4 -4
  125. data/lib/cybersource_rest_client/models/inline_response_201_4_setups_risk.rb +3 -3
  126. data/lib/cybersource_rest_client/models/inline_response_201_4_setups_value_added_services.rb +5 -5
  127. data/lib/cybersource_rest_client/models/inline_response_400_11.rb +42 -35
  128. data/lib/cybersource_rest_client/models/inline_response_400_12.rb +16 -62
  129. data/lib/cybersource_rest_client/models/{inline_response_400_11_details.rb → inline_response_400_12_details.rb} +1 -1
  130. data/lib/cybersource_rest_client/models/inline_response_400_13.rb +281 -0
  131. data/lib/cybersource_rest_client/models/inline_response_502.rb +9 -53
  132. data/lib/cybersource_rest_client/models/inline_response_502_1.rb +24 -12
  133. data/lib/cybersource_rest_client/models/inline_response_502_2.rb +19 -47
  134. data/lib/cybersource_rest_client/models/inline_response_502_3.rb +251 -0
  135. data/lib/cybersource_rest_client/models/{payments_products_microform_configuration_information_configurations_features.rb → microform_config_features.rb} +2 -2
  136. data/lib/cybersource_rest_client/models/{payments_products_microform_configuration_information_configurations_features_gateway_agnostic.rb → microform_config_features_gateway_agnostic.rb} +1 -1
  137. data/lib/cybersource_rest_client/models/mpp_credentials_request.rb +1 -1
  138. data/lib/cybersource_rest_client/models/patch_customer_payment_instrument_request.rb +7 -7
  139. data/lib/cybersource_rest_client/models/patch_customer_shipping_address_request.rb +3 -3
  140. data/lib/cybersource_rest_client/models/patch_instrument_identifier_request.rb +1 -1
  141. data/lib/cybersource_rest_client/models/patch_payment_instrument_request.rb +7 -7
  142. data/lib/cybersource_rest_client/models/{payment_instrument_list__embedded_payment_instruments.rb → payment_instrument.rb} +8 -8
  143. data/lib/cybersource_rest_client/models/payment_instrument_list__embedded.rb +1 -1
  144. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments.rb → payments_configuration_setup.rb} +23 -23
  145. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_alternative_payment_methods.rb → payments_configuration_setup_alternative_payment_methods.rb} +3 -3
  146. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_alternative_payment_methods_configuration_status.rb → payments_configuration_setup_alternative_payment_methods_configuration_status.rb} +1 -1
  147. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_card_processing.rb → payments_configuration_setup_card_processing.rb} +3 -3
  148. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_card_processing_configuration_status.rb → payments_configuration_setup_card_processing_configuration_status.rb} +1 -1
  149. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_card_processing_subscription_status.rb → payments_configuration_setup_card_processing_subscription_status.rb} +1 -1
  150. data/lib/cybersource_rest_client/models/{inline_response_201_4_setups_payments_digital_payments.rb → payments_configuration_setup_digital_payments.rb} +2 -2
  151. data/lib/cybersource_rest_client/models/payments_products_alternative_payment_methods_configuration_information_configurations.rb +1 -1
  152. data/lib/cybersource_rest_client/models/payments_products_microform_configuration_information_configurations.rb +1 -1
  153. data/lib/cybersource_rest_client/models/payments_products_payouts_configuration_information.rb +1 -1
  154. data/lib/cybersource_rest_client/models/payments_products_unified_checkout_configuration_information.rb +1 -1
  155. data/lib/cybersource_rest_client/models/payments_products_unified_checkout_subscription_information.rb +1 -1
  156. data/lib/cybersource_rest_client/models/post_customer_payment_instrument_request.rb +7 -7
  157. data/lib/cybersource_rest_client/models/post_customer_shipping_address_request.rb +3 -3
  158. data/lib/cybersource_rest_client/models/post_instrument_identifier_enrollment_request.rb +1 -1
  159. data/lib/cybersource_rest_client/models/post_instrument_identifier_request.rb +1 -1
  160. data/lib/cybersource_rest_client/models/post_issuer_life_cycle_simulation_request.rb +1 -1
  161. data/lib/cybersource_rest_client/models/post_payment_credentials_request.rb +1 -1
  162. data/lib/cybersource_rest_client/models/post_payment_credentials_request_1.rb +1 -1
  163. data/lib/cybersource_rest_client/models/post_payment_instrument_request.rb +7 -7
  164. data/lib/cybersource_rest_client/models/{ptsv2payments_processing_information_authorization_options.rb → processing_info_authorization_options.rb} +2 -2
  165. data/lib/cybersource_rest_client/models/{ptsv2payments_processing_information_authorization_options_initiator.rb → processing_info_authorization_options_initiator.rb} +2 -2
  166. data/lib/cybersource_rest_client/models/{ptsv2payments_merchant_initiated_transaction.rb → processing_info_authorization_options_initiator_merchant_initiated_transaction.rb} +4 -4
  167. data/lib/cybersource_rest_client/models/{pts_v2_payments_post201_response_processor_information_seller_protection.rb → processor_information_seller_protection.rb} +1 -1
  168. data/lib/cybersource_rest_client/models/pts_v2_credits_post201_response.rb +1 -1
  169. data/lib/cybersource_rest_client/models/pts_v2_incremental_authorization_patch201_response_processor_information.rb +1 -1
  170. data/lib/cybersource_rest_client/models/pts_v2_payments_post201_response_1_processor_information.rb +1 -1
  171. data/lib/cybersource_rest_client/models/pts_v2_payments_post201_response_processor_information.rb +1 -1
  172. data/lib/cybersource_rest_client/models/pts_v2_payments_post201_response_watchlist_screening_information.rb +1 -1
  173. data/lib/cybersource_rest_client/models/pts_v2_payouts_post201_response_issuer_information.rb +166 -1
  174. data/lib/cybersource_rest_client/models/ptsv1pullfundstransfer_processing_information.rb +1 -1
  175. data/lib/cybersource_rest_client/models/ptsv1pushfundstransfer_recipient_information.rb +1 -1
  176. data/lib/cybersource_rest_client/models/ptsv2credits_processing_information.rb +1 -1
  177. data/lib/cybersource_rest_client/models/ptsv2credits_processing_information_refund_options.rb +22 -5
  178. data/lib/cybersource_rest_client/models/ptsv2payments_processing_information.rb +2 -2
  179. data/lib/cybersource_rest_client/models/ptsv2payments_processor_information.rb +22 -5
  180. data/lib/cybersource_rest_client/models/ptsv2paymentsidcaptures_processing_information.rb +1 -1
  181. data/lib/cybersource_rest_client/models/ptsv2paymentsidrefunds_processing_information.rb +1 -1
  182. data/lib/cybersource_rest_client/models/ptsv2paymentsidrefunds_processing_information_refund_options.rb +22 -5
  183. data/lib/cybersource_rest_client/models/ptsv2paymentsidreversals_processing_information.rb +1 -1
  184. data/lib/cybersource_rest_client/models/push_funds201_response.rb +11 -1
  185. data/lib/cybersource_rest_client/models/push_funds201_response_issuer_information.rb +344 -0
  186. data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information.rb → push_funds_transfer_payment_information.rb} +2 -2
  187. data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card.rb → push_funds_transfer_payment_information_card.rb} +4 -4
  188. data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card_customer.rb → push_funds_transfer_payment_information_card_customer.rb} +1 -1
  189. data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card_instrument_identifier.rb → push_funds_transfer_payment_information_card_instrument_identifier.rb} +1 -1
  190. data/lib/cybersource_rest_client/models/{ptsv1pushfundstransfer_recipient_information_payment_information_card_payment_instrument.rb → push_funds_transfer_payment_information_card_payment_instrument.rb} +1 -1
  191. data/lib/cybersource_rest_client/models/{rbsv1subscriptions_processing_information_authorization_options.rb → rbs_authorization_options.rb} +2 -2
  192. data/lib/cybersource_rest_client/models/{rbsv1subscriptions_processing_information_authorization_options_initiator.rb → rbs_authorization_options_initiator.rb} +1 -1
  193. data/lib/cybersource_rest_client/models/rbsv1subscriptions_processing_information.rb +1 -1
  194. data/lib/cybersource_rest_client/models/{reporting_v3_report_definitions_name_get200_response_default_settings.rb → report_definition_default_settings.rb} +1 -1
  195. data/lib/cybersource_rest_client/models/reporting_v3_report_definitions_get200_response_report_definitions.rb +1 -1
  196. data/lib/cybersource_rest_client/models/reporting_v3_report_definitions_name_get200_response.rb +1 -1
  197. data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address_verification_information.rb → risk_address_verification_information.rb} +3 -3
  198. data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address_verification_information_bar_code.rb → risk_address_verification_information_bar_code.rb} +1 -1
  199. data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address_verification_information_standard_address.rb → risk_address_verification_information_standard_address.rb} +2 -2
  200. data/lib/cybersource_rest_client/models/{risk_v1_address_verifications_post201_response_address1.rb → risk_address_verification_information_standard_address_address1.rb} +1 -1
  201. data/lib/cybersource_rest_client/models/risk_v1_address_verifications_post201_response.rb +1 -1
  202. data/lib/cybersource_rest_client/models/shipping_address_list_for_customer__embedded.rb +1 -1
  203. data/lib/cybersource_rest_client/models/tms_embedded_instrument_identifier.rb +1 -1
  204. data/lib/cybersource_rest_client/models/{tmsv2tokenizedcardstokenized_card_idissuerlifecycleeventsimulations_metadata.rb → tms_issuer_life_cycle_event_simulation_metadata.rb} +2 -2
  205. data/lib/cybersource_rest_client/models/{tmsv2tokenizedcardstokenized_card_idissuerlifecycleeventsimulations_metadata_card_art.rb → tms_issuer_life_cycle_event_simulation_metadata_card_art.rb} +2 -2
  206. data/lib/cybersource_rest_client/models/{tms_issuerlifecycleeventsimulations_metadata_card_art_combined_asset.rb → tms_issuer_life_cycle_event_simulation_metadata_card_art_combined_asset.rb} +1 -1
  207. data/lib/cybersource_rest_client/models/{tms_embedded_instrument_identifier_point_of_sale_information.rb → tms_point_of_sale_information.rb} +2 -2
  208. data/lib/cybersource_rest_client/models/{tms_embedded_instrument_identifier_point_of_sale_information_emv_tags.rb → tms_point_of_sale_information_emv_tags.rb} +1 -1
  209. data/lib/cybersource_rest_client/models/tmsv2customers__embedded.rb +1 -1
  210. data/lib/cybersource_rest_client/models/tmsv2tokenize_token_information.rb +2 -2
  211. data/lib/cybersource_rest_client/models/tmsv2tokenize_token_information_customer__embedded.rb +2 -2
  212. data/lib/cybersource_rest_client/models/tmsv3tokenstoken_idpaymentcredentials_authenticated_identities.rb +19 -8
  213. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_configuration_information_configurations.rb → uc_configurations.rb} +2 -2
  214. data/lib/cybersource_rest_client/models/uc_configurations_features.rb +209 -0
  215. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_configuration_information_configurations_features.rb → uc_configurations_features_click_to_pay.rb} +9 -9
  216. data/lib/cybersource_rest_client/models/uc_configurations_features_click_to_pay_enrollment_data.rb +223 -0
  217. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_configuration_information_configurations_features_paze.rb → uc_configurations_features_paze.rb} +2 -2
  218. data/lib/cybersource_rest_client/models/uc_configurations_features_portfolio_accessto_sensitive_data.rb +190 -0
  219. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features.rb → uc_feature_subscription.rb} +22 -22
  220. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_after_pay.rb → uc_feature_subscription_after_pay.rb} +1 -1
  221. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_apple_pay.rb → uc_feature_subscription_apple_pay.rb} +1 -1
  222. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_bancontact.rb → uc_feature_subscription_bancontact.rb} +1 -1
  223. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_click_to_pay.rb → uc_feature_subscription_click_to_pay.rb} +1 -1
  224. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_decision_manager.rb → uc_feature_subscription_decision_manager.rb} +1 -1
  225. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_dragon_pay.rb → uc_feature_subscription_dragon_pay.rb} +1 -1
  226. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_e_check.rb → uc_feature_subscription_e_check.rb} +1 -1
  227. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_google_pay.rb → uc_feature_subscription_google_pay.rb} +1 -1
  228. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_ideal.rb → uc_feature_subscription_ideal.rb} +1 -1
  229. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_konbini.rb → uc_feature_subscription_konbini.rb} +1 -1
  230. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_multibanco.rb → uc_feature_subscription_multibanco.rb} +1 -1
  231. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_my_bank.rb → uc_feature_subscription_my_bank.rb} +1 -1
  232. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_p24.rb → uc_feature_subscription_p24.rb} +1 -1
  233. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_pay_pal.rb → uc_feature_subscription_pay_pal.rb} +1 -1
  234. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_payer_authentication.rb → uc_feature_subscription_payer_authentication.rb} +1 -1
  235. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_paze_for_unified_checkout.rb → uc_feature_subscription_paze_for_unified_checkout.rb} +1 -1
  236. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_info_features_portfolio_accessof_sensi_data.rb → uc_feature_subscription_portfolio_accessof_sensitive_data.rb} +1 -1
  237. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_tink_pay_by_bank.rb → uc_feature_subscription_tink_pay_by_bank.rb} +1 -1
  238. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_token_management.rb → uc_feature_subscription_token_management.rb} +1 -1
  239. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_unified_click_to_pay_sdk.rb → uc_feature_subscription_unified_click_to_pay_sdk.rb} +1 -1
  240. data/lib/cybersource_rest_client/models/{payments_products_unified_checkout_subscription_information_features_venmo.rb → uc_feature_subscription_venmo.rb} +1 -1
  241. data/lib/cybersource_rest_client/models/ucv1sessions_complete_mandate.rb +1 -1
  242. data/lib/cybersource_rest_client/models/ucv1sessions_data.rb +1 -1
  243. data/lib/cybersource_rest_client/models/ucv1sessions_data_client_reference_information.rb +227 -0
  244. data/lib/cybersource_rest_client/models/ucv1sessions_data_order_information.rb +1 -1
  245. data/lib/cybersource_rest_client/models/ucv1sessions_data_order_information_line_items.rb +2 -2
  246. data/lib/cybersource_rest_client/models/ucv1sessions_data_order_information_ship_to.rb +388 -0
  247. data/lib/cybersource_rest_client/models/ucv1sessions_data_processing_information_authorization_options_initiator.rb +1 -1
  248. data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations.rb +11 -1
  249. data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_googlepay.rb +1 -1
  250. data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_paypal.rb +211 -0
  251. data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_paypal_tokenized_payment_method.rb +213 -0
  252. data/lib/cybersource_rest_client/models/ucv1sessions_payment_configurations_tms_token.rb +1 -1
  253. data/lib/cybersource_rest_client/models/{underwriting_configuration_organization_information_business_information_business_details.rb → underwriting_configuration_business_details.rb} +2 -2
  254. data/lib/cybersource_rest_client/models/underwriting_configuration_business_details_product_services_subscription.rb +1 -1
  255. data/lib/cybersource_rest_client/models/underwriting_configuration_organization_information_business_information.rb +1 -1
  256. data/lib/cybersource_rest_client/models/{upv1capturecontexts_data_processing_info_mit.rb → unified_checkout_merchant_initiated_transaction.rb} +1 -1
  257. data/lib/cybersource_rest_client/models/upv1capturecontexts_data_order_information.rb +4 -2
  258. data/lib/cybersource_rest_client/models/upv1capturecontexts_data_order_information_line_items.rb +2 -2
  259. data/lib/cybersource_rest_client/models/{upv1capturecontexts_data_order_information_line_items_passenger.rb → upv1capturecontexts_data_order_information_passenger.rb} +1 -1
  260. data/lib/cybersource_rest_client/models/{upv1capturecontexts_data_order_information_line_items_tax_details.rb → upv1capturecontexts_data_order_information_tax_details.rb} +1 -1
  261. data/lib/cybersource_rest_client/models/upv1capturecontexts_data_processing_information_authorization_options_initiator.rb +1 -1
  262. data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information.rb → virtual_terminal_global_payment_settings.rb} +4 -4
  263. data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information_basic_information.rb → virtual_terminal_global_payment_settings_basic_information.rb} +1 -1
  264. data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information_merchant_defined_data_fields.rb → virtual_terminal_global_payment_settings_merchant_defined_data_fields.rb} +1 -1
  265. data/lib/cybersource_rest_client/models/{vt_config_card_not_present_global_payment_information_payment_information.rb → virtual_terminal_global_payment_settings_payment_information.rb} +1 -1
  266. data/lib/cybersource_rest_client/models/vt_config_card_not_present.rb +1 -1
  267. data/lib/cybersource_rest_client.rb +160 -152
  268. metadata +161 -153
  269. data/lib/cybersource_rest_client/api/enrollment_api.rb +0 -104
  270. data/lib/cybersource_rest_client/models/tmsv3tokenstoken_idpaymentcredentials_merchant_information.rb +0 -189
  271. data/lib/cybersource_rest_client/models/tmsv3tokenstoken_idpaymentcredentials_merchant_information_merchant_descriptor.rb +0 -201
  272. data/lib/cybersource_rest_client/utilities/flex/token_verification.rb +0 -42
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bb5d050b359e9fefb56a6f04e11510cc45f1c1b6f033a621495b4f82ff2d8a64
4
- data.tar.gz: b8e37d57a3d3ec9a63ce79cb5115df8c41bedaeef333d774673f4ae07aafecc4
3
+ metadata.gz: 34454664d9ec155d9dd0094a993b16a4fa5fa3d15348271dad33d48ec0ca8dea
4
+ data.tar.gz: '09efd41467183272900951d0182defdb85e63ff12d0328ca340ceb94fd5b5752'
5
5
  SHA512:
6
- metadata.gz: f712d7cca99ab978f9115b6dea2849c27c65ed3d899d5614d5687426f8d6b90d5b123f12647e7e3356f09028264f6a2a25f5a0dbeb3992af776533448f754836
7
- data.tar.gz: bf26f45d42ad16decfe75998c29b338e0a111d36290064a2ac625f14627c47927e8828ca32e991bd067b07fdf5f21740f03278948f202f5192a569068321ea4e
6
+ metadata.gz: 3eb75e9385dd046a83fd2fd9539e18f6e8e3510d544759608058efa5d36ac61d71ade3c8123ceef8ddee1e690dacd84d604135ede80a639c61f276827b6e76de
7
+ data.tar.gz: 770a3cf7980a42709df7fa1122fe22d8576ccd25363b25d48b10fc4046baef465608e726c27ae00be313c36113edb6f0de05a04754eb01194952dbc9ba996afb
@@ -590,19 +590,20 @@ public
590
590
 
591
591
  def logAllProperties(merchantPropertyObj)
592
592
  propertyObj = Marshal.load(Marshal.dump(merchantPropertyObj))
593
- merchantConfig = ''
594
- hiddenProperties = (Constants::HIDDEN_MERCHANT_PROPERTIES).split(',')
595
- hiddenPropArray = Array.new
596
- hiddenProperties.each do |value|
597
- hiddenPropArray << value.strip
598
- end
599
- hiddenPropArray.each do |prop|
600
- propertyObj.each do |key, value|
601
- if key == prop
602
- propertyObj.delete(key)
593
+ hiddenProperties = Constants::HIDDEN_MERCHANT_PROPERTIES.split(',').map(&:strip)
594
+ hiddenPropertiesLower = hiddenProperties.map(&:downcase)
595
+ sensitivePatterns = Constants::SENSITIVE_PROPERTY_PATTERNS
596
+
597
+ if propertyObj.respond_to?(:each_pair)
598
+ propertyObj.each_key do |key|
599
+ keyStr = key.to_s
600
+ keyLower = keyStr.downcase
601
+ if hiddenPropertiesLower.include?(keyLower) || sensitivePatterns.any? { |p| keyLower.include?(p) }
602
+ propertyObj[key] = Constants::REDACTED_VALUE
603
603
  end
604
604
  end
605
605
  end
606
+
606
607
  @log_obj.logger.info('Merchant Configuration :\n' + propertyObj.to_s)
607
608
  end
608
609
 
@@ -1,118 +1,290 @@
1
1
  require 'logger'
2
2
  require 'json'
3
3
 
4
- class SensitiveTag
5
- attr_accessor :tagName, :pattern, :replacement, :disableMask
6
- def initialize(tagName, pattern, replacement, disableMask)
7
- @tagName = tagName
8
- @pattern = pattern
9
- @replacement = replacement
10
- @disableMask = disableMask
4
+ class SensitiveDataFilter < Logger::Formatter
5
+ SENSITIVE_KEYS = %w[
6
+ securitycode number cardnumber expirationmonth expirationyear expiration
7
+ expirationdate account routingnumber email firstname lastname phonenumber
8
+ type token signature prefix suffix bin pan encryptedrequest encryptedresponse
9
+ password secret apikey accesstoken refreshtoken ssn creditcard debitcard cvv pin
10
+ cardholder nameoncard holdername track1 track2 trackdata
11
+ iban swift bic dateofbirth birthdate taxid
12
+ privatekey publickey authorization bearer
13
+ cavv xid pares micr jwt jwe
14
+ paymentinformation paymentinstrument card billto shipto
15
+ customer driverlicense
16
+ ].freeze
17
+
18
+ REDACTED_PAYLOAD = '[REDACTED]'.freeze
19
+ REDACTED_VALUE = ('X' * 10).freeze
20
+
21
+ def json_object?(str)
22
+ parsed = JSON.parse(str)
23
+ parsed.is_a?(Hash)
24
+ rescue JSON::ParserError, TypeError
25
+ false
11
26
  end
12
- end
13
27
 
14
- class SensitiveDataConfigType
15
- attr_accessor :sensitiveTags, :sensitiveStringRegexes
16
-
17
- def initialize
18
- @sensitiveTags = Array.new([
19
- SensitiveTag.new("securityCode", "[0-9]{3,4}", "XXX", false),
20
- SensitiveTag.new("number", "(\\s*\\p{N}\\s*)+(\\p{N}{4})(\\s*)", "XXXX-\\2", false),
21
- SensitiveTag.new("cardNumber", "(\\s*\\p{N}\\s*)+(\\p{N}{4})(\\s*)", "XXXX-\\2", false),
22
- SensitiveTag.new("expirationMonth", "[0-1][0-9]", "XXXX", false),
23
- SensitiveTag.new("expirationYear", "2[0-9][0-9][0-9]", "XXXX", false),
24
- SensitiveTag.new("account", "(\\s*\\p{N}\\s*)+(\\p{N}{4})(\\s*)", "XXXX-\\2", false),
25
- SensitiveTag.new("routingNumber", "[0-9]+", "XXXXX", false),
26
- SensitiveTag.new("email", "[a-z0-9!#$%&'*+\/=?^_`{|}~-]+(?:.[a-z0-9!#$%&'*+\/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?", "XXXXX", false),
27
- SensitiveTag.new("firstName", "([a-zA-Z]+( )?[a-zA-Z]*'?-?[a-zA-Z]*( )?([a-zA-Z]*)?)", "xxxxx", false),
28
- SensitiveTag.new("lastName", "([a-zA-Z]+( )?[a-zA-Z]*'?-?[a-zA-Z]*( )?([a-zA-Z]*)?)", "xxxxx", false),
29
- SensitiveTag.new("phoneNumber", "(\\+[0-9]{1,2} )?\\(?[0-9]{3}\\)?[ .-]?[0-9]{3}[ .-]?[0-9]{4}", "xxxxx", false),
30
- SensitiveTag.new("type", "[-A-Za-z0-9 ]+", "xxxxx", false),
31
- SensitiveTag.new("token", "[-.A-Za-z0-9 ]+", "xxxxx", false),
32
- SensitiveTag.new("signature", "[-.A-Za-z0-9 ]+", "xxxxx", false),
33
- SensitiveTag.new("prefix", "(\\p{N}{6})(\\p{N}*)", "\\2-XXXXX", false),
34
- SensitiveTag.new("prefix", "(\\s*)(\\p{N}{4})(\\s*)(\\p{N}{2})(\\s*\\p{N}*\\s*)", "\\2-XXXX", false),
35
- SensitiveTag.new("bin", "(\\s*)(\\p{N}{4})(\\s*)(\\p{N}{2})(\\s*\\p{N}*\\s*)", "\\2-XXXX", false)
36
- ]).freeze
37
-
38
- @sensitiveStringRegexes = [
39
- "4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
40
- "4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
41
- "5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
42
- "6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
43
- "35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
44
- "3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"
45
- ].freeze
28
+ def maskSensitiveDataInJson(input)
29
+ str = input.to_s
30
+ parsed =
31
+ begin
32
+ JSON.parse(str)
33
+ rescue JSON::ParserError
34
+ # Fall back to Ruby Hash#inspect syntax (e.g. interpolated
35
+ # "#{hash}" in a log string produces {"k"=>"v"} or {:k=>"v"}).
36
+ # Convert heuristically to JSON without eval, then retry.
37
+ converted = rubyInspectToJson(str)
38
+ converted.nil? ? (raise) : JSON.parse(converted)
39
+ end
40
+ unless parsed.is_a?(Hash) || parsed.is_a?(Array)
41
+ return REDACTED_PAYLOAD
42
+ end
43
+ masked_data = maskJsonObject(parsed)
44
+ JSON.generate(masked_data)
45
+ rescue JSON::ParserError, TypeError, EncodingError
46
+ REDACTED_PAYLOAD
46
47
  end
47
- end
48
48
 
49
- class SensitiveDataFilter < Logger::Formatter
50
- @@sensitiveTagConfig = nil
51
- @@tagPatterns = nil
52
- @@tagReplacements = nil
53
- @@cardPatterns = nil
54
-
55
- def initialize
56
- @@sensitiveTagConfig = SensitiveDataConfigType.new
57
- @@cardPatterns = @@sensitiveTagConfig.sensitiveStringRegexes
58
- @@tagPatterns = Array.new(@@sensitiveTagConfig.sensitiveStringRegexes.length)
59
- @@tagReplacements = Array.new(@@sensitiveTagConfig.sensitiveTags.length)
60
-
61
- @@sensitiveTagConfig.sensitiveTags.each_with_index do |sensitiveTag, index|
62
- tagName = sensitiveTag.tagName
63
- replacement = sensitiveTag.replacement
64
-
65
- if sensitiveTag.pattern.nil? || sensitiveTag.pattern.empty?
66
- pattern = "(.*)"
67
- else
68
- pattern = sensitiveTag.pattern
49
+ # Best-effort, eval-free conversion of Ruby Hash/Array#inspect output to
50
+ # JSON. Returns nil if the input cannot plausibly be Ruby inspect syntax
51
+ # (so the caller can fail closed). Handles:
52
+ # :symbol => "v" -> "symbol": "v" (legacy inspect)
53
+ # "k" => "v" -> "k": "v" (string-key inspect)
54
+ # { bareword: "v" } -> { "bareword": "v" } (Ruby 3.4+ shorthand)
55
+ # bare nil tokens -> null
56
+ # Does NOT attempt to handle every Ruby literal (Procs, Time, custom
57
+ # #inspect, etc.); anything unrecognized will cause JSON.parse to fail
58
+ # downstream and the span will be redacted.
59
+ def rubyInspectToJson(str)
60
+ out = +''
61
+ i = 0
62
+ len = str.length
63
+ in_string = false
64
+ escape = false
65
+
66
+ while i < len
67
+ ch = str[i]
68
+ if in_string
69
+ out << ch
70
+ if escape
71
+ escape = false
72
+ elsif ch == '\\'
73
+ escape = true
74
+ elsif ch == '"'
75
+ in_string = false
76
+ end
77
+ i += 1
78
+ next
69
79
  end
70
80
 
71
- @@tagPatterns[index] = "\""+tagName+"\":\""+pattern+"\""
72
- @@tagReplacements[index] = "\""+tagName+"\":\""+replacement+"\""
81
+ if ch == '"'
82
+ in_string = true
83
+ out << ch
84
+ i += 1
85
+ next
86
+ end
87
+
88
+ # :symbol_key (legacy inspect): preceded by { , [ or whitespace
89
+ if ch == ':' && i + 1 < len && str[i + 1] =~ /[A-Za-z_]/ &&
90
+ (out.empty? || out[-1] =~ /[\{\[,\s]/)
91
+ j = i + 1
92
+ j += 1 while j < len && str[j] =~ /[A-Za-z0-9_]/
93
+ sym = str[(i + 1)...j]
94
+ out << '"' << sym << '"'
95
+ i = j
96
+ next
97
+ end
98
+
99
+ # bareword: shorthand (Ruby 3.4+ inspect): preceded by { , or
100
+ # whitespace; followed by ':' then whitespace (so we don't
101
+ # confuse with the '::' constant-resolution operator).
102
+ if ch =~ /[A-Za-z_]/ &&
103
+ (out.empty? || out[-1] =~ /[\{\[,\s]/)
104
+ j = i
105
+ j += 1 while j < len && str[j] =~ /[A-Za-z0-9_]/
106
+ if j < len && str[j] == ':' && str[j + 1] != ':' &&
107
+ (j + 1 >= len || str[j + 1] =~ /\s/)
108
+ word = str[i...j]
109
+ out << '"' << word << '":'
110
+ i = j + 1
111
+ next
112
+ end
113
+ end
114
+
115
+ # => operator
116
+ if ch == '=' && str[i + 1] == '>'
117
+ out << ':'
118
+ i += 2
119
+ next
120
+ end
121
+
122
+ # bare nil -> null
123
+ if ch == 'n' && str[i, 3] == 'nil' &&
124
+ (i.zero? || str[i - 1] =~ /[\s,\{\[:]/) &&
125
+ (i + 3 >= len || str[i + 3] =~ /[\s,\}\]]/)
126
+ out << 'null'
127
+ i += 3
128
+ next
129
+ end
130
+
131
+ out << ch
132
+ i += 1
73
133
  end
134
+
135
+ out
74
136
  end
75
137
 
76
- def maskSensitiveDataInJson(input)
77
- parts = input.split(":", 2)
78
- json_data = JSON.parse(parts[1].strip)
79
- encrypted_request = json_data["encryptedRequest"]
80
- json_data["encryptedRequest"] = 'X' * encrypted_request.length
81
- return parts[0] + ":" + JSON.generate(json_data)
138
+ def maskJsonObject(obj)
139
+ case obj
140
+ when Hash
141
+ obj.each_with_object({}) do |(key, value), result|
142
+ result[key] = if isSensitiveKey?(key)
143
+ maskSensitiveValue(value)
144
+ else
145
+ maskJsonObject(value)
146
+ end
147
+ end
148
+ when Array
149
+ obj.map { |item| maskJsonObject(item) }
150
+ else
151
+ obj
152
+ end
82
153
  end
83
154
 
84
- def call(severity, time, progname, msg)
85
- maskedMessage = maskSensitiveString(msg)
86
- ccMasked = maskCreditCards(maskedMessage)
87
- if ccMasked.include?("encryptedRequest")
88
- mleMasked = maskSensitiveDataInJson(ccMasked)
89
- return formatLogEntry(severity, time, progname, mleMasked)
155
+ def isSensitiveKey?(key)
156
+ normalized = key.to_s.downcase.gsub(/[^a-z0-9]/, '')
157
+ SENSITIVE_KEYS.any? { |sensitive| normalized.include?(sensitive) }
158
+ end
159
+
160
+ # When a sensitive key wraps a value, redact scalars directly. For nested
161
+ # Hash/Array containers, recurse via maskJsonObject so individual inner
162
+ # values are masked based on their own key names rather than blanket-
163
+ # redacting the entire container.
164
+ def maskSensitiveValue(value)
165
+ case value
166
+ when Hash, Array
167
+ maskJsonObject(value)
168
+ when String
169
+ REDACTED_VALUE
170
+ when Integer, Float
171
+ 9_999
172
+ when TrueClass, FalseClass
173
+ false
90
174
  else
91
- return formatLogEntry(severity, time, progname, ccMasked)
175
+ value
92
176
  end
93
177
  end
94
178
 
95
- def maskCreditCards(input)
96
- encoded_input = input #.force_encoding("UTF-8")
97
- @@cardPatterns.each {|cardNumberRegex|
98
- encoded_input = encoded_input.gsub(/#{cardNumberRegex}/, "XXX")
99
- }
100
- return encoded_input
179
+ def maskValue(value)
180
+ maskSensitiveValue(value)
101
181
  end
102
182
 
103
- def maskSensitiveString(input)
104
- encoded_input = input #.force_encoding("UTF-8")
105
- @@tagPatterns.each_with_index do |item, index|
106
- encoded_input = encoded_input.gsub(/#{item}/,@@tagReplacements[index])
183
+ # Central defense-in-depth entry point. Regardless of how the log message
184
+ # is shaped (Ruby Hash/Array, pure JSON string, "label: {json}",
185
+ # "prefix {json} suffix", or even multiple embedded JSON blobs), every
186
+ # JSON Object/Array substring is extracted, parsed, and masked in-place.
187
+ # Any JSON-shaped substring that fails to parse is replaced with
188
+ # REDACTED_PAYLOAD (fail-closed) so a partially-decrypted or truncated
189
+ # body cannot leak through the wrapper.
190
+ def call(severity, time, progname, msg)
191
+ maskedMessage =
192
+ case msg
193
+ when Hash, Array
194
+ # Ruby Hash/Array passed directly to logger.<level>(obj). Walk
195
+ # the structure with maskJsonObject so individual sensitive
196
+ # fields are masked; Hash#to_s produces "key=>value" syntax
197
+ # which is NOT valid JSON, so we must not route it through
198
+ # the string-based parser path.
199
+ JSON.generate(maskJsonObject(msg))
200
+ else
201
+ msg_str = msg.to_s
202
+ begin
203
+ JSON.parse(msg_str)
204
+ maskSensitiveDataInJson(msg_str)
205
+ rescue JSON::ParserError, TypeError
206
+ maskEmbeddedJson(msg_str)
207
+ end
208
+ end
209
+ formatLogEntry(severity, time, progname, maskedMessage)
210
+ end
211
+
212
+ # Walk the string, extract every top-level balanced {...} or [...] span
213
+ # (respecting JSON string/escape rules), and mask each in place. If no
214
+ # JSON-shaped span is present, the original text is returned unchanged.
215
+ # If a span is found but cannot be parsed, the entire message is redacted.
216
+ def maskEmbeddedJson(msg_str)
217
+ return msg_str unless msg_str.include?('{') || msg_str.include?('[')
218
+
219
+ result = +''
220
+ i = 0
221
+ len = msg_str.length
222
+ found_any = false
223
+
224
+ while i < len
225
+ ch = msg_str[i]
226
+ if ch == '{' || ch == '['
227
+ span_end = find_balanced_json_end(msg_str, i)
228
+ if span_end.nil?
229
+ # Unbalanced JSON-looking content remaining: fail closed.
230
+ return REDACTED_PAYLOAD
231
+ end
232
+ candidate = msg_str[i..span_end]
233
+ masked = maskSensitiveDataInJson(candidate)
234
+ # maskSensitiveDataInJson returns REDACTED_PAYLOAD on parse failure,
235
+ # which is the safe outcome we want to propagate.
236
+ result << masked
237
+ i = span_end + 1
238
+ found_any = true
239
+ else
240
+ result << ch
241
+ i += 1
242
+ end
107
243
  end
108
- return encoded_input
244
+
245
+ found_any ? result : msg_str
109
246
  end
110
247
 
111
- def formatLogEntry(severity, time, progname, msg)
248
+ # Returns the index of the matching closing brace/bracket for the JSON
249
+ # span beginning at start_idx, honoring JSON string and escape rules.
250
+ # Returns nil if unbalanced.
251
+ def find_balanced_json_end(str, start_idx)
252
+ depth = 0
253
+ in_string = false
254
+ escape = false
255
+ i = start_idx
256
+ len = str.length
257
+
258
+ while i < len
259
+ ch = str[i]
260
+ if in_string
261
+ if escape
262
+ escape = false
263
+ elsif ch == '\\'
264
+ escape = true
265
+ elsif ch == '"'
266
+ in_string = false
267
+ end
268
+ else
269
+ case ch
270
+ when '"'
271
+ in_string = true
272
+ when '{', '['
273
+ depth += 1
274
+ when '}', ']'
275
+ depth -= 1
276
+ return i if depth.zero?
277
+ return nil if depth < 0
278
+ end
279
+ end
280
+ i += 1
281
+ end
282
+ nil
283
+ end
284
+
285
+ def formatLogEntry(severity, _time, progname, msg)
112
286
  datetime = DateTime.now
113
- date_format = datetime.strftime("%Y-%m-%d %H:%M:%S")
114
- log_message = "[#{date_format}] #{severity.ljust(10)} (#{progname}): #{msg}\n"
115
- # $stdout.puts log_message
116
- log_message
287
+ date_format = datetime.strftime('%Y-%m-%d %H:%M:%S')
288
+ "[#{date_format}] #{severity.ljust(10)} (#{progname}): #{msg}\n"
117
289
  end
118
- end
290
+ end
@@ -1,19 +1,69 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require_relative './Cache'
4
+ require_relative './Constants'
4
5
  require 'stringio'
5
6
  require 'jose'
7
+ require 'json'
8
+ require 'base64'
6
9
 
7
10
  public
11
+
8
12
  class AuthJWEUtility
9
13
  # <b>DEPRECATED:</b> This method has been marked as Deprecated and will be removed in coming releases. Use <tt>decrypt_jwe_using_private_key()</tt> instead.
10
14
  def self.decrypt_jwe_using_pem(merchant_config, encoded_response)
11
- warn("[DEPRECATED] `decrypt_jwe_using_pem()` method is deprecated and will be removed in coming releases. Use `decrypt_jwe_using_private_key()` instead.")
15
+ warn('[DEPRECATED] `decrypt_jwe_using_pem()` method is deprecated and will be removed in coming releases. Use `decrypt_jwe_using_private_key()` instead.')
16
+ validate_jwe_algorithms(encoded_response)
12
17
  key = Cache.new.fetchPEMFileForNetworkTokenization(merchant_config.pemFileDirectory)
13
- return JOSE::JWE.block_decrypt(key, encoded_response).first
18
+ JOSE::JWE.block_decrypt(key, encoded_response).first
14
19
  end
15
20
 
16
21
  def self.decrypt_jwe_using_private_key(private_key, encoded_response)
17
- return JOSE::JWE.block_decrypt(private_key, encoded_response).first
22
+ validate_jwe_algorithms(encoded_response)
23
+ JOSE::JWE.block_decrypt(private_key, encoded_response).first
18
24
  end
25
+
26
+ # Validates the JWE header algorithms before decryption to prevent algorithm
27
+ # substitution attacks (e.g., Bleichenbacher padding oracle via RSA1_5,
28
+ # or chosen-plaintext via 'dir').
29
+ #
30
+ # Only algorithms supported by CGK are permitted:
31
+ # alg: RSA-OAEP, RSA-OAEP-256
32
+ # enc: A128GCM, A256GCM
33
+ def self.validate_jwe_algorithms(encoded_response)
34
+ if encoded_response.nil? || encoded_response.to_s.strip.empty?
35
+ raise StandardError, 'Encoded JWE response is nil or empty'
36
+ end
37
+
38
+ parts = encoded_response.to_s.split('.')
39
+ unless parts.length == 5
40
+ raise StandardError, "Invalid JWE compact serialization: expected 5 parts, got #{parts.length}"
41
+ end
42
+
43
+ # Base64url-decode the JOSE header (first segment); add padding as needed
44
+ header_b64 = parts[0]
45
+ # Add padding if needed for proper base64url decoding
46
+ header_b64 += '=' * (4 - header_b64.length % 4) if header_b64.length % 4 != 0
47
+ header_json = Base64.urlsafe_decode64(header_b64)
48
+ begin
49
+ header = JSON.parse(header_json)
50
+ rescue JSON::ParserError => e
51
+ raise StandardError, "Invalid JWE header: failed to parse JSON - #{e.message}"
52
+ end
53
+
54
+ alg = header['alg']
55
+ enc = header['enc']
56
+
57
+ unless Constants::ALLOWED_JWE_KEY_ENCRYPTION_ALGORITHMS.include?(alg)
58
+ raise StandardError, "Unsupported JWE key encryption algorithm '#{alg}'. " \
59
+ "Allowed: #{Constants::ALLOWED_JWE_KEY_ENCRYPTION_ALGORITHMS.join(', ')}"
60
+ end
61
+
62
+ unless Constants::ALLOWED_JWE_CONTENT_ENCRYPTION_ALGORITHMS.include?(enc)
63
+ raise StandardError, "Unsupported JWE content encryption algorithm '#{enc}'. " \
64
+ "Allowed: #{Constants::ALLOWED_JWE_CONTENT_ENCRYPTION_ALGORITHMS.join(', ')}"
65
+ end
66
+ end
67
+
68
+ private_class_method :validate_jwe_algorithms
19
69
  end
@@ -21,7 +21,7 @@ public
21
21
  merchantId = merchantConfig.merchantId
22
22
  certificateFilePath = merchantConfig.p12KeyFilePath
23
23
 
24
- cacheKey = merchantConfig.keyFilename + "_JWT"
24
+ cacheKey = File.expand_path(certificateFilePath) + "_JWT"
25
25
 
26
26
  @@mutex.synchronize do
27
27
  cachedCertificateInfo = @@cache_obj.read(cacheKey)
@@ -179,8 +179,8 @@ public
179
179
  end
180
180
 
181
181
  def get_mle_kid_data_from_cache(merchant_config)
182
- cache_key = merchant_config.responseMlePrivateKeyFilePath + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
183
182
  file_path = merchant_config.responseMlePrivateKeyFilePath
183
+ cache_key = File.expand_path(file_path) + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
184
184
 
185
185
  @@mutex.synchronize do
186
186
  if !@@cache_obj.exist?(cache_key)
@@ -216,7 +216,7 @@ public
216
216
  logger = @@logger.logger
217
217
 
218
218
  file_path = merchant_config.responseMlePrivateKeyFilePath
219
- cache_key = merchant_config.responseMlePrivateKeyFilePath + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
219
+ cache_key = File.expand_path(file_path) + Constants::RESPONSE_MLE_P12_PFX_CACHE_IDENTIFIER
220
220
 
221
221
  # Get certificate from P12 file
222
222
  _, certificate_list = Utility.getCertificateCollectionAndPrivateKeyFromP12(
@@ -272,21 +272,26 @@ public
272
272
  def fetchPEMFileForNetworkTokenization(filePath)
273
273
  warn("[DEPRECATED] 'fetchPEMFileForNetworkTokenization' method is deprecated and will be removed in coming releases.")
274
274
 
275
+ # Use normalised filePath-scoped cache keys to prevent cross-tenant data leakage
276
+ normalised_path = File.expand_path(filePath)
277
+ pem_cache_key = "privateKeyFromPEMFile_#{normalised_path}"
278
+ pem_time_cache_key = "cachedLastModifiedTimeOfPEMFile_#{normalised_path}"
279
+
275
280
  # Thread-safe cache access for deprecated method
276
281
  @@mutex.synchronize do
277
- pem_file_cache = @@cache_obj.read('privateKeyFromPEMFile')
278
- cached_pem_file_last_updated_time = @@cache_obj.read('cachedLastModifiedTimeOfPEMFile')
282
+ pem_file_cache = @@cache_obj.read(pem_cache_key)
283
+ cached_pem_file_last_updated_time = @@cache_obj.read(pem_time_cache_key)
279
284
 
280
285
  if File.exist?(filePath)
281
286
  current_last_modified_time_of_PEM_file = File.mtime(filePath)
282
287
  if pem_file_cache.nil? || pem_file_cache.to_s.empty? || current_last_modified_time_of_PEM_file > cached_pem_file_last_updated_time
283
288
  private_key = JOSE::JWK.from_pem_file filePath
284
- @@cache_obj.write('privateKeyFromPEMFile', private_key)
285
- @@cache_obj.write('cachedLastModifiedTimeOfPEMFile', current_last_modified_time_of_PEM_file)
289
+ @@cache_obj.write(pem_cache_key, private_key)
290
+ @@cache_obj.write(pem_time_cache_key, current_last_modified_time_of_PEM_file)
286
291
  end
287
292
  end
288
293
 
289
- return @@cache_obj.read('privateKeyFromPEMFile')
294
+ return @@cache_obj.read(pem_cache_key)
290
295
  end
291
296
  end
292
297