cybersourcery 0.0.6

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: ca8d9ed8a23a07c08e2b1186bceea38f2f9fa844
+  data.tar.gz: 19cbb60e854afc51e9cb69cfc56d55db502ca1e0
+SHA512:
+  metadata.gz: 274dd59a12076d27129d85209ac74bfe6d9ff42c9c884c7ac4be2ffb67cc11a82ddbb8911da1e31f1f22ef3a5d3ba544967f16c9c68081de4155f33b1527b2a8
+  data.tar.gz: 39ad67705491c6f6b49ac3ed257f5c2f0883bb14262e47cd3e2ca8d0b05988b3cac1ff8f93a00c4ec34f51fe9526b2de6cd5a480f4ebd4af80a2f9255dc85275

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 PromptWorks
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/Rakefile

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+desc 'Run RSpec code examples - NOTE: start the proxy server in spec/demo for feature tests to pass - rake cybersourcery:proxy'
+task default: [:spec]
+RSpec::Core::RakeTask.new

data/lib/cybersourcery.rb

@@ -0,0 +1,46 @@
+require 'cybersourcery/version'
+require 'cybersourcery/configuration'
+require 'cybersourcery/exceptions'
+
+if defined? Rails
+  require 'cybersourcery/merchant_data_serializer'
+  require 'cybersourcery/profile'
+  require 'cybersourcery/payment'
+  require 'cybersourcery/railtie'
+  require 'cybersourcery/cybersource_signer'
+  require 'cybersourcery/cart_signer'
+  require 'cybersourcery/signature_checker'
+  require 'cybersourcery/cart_signature_checker'
+  require 'cybersourcery/cybersource_signature_checker'
+  require 'cybersourcery/reason_code_checker'
+  require 'cybersourcery/container'
+  require 'cybersourcery/cybersource_params_normalizer'
+
+  if Rails.env.test?
+    require 'slim-rails'
+    require 'bootstrap-sass'
+    require 'simple_form'
+    require 'sass-rails'
+    require 'coffee-rails'
+    require 'jquery-rails'
+    require 'dotenv-rails'
+  end
+end
+
+module Cybersourcery
+  class << self
+    attr_writer :configuration
+  end
+
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  def self.reset
+    @configuration = Configuration.new
+  end
+
+  def self.configure
+    yield(configuration)
+  end
+end

data/lib/cybersourcery/cart_signature_checker.rb

@@ -0,0 +1,17 @@
+module Cybersourcery
+  class CartSignatureChecker < Cybersourcery::SignatureChecker
+    attr_reader :session
+
+    def post_initialize(args)
+      @session = args[:session]
+    end
+
+    def signed_field_names
+      @session[:signed_cart_fields]
+    end
+
+    def signature
+      @session[:cart_signature]
+    end
+  end
+end

data/lib/cybersourcery/cart_signer.rb

@@ -0,0 +1,31 @@
+module Cybersourcery
+  class CartSigner
+    attr_reader :session, :signer, :cart_fields, :signed_cart_fields
+
+    def initialize(session, signer, cart_fields)
+      @session = session
+      @signer = signer
+      @cart_fields = cart_fields.dup
+    end
+
+    def run
+      sign_cart_fields
+      reassign_signature_and_signed_fields_to_session
+      @signed_cart_fields
+    end
+
+    private
+
+    def sign_cart_fields
+      @cart_fields[:signed_field_names] = @cart_fields.keys.join(',')
+      @signer.form_fields = @cart_fields
+      @signed_cart_fields = @signer.signed_fields.dup
+    end
+
+    def reassign_signature_and_signed_fields_to_session
+      @session[:signed_cart_fields] = @signed_cart_fields.delete :signed_field_names
+      @session[:cart_signature] = @signed_cart_fields.delete :signature
+      @session
+    end
+  end
+end

data/lib/cybersourcery/configuration.rb

@@ -0,0 +1,9 @@
+module Cybersourcery
+  class Configuration
+    attr_accessor :profiles_path, :sop_proxy_url, :sop_live_url, :sop_test_url
+
+    def profiles
+      @profiles ||= YAML.load_file profiles_path
+    end
+  end
+end

data/lib/cybersourcery/container.rb

@@ -0,0 +1,25 @@
+module Cybersourcery
+  class Container
+    def self.get_cart_signer(profile_name, session, cart_fields)
+      profile = Cybersourcery::Profile.new(profile_name)
+      cybersource_signer = Cybersourcery::CybersourceSigner.new(profile)
+      Cybersourcery::CartSigner.new(session, cybersource_signer, cart_fields)
+    end
+
+    def self.get_cart_signature_checker(profile_name, params, session)
+      profile = Cybersourcery::Profile.new(profile_name)
+      Cybersourcery::CartSignatureChecker.new({ profile: profile, params: params, session: session})
+    end
+
+    def self.get_cybersource_signature_checker(profile_name, params)
+      profile = Cybersourcery::Profile.new(profile_name)
+      Cybersourcery::CybersourceSignatureChecker.new({ profile: profile, params: params })
+    end
+
+    def self.get_payment(profile_name, params, payment_class_name = 'Payment')
+      profile = Cybersourcery::Profile.new(profile_name)
+      signer = Cybersourcery::CybersourceSigner.new(profile)
+      payment_class_name.constantize.new(signer, profile, params)
+    end
+  end
+end

data/lib/cybersourcery/cybersource_params_normalizer.rb

@@ -0,0 +1,9 @@
+module Cybersourcery
+  class CybersourceParamsNormalizer
+    def self.run(params)
+      params.keys.each do |key|
+        params[key[4..-1]] = params[key] if key =~ /^req_/
+      end
+    end
+  end
+end

data/lib/cybersourcery/cybersource_signature_checker.rb

@@ -0,0 +1,13 @@
+module Cybersourcery
+  class CybersourceSignatureChecker < Cybersourcery::SignatureChecker
+
+    def signed_field_names
+      @params['signed_field_names']
+    end
+
+
+    def signature
+      @params['signature']
+    end
+  end
+end

data/lib/cybersourcery/cybersource_signer.rb

@@ -0,0 +1,79 @@
+require 'hmac-sha2'
+require 'base64'
+
+module Cybersourcery
+  class CybersourceSigner
+    attr_accessor :profile, :signer
+    attr_writer   :time
+    attr_writer   :form_fields
+    attr_reader   :signable_fields
+
+    IGNORE_FIELDS = %i[
+      commit
+      utf8
+      authenticity_token
+      action
+      controller
+    ]
+
+    def initialize(profile, signer = Signer)
+      @profile              = profile
+      @signer               = signer
+      @signable_fields      = {
+        access_key:           @profile.access_key,
+        profile_id:           @profile.profile_id,
+        payment_method:       @profile.payment_method,
+        locale:               @profile.locale,
+        transaction_type:     @profile.transaction_type,
+        currency:             @profile.currency
+      }
+    end
+
+    def add_and_sign_fields(params)
+      add_signable_fields(params)
+      signed_fields
+    end
+
+    def add_signable_fields(params)
+      @signable_fields.merge! params.symbolize_keys.delete_if { |k,v|
+        @profile.unsigned_field_names.include?(k) || IGNORE_FIELDS.include?(k)
+      }
+    end
+
+    def signed_fields
+      form_fields.tap do |data|
+        signature_keys = data[:signed_field_names].split(',').map(&:to_sym)
+        signature_message = self.class.signature_message(data, signature_keys)
+        data[:signature]  = signer.signature(signature_message, profile.secret_key)
+      end
+    end
+
+    def form_fields
+      @form_fields ||= signable_fields.dup.merge(
+        unsigned_field_names: @profile.unsigned_field_names.join(','),
+        transaction_uuid:     SecureRandom.hex(16),
+        reference_number:     SecureRandom.hex(16),
+        signed_date_time:     time,
+        signed_field_names:   nil # make sure it's in data.keys
+      ).tap do |data|
+        data[:signed_field_names] = data.keys.join(',')
+      end
+    end
+
+    def time
+      @time ||= Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
+    end
+
+    def self.signature_message(hash, keys)
+      keys.map {|key| "#{key}=#{hash.fetch(key)}" }.join(',')
+    end
+
+    class Signer
+      def self.signature(message, secret_key)
+        mac = HMAC::SHA256.new(secret_key)
+        mac.update message
+        Base64.strict_encode64(mac.digest)
+      end
+    end
+  end
+end

data/lib/cybersourcery/exceptions.rb

@@ -0,0 +1,3 @@
+module Cybersourcery
+  class CybersourceryError < StandardError; end
+end

data/lib/cybersourcery/merchant_data_serializer.rb

@@ -0,0 +1,38 @@
+module Cybersourcery
+  class MerchantDataSerializer
+    attr_reader :start_count
+
+    def initialize(start_count = 1)
+      @start_count = start_count
+    end
+
+    def serialize(merchant_data)
+      scanned_data = merchant_data.to_json.scan(/.{1,100}/)
+      serialized_data = {}
+
+      scanned_data.each_with_index do |item, index|
+        count = index + @start_count
+
+        if count < 1 || count > 100
+          raise Cybersourcery::CybersourceryError, "The supported merchant_defined_data range is 1 to 100. #{count} is out of range."
+        end
+
+        serialized_data["merchant_defined_data#{count}".to_sym] = item
+      end
+
+      serialized_data
+    end
+
+    def deserialize(params)
+      merchant_data = params.select { |k,v| k =~ /^merchant_defined_data/ }.symbolize_keys
+      merchant_data_string = ''
+
+      # it's important to reassemble the data in the right order!
+      merchant_data.length.times do |i|
+        merchant_data_string << merchant_data["merchant_defined_data#{i+1}".to_sym]
+      end
+
+      JSON.parse(merchant_data_string).symbolize_keys
+    end
+  end
+end

data/lib/cybersourcery/payment.rb

@@ -0,0 +1,43 @@
+module Cybersourcery
+  class Payment
+    # These are dependencies for ActiveModel::Errors in the initialize method
+    extend ActiveModel::Naming
+    extend ActiveModel::Translation
+    include ActiveModel::Validations
+
+    # So we can use form_for in a view
+    include ActiveModel::Conversion
+
+    attr_reader :signer, :profile, :params, :errors
+    attr_accessor :bill_to_forename, :bill_to_surname, :card_number, :card_expiry_date,
+                  :card_expiry_month, :card_expiry_year, :card_type,
+                  :bill_to_email, :bill_to_address_line1, :bill_to_address_line2,
+                  :bill_to_address_city, :bill_to_address_state, :bill_to_address_postal_code
+    validates_presence_of :bill_to_forename, :bill_to_surname, :card_number, :card_expiry_date,
+                          :card_expiry_month, :card_expiry_year, :card_type, :bill_to_email,
+                          :bill_to_address_line1, :bill_to_address_city, :bill_to_address_state,
+                          :bill_to_address_postal_code
+
+    # To keep ActiveModel::Conversion happy
+    def persisted?
+      false
+    end
+
+    def initialize(signer, profile, params)
+      @signer = signer
+      @profile = profile
+      @params = params
+      # I'm not doing dependency injection for ActiveModel dependencies.
+      # Given we're extending ActiveModel::Naming above, we're already tightly bound...
+      @errors = ActiveModel::Errors.new(self)
+    end
+
+    def form_action_url
+      @profile.transaction_url
+    end
+
+    def signed_fields
+      @signer.add_and_sign_fields(@params)
+    end
+  end
+end

data/lib/cybersourcery/payments_helper.rb

@@ -0,0 +1,404 @@
+module Cybersourcery
+  module PaymentsHelper
+    def add_signed_fields(payment, form)
+      signed_fields = ''
+
+      payment.signed_fields.each do |field, value|
+        signed_fields << hidden_input(form, field, value)
+      end
+
+      signed_fields
+    end
+
+    def simple_form_input(form, field, value = nil)
+      form.input field, label: field_label(field), input_html: {
+        name: field.to_s,
+        value: value,
+        pattern: field_pattern(field),
+        title: field_validation_message(field)
+      }
+    end
+
+    def simple_form_select(form, field, collection, selected = nil, prompt = nil)
+      form.input(
+        field,
+        label: field_label(field),
+        collection: collection,
+        selected: selected,
+        prompt: prompt,
+        input_html: { name: field.to_s }
+      )
+    end
+
+    def field_label(field)
+      labels = {
+        bill_to_forename: 'First Name',
+        bill_to_surname: 'Last Name',
+        card_number: 'Card Number',
+        card_cvn: 'Security Code',
+        card_expiry_dummy: 'Expiration',
+        bill_to_email: 'Email',
+        bill_to_address_line1: 'Street Address (line 1)',
+        bill_to_address_line2: 'Street Address (line 2)',
+        bill_to_address_city: 'City',
+        bill_to_address_state: 'State (Province)',
+        bill_to_address_postal_code: 'Zip (Postal Code)'
+      }
+      labels[field]
+    end
+
+    def field_pattern(field)
+      patterns = {
+        card_number: "^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$"
+      }
+      patterns[field]
+    end
+
+    def field_validation_message(field)
+      patterns = {
+        card_number: 'Please enter a valid credit card number'
+      }
+      patterns[field]
+    end
+
+    def hidden_input(form, field, value = nil)
+      form.hidden_field field, value: value, name: field.to_s
+    end
+
+    def add_expiry_date_fields(form, classes = 'select required form-control card-expiry')
+      date_fields =  hidden_input form, :card_expiry_date
+      date_fields << form.input(:card_expiry_dummy, label: field_label(:card_expiry_dummy)) do
+        form.date_select(:card_expiry_dummy,
+          {
+            discard_day: true,
+            order: [:month, :year],
+            start_year: Date.today.year,
+            end_year:  (Date.today.year + 19),
+            use_two_digit_numbers: true,
+            date_separator: ' / ',
+            prompt: true
+          },
+          { class: classes }
+        )
+      end
+    end
+
+    def countries
+      {
+        "Afghanistan" => "AF",
+        "Aland Islands" => "AX",
+        "Albania" => "AL",
+        "Algeria" => "DZ",
+        "American Samoa (US)" => "AS",
+        "Andorra" => "AD",
+        "Angola" => "AO",
+        "Anguilla (UK)" => "AI",
+        "Antarctica" => "AQ",
+        "Antigua and Barbuda" => "AG",
+        "Argentina" => "AR",
+        "Armenia" => "AM",
+        "Aruba" => "AW",
+        "Australia" => "AU",
+        "Austria" => "AT",
+        "Azerbaijan" => "AZ",
+        "Bahamas" => "BS",
+        "Bahrain" => "BH",
+        "Bangladesh" => "BD",
+        "Barbados" => "BB",
+        "Belarus" => "BY",
+        "Belgium" => "BE",
+        "Belize" => "BZ",
+        "Benin" => "BJ",
+        "Bermuda (UK)" => "BM",
+        "Bhutan" => "BT",
+        "Bolivia" => "BO",
+        "Bonaire, Sint Eustatius and Saba" => "BQ",
+        "Bosnia and Herzegovina" => "BA",
+        "Botswana" => "BW",
+        "Brazil" => "BR",
+        "British Indian Ocean Territory" => "IO",
+        "British Virgin Islands (UK)" => "VG",
+        "Brunei Darussalam" => "BN",
+        "Bulgaria" => "BG",
+        "Burkina Faso" => "BF",
+        "Burundi" => "BI",
+        "Cambodia" => "KH",
+        "Cameroon" => "CM",
+        "Canada" => "CA",
+        "Cape Verde" => "CV",
+        "Cayman Islands (UK)" => "KY",
+        "Central African Republic" => "CF",
+        "Chad" => "TD",
+        "Chile" => "CL",
+        "China" => "CN",
+        "Christmas Island (AU)" => "CX",
+        "Cocos (Keeling) Islands (AU)" => "CC",
+        "Colombia" => "CO",
+        "Comoros" => "KM",
+        "Congo, Democratic Republic of the" => "CD",
+        "Congo, Republic of the" => "CG",
+        "Cook Islands (NZ)" => "CK",
+        "Costa Rica" => "CR",
+        "Côte D'Ivoire" => "CI",
+        "Croatia" => "HR",
+        "Cuba" => "CU",
+        "Curaçao" => "CW",
+        "Cyprus" => "CY",
+        "Czech Republic" => "CZ",
+        "Denmark" => "DK",
+        "Djibouti" => "DJ",
+        "Dominica" => "DM",
+        "Dominican Republic" => "DO",
+        "Ecuador" => "EC",
+        "Egypt" => "EG",
+        "El Salvador" => "SV",
+        "Equatorial Guinea" => "GQ",
+        "Eritrea" => "ER",
+        "Estonia" => "EE",
+        "Ethiopia" => "ET",
+        "Falkland Islands (UK)" => "FK",
+        "Faroe Islands (DK)" => "FO",
+        "Fiji" => "FJ",
+        "Finland" => "FI",
+        "France" => "FR",
+        "French Guiana (FR)" => "GF",
+        "French Polynesia (FR)" => "PF",
+        "French Southern Territories" => "TF",
+        "Gabon" => "GA",
+        "Gambia" => "GM",
+        "Georgia" => "GE",
+        "Germany" => "DE",
+        "Ghana" => "GH",
+        "Gibraltar (UK)" => "GI",
+        "Greece" => "GR",
+        "Greenland (DK)" => "GL",
+        "Grenada" => "GD",
+        "Guadeloupe (FR)" => "GP",
+        "Guam (US)" => "GU",
+        "Guatemala" => "GT",
+        "Guernsey" => "GG",
+        "Guinea" => "GN",
+        "Guinea-Bissau" => "GW",
+        "Guyana" => "GY",
+        "Haiti" => "HT",
+        "Heard Island and McDonald Islands" => "HM",
+        "Holy See (Vatican City)" => "VA",
+        "Honduras" => "HN",
+        "Hong Kong (CN)" => "HK",
+        "Hungary" => "HU",
+        "Iceland" => "IS",
+        "India" => "IN",
+        "Indonesia" => "ID",
+        "Iran" => "IR",
+        "Iraq" => "IQ",
+        "Ireland" => "IE",
+        "Isle of Man" => "IM",
+        "Israel" => "IL",
+        "Italy" => "IT",
+        "Jamaica" => "JM",
+        "Japan" => "JP",
+        "Jersey" => "JE",
+        "Jordan" => "JO",
+        "Kazakhstan" => "KZ",
+        "Kenya" => "KE",
+        "Kiribati" => "KI",
+        "Korea, Democratic People's Republic (North)" => "KP",
+        "Korea, Republic of (South)" => "KR",
+        "Kuwait" => "KW",
+        "Kyrgyzstan" => "KG",
+        "Laos" => "LA",
+        "Latvia" => "LV",
+        "Lebanon" => "LB",
+        "Lesotho" => "LS",
+        "Liberia" => "LR",
+        "Libya" => "LY",
+        "Liechtenstein" => "LI",
+        "Lithuania" => "LT",
+        "Luxembourg" => "LU",
+        "Macau (CN)" => "MO",
+        "Macedonia" => "MK",
+        "Madagascar" => "MG",
+        "Malawi" => "MW",
+        "Malaysia" => "MY",
+        "Maldives" => "MV",
+        "Mali" => "ML",
+        "Malta" => "MT",
+        "Marshall Islands" => "MH",
+        "Martinique (FR)" => "MQ",
+        "Mauritania" => "MR",
+        "Mauritius" => "MU",
+        "Mayotte (FR)" => "YT",
+        "Mexico" => "MX",
+        "Micronesia, Federated States of" => "FM",
+        "Moldova Republic of" => "MD",
+        "Monaco" => "MC",
+        "Mongolia" => "MN",
+        "Montenegro" => "ME",
+        "Montserrat (UK)" => "MS",
+        "Morocco" => "MA",
+        "Mozambique" => "MZ",
+        "Myanmar" => "MM",
+        "Namibia" => "NA",
+        "Nauru" => "NR",
+        "Nepal" => "NP",
+        "Netherlands" => "NL",
+        "Netherlands Antilles (NL)" => "AN",
+        "New Caledonia (FR)" => "NC",
+        "New Zealand" => "NZ",
+        "Nicaragua" => "NI",
+        "Niger" => "NE",
+        "Nigeria" => "NG",
+        "Niue" => "NU",
+        "Norfolk Island (AU)" => "NF",
+        "Northern Mariana Islands (US)" => "MP",
+        "Norway" => "NO",
+        "Oman" => "OM",
+        "Pakistan" => "PK",
+        "Palau" => "PW",
+        "Palestinian Territories" => "PS",
+        "Panama" => "PA",
+        "Papua New Guinea" => "PG",
+        "Paraguay" => "PY",
+        "Peru" => "PE",
+        "Philippines" => "PH",
+        "Pitcairn Islands (UK)" => "PN",
+        "Poland" => "PL",
+        "Portugal" => "PT",
+        "Puerto Rico (US)" => "PR",
+        "Qatar" => "QA",
+        "Reunion (FR)" => "RE",
+        "Romania" => "RO",
+        "Russia" => "RU",
+        "Rwanda" => "RW",
+        "Saint Barthelemy" => "BL",
+        "Saint Helena (UK)" => "SH",
+        "Saint Kitts and Nevis" => "KN",
+        "Saint Lucia" => "LC",
+        "Saint Martin" => "MF",
+        "Saint Pierre & Miquelon (FR)" => "PM",
+        "Saint Vincent and the Grenadines" => "VC",
+        "Samoa" => "WS",
+        "San Marino" => "SM",
+        "Sao Tome and Principe" => "ST",
+        "Saudi Arabia" => "SA",
+        "Senegal" => "SN",
+        "Serbia" => "RS",
+        "Seychelles" => "SC",
+        "Sierra Leone" => "SL",
+        "Singapore" => "SG",
+        "Sint Maarten (Dutch Part)" => "SX",
+        "Slovakia" => "SK",
+        "Slovenia" => "SI",
+        "Solomon Islands" => "SB",
+        "Somalia" => "SO",
+        "South Africa" => "ZA",
+        "South Georgia & South Sandwich Islands (UK)" => "GS",
+        "South Sudan" => "SS",
+        "Spain" => "ES",
+        "Sri Lanka" => "LK",
+        "Sudan" => "SD",
+        "Suriname" => "SR",
+        "Svalbard and Jan Mayen" => "SJ",
+        "Swaziland" => "SZ",
+        "Sweden" => "SE",
+        "Switzerland" => "CH",
+        "Syria" => "SY",
+        "Taiwan" => "TW",
+        "Tajikistan" => "TJ",
+        "Tanzania" => "TZ",
+        "Thailand" => "TH",
+        "Timor-Leste" => "TL",
+        "Togo" => "TG",
+        "Tokelau" => "TK",
+        "Tonga" => "TO",
+        "Trinidad and Tobago" => "TT",
+        "Tunisia" => "TN",
+        "Turkey" => "TR",
+        "Turkmenistan" => "TM",
+        "Turks and Caicos Islands (UK)" => "TC",
+        "Tuvalu" => "TV",
+        "Uganda" => "UG",
+        "Ukraine" => "UA",
+        "United Arab Emirates" => "AE",
+        "United Kingdom" => "GB",
+        "United States" => "US",
+        "United States Minor Outlying Islands" => "UM",
+        "Uruguay" => "UY",
+        "Uzbekistan" => "UZ",
+        "Vanuatu" => "VU",
+        "Venezuela" => "VE",
+        "Vietnam" => "VN",
+        "Virgin Islands (US)" => "VI",
+        "Wallis and Futuna (FR)" => "WF",
+        "Western Sahara" => "EH",
+        "Yemen" => "YE",
+        "Zambia" => "ZM",
+        "Zimbabwe" => "ZW"
+      }
+    end
+
+    def us_states
+      {
+        "Alabama" => "AL",
+        "Alaska" => "AK",
+        "Arizona" => "AZ",
+        "Arkansas" => "AR",
+        "California" => "CA",
+        "Colorado" => "CO",
+        "Connecticut" => "CT",
+        "Delaware" => "DE",
+        "Florida" => "FL",
+        "Georgia" => "GA",
+        "Hawaii" => "HI",
+        "Idaho" => "ID",
+        "Illinois" => "IL",
+        "Indiana" => "IN",
+        "Iowa" => "IA",
+        "Kansas" => "KS",
+        "Kentucky" => "KY",
+        "Louisiana" => "LA",
+        "Maine" => "ME",
+        "Maryland" => "MD",
+        "Massachusetts" => "MA",
+        "Michigan" => "MI",
+        "Minnesota" => "MN",
+        "Mississippi" => "MS",
+        "Missouri" => "MO",
+        "Montana" => "MT",
+        "Nebraska" => "NE",
+        "Nevada" => "NV",
+        "New Hampshire" => "NH",
+        "New Jersey" => "NJ",
+        "New Mexico" => "NM",
+        "New York" => "NY",
+        "North Carolina" => "NC",
+        "North Dakota" => "ND",
+        "Ohio" => "OH",
+        "Oklahoma" => "OK",
+        "Oregon" => "OR",
+        "Pennsylvania" => "PA",
+        "Rhode Island" => "RI",
+        "South Carolina" => "SC",
+        "South Dakota" => "SD",
+        "Tennessee" => "TN",
+        "Texas" => "TX",
+        "Utah" => "UT",
+        "Vermont" => "VT",
+        "Virginia" => "VA",
+        "Washington" => "WA",
+        "West Virginia" => "WV",
+        "Wisconsin" => "WI",
+        "Wyoming" => "WY"
+      }
+    end
+
+    def card_types
+      {
+        'Visa' => '001',
+        'MasterCard' => '002',
+        'American Express' => '003',
+        'Discover' => '004'
+      }
+    end
+  end
+end

data/lib/cybersourcery/profile.rb

@@ -0,0 +1,54 @@
+require 'active_support'
+require 'active_support/core_ext/array/conversions.rb' # so we can use to_sentence
+
+module Cybersourcery
+  class Profile
+    include ActiveModel::Validations
+
+    VALID_ENDPOINTS = {
+      standard: '/silent/pay',
+      create_payment_token: '/silent/token/create',
+      update_payment_token: '/silent/token/update',
+      iframe_standard: '/silent/embedded/pay',
+      iframe_create_payment_token: 'silent/embedded/token/create',
+      iframe_update_payment_token: '/silent/embedded/token/update'
+    }
+
+    attr_accessor :profile_id, :name, :service, :access_key, :secret_key, :success_url,
+                  :transaction_type, :endpoint_type, :payment_method, :locale, :currency,
+                  :unsigned_field_names
+    validates_presence_of :profile_id, :name, :service, :access_key, :secret_key
+    validates_inclusion_of :service, in: %w(test live), allow_nil: false
+    validates_inclusion_of :endpoint_type, in: VALID_ENDPOINTS.keys, allow_nil: false
+    validates_inclusion_of :payment_method, in: %w(card echeck), allow_nil: false
+    validates_format_of :locale, with: /\A[a-z]{2}-[a-z]{2}\Z/, allow_nil: false
+    validates_format_of :currency, with: /\A[A-Z]{3}\Z/, allow_nil: false
+
+    def initialize(profile_id, profiles = Cybersourcery.configuration.profiles)
+      profiles[profile_id].each do |k,v|
+        self.send "#{k}=", v
+      end
+
+      @profile_id = profile_id
+      @endpoint_type = @endpoint_type.to_sym
+
+      unless self.valid?
+        raise Cybersourcery::CybersourceryError, self.errors.full_messages.to_sentence
+      end
+    end
+
+    def transaction_url(proxy_url = ENV['CYBERSOURCERY_SOP_PROXY_URL'], env = Rails.env)
+      if env == 'test' && proxy_url.present?
+        "#{proxy_url}#{VALID_ENDPOINTS[@endpoint_type]}"
+      elsif env == 'test' && proxy_url.blank?
+        "#{Cybersourcery.configuration.sop_test_url}#{VALID_ENDPOINTS[@endpoint_type]}"
+      elsif @service == 'test'
+        "#{Cybersourcery.configuration.sop_test_url}#{VALID_ENDPOINTS[@endpoint_type]}"
+      elsif @service == 'live'
+        "#{Cybersourcery.configuration.sop_live_url}#{VALID_ENDPOINTS[@endpoint_type]}"
+      else
+        raise Cybersourcery::CybersourceryError, 'Invalid conditions for determining the transaction_url'
+      end
+    end
+  end
+end

data/lib/cybersourcery/railtie.rb

@@ -0,0 +1,9 @@
+require 'cybersourcery/payments_helper'
+
+module Cybersourcery
+  class Railtie < Rails::Railtie
+    initializer 'Cybersourcery::ViewHelpers' do |app|
+      ActionView::Base.send :include, PaymentsHelper
+    end
+  end
+end

data/lib/cybersourcery/reason_code_checker.rb

@@ -0,0 +1,77 @@
+module Cybersourcery
+  class ReasonCodeChecker
+    REASON_CODE_EXPLANATIONS = {
+      '100' => 'Successful transaction.',
+      '101' => 'Declined: The request is missing one or more required fields.',
+      '102' => 'Declined: One or more fields in the request contains invalid data',
+      '104' => 'Declined: An identical authorization request has been submitted within the past 15 minutes',
+      '150' => 'Error: General system failure. Please wait a few minutes and try again.',
+      '151' => 'Error: The request was received but there was a server timeout. Please wait a few minutes and try again.',
+      '152' => 'Error: The request was received, but a service did not finish running in time. Please wait a few minutes and try again.',
+      '200' => 'Declined: The authorization request was approved by the issuing bank but declined by CyberSource because it did not pass the Address Verification Service (AVS) check',
+      '201' => 'Declined: The issuing bank has questions about the request. Please contact your credit card company.',
+      '202' => 'Declined: Expired card. Please verify your card information, or try a different card.',
+      '203' => 'Declined: General decline of the card. No other information provided by the issuing bank. Please try a different card.',
+      '204' => 'Declined: Insufficient funds in the account. Please try a different card.',
+      '205' => 'Declined: Stolen or lost card',
+      '207' => 'Declined: Issuing bank unavailable. Please wait a few minutes and try again.',
+      '208' => 'Declined: Inactive card or card not authorized for card-not-present transactions. Please try a different card.',
+      '209' => 'Declined: American Express Card Identification Digits (CID) did not match. Please verify your card information, or try a different card.',
+      '210' => 'Declined: The card has reached the credit limit. Please try a different card.',
+      '211' => 'Declined: Invalid card verification number. Please verify your card information, or try a different card.',
+      '221' => 'Declined: The customer matched an entry on the processor’s negative file.',
+      '230' => 'Declined: The authorization request was approved by the issuing bank but declined by CyberSource because it did not pass the card verification (CV) check',
+      '231' => 'Declined: Invalid account number, or the card type is not valid for the number provided. Please try a different card.',
+      '232' => 'Declined: The card type is not accepted by the payment processor.  Please try a different card.',
+      '233' => 'Declined: General decline by the processor. Please try a different card.',
+      '234' => 'Declined: There is a problem with your CyberSource merchant configuration',
+      '235' => 'Declined: The requested amount exceeds the originally authorized amount.',
+      '236' => 'Declined: Processor failure. Please wait a few minutes and try again.',
+      '237' => 'Declined: The authorization has already been reversed',
+      '238' => 'Declined: The authorization has already been captured',
+      '239' => 'Declined: The requested transaction amount must match the previous transaction amount.',
+      '240' => 'Declined: The card type sent is invalid or does not correlate with the credit card number',
+      '241' => 'Declined: The request ID is invalid',
+      '242' => 'Declined: You requested a capture, but there is no corresponding, unused authorization record. Occurs if there was not a previously successful authorization request or if the previously successful authorization has already been used by another capture request',
+      '243' => 'Declined: The transaction has already been settled or reversed',
+      '246' => 'Declined: The capture or credit is not voidable because the capture or credit information has already been submitted to your processor. Or, you requested a void for a type of transaction that cannot be voided',
+      '247' => 'Declined: You requested a credit for a capture that was previously voided',
+      '250' => 'Error: The request was received, but there was a timeout at the payment processor. Please try again in a few minutes.',
+      '251' => "Declined: The Pinless Debit card's use frequency or maximum amount per use has been exceeded.",
+      '254' => 'Declined: Account is prohibited from processing stand-alone refunds.',
+      '400' => 'Declined: Fraud score exceeds threshold.',
+      '450' => 'Apartment number missing or not found. Please verify your address information and try again.',
+      '451' => 'Insufficient address information. Please verify your address information and try again.',
+      '452' => 'House/Box number not found on street. Please verify your address information and try again.',
+      '453' => 'Multiple address matches were found. Please verify your address information and try again.',
+      '454' => 'P.O. Box identifier not found or out of range. Please verify your address information and try again.',
+      '455' => 'Route service identifier not found or out of range. Please verify your address information and try again.',
+      '456' => 'Street name not found in Postal code. Please verify your address information and try again.',
+      '457' => 'Postal code not found in database. Please verify your address information and try again.',
+      '458' => 'Unable to verify or correct address. Please verify your address information and try again.',
+      '459' => 'Multiple international address matches were found. Please verify your address information and try again.',
+      '460' => 'Address match not found. Please verify your address information and try again.',
+      '461' => 'Error: Unsupported character set.',
+      '475' => 'Error: The cardholder is enrolled in Payer Authentication. Please authenticate the cardholder before continuing with the transaction.',
+      '476' => 'Error: Encountered a Payer Authentication problem. Payer could not be authenticated.',
+      '480' => 'The order is marked for review by the Cybersource Decision Manager',
+      '481' => 'Error: The order has been rejected by the Cybersource Decision Manager',
+      '520' => 'Declined: The authorization request was approved by the issuing bank but declined by CyberSource based on your Smart Authorization settings.'
+    }
+
+    def self.run(reason_code)
+      REASON_CODE_EXPLANATIONS.fetch(
+        reason_code,
+        "Declined: unknown reason (code #{reason_code})"
+      )
+    end
+
+    def self.run!(reason_code)
+      if reason_code == '100'
+        self.run(reason_code)
+      else
+        raise Cybersourcery::CybersourceryError, self.run(reason_code)
+      end
+    end
+  end
+end

data/lib/cybersourcery/signature_checker.rb

@@ -0,0 +1,40 @@
+module Cybersourcery
+  class SignatureChecker
+    attr_reader :profile, :params
+
+    def initialize(args = {})
+      @profile = args[:profile]
+      @params = args[:params]
+      post_initialize(args)
+    end
+
+    # subclasses can override
+    def post_initialize(args)
+      nil
+    end
+
+    def run
+      signature == Cybersourcery::CybersourceSigner::Signer.signature(signature_message, @profile.secret_key)
+    end
+
+    def run!
+      raise Cybersourcery::CybersourceryError, 'Detected possible data tampering. Signatures do not match.' unless run
+    end
+
+    private
+
+    def signed_field_names
+      raise NotImplementedError, "This #{self.class} cannot respond to:"
+    end
+
+    def signature
+      raise NotImplementedError, "This #{self.class} cannot respond to:"
+    end
+
+    def signature_message
+      signed_fields_keys = signed_field_names.split(',')
+      signed_fields = @params.select { |k, v| signed_fields_keys.include? k }
+      Cybersourcery::CybersourceSigner.signature_message(signed_fields, signed_fields_keys)
+    end
+  end
+end

data/lib/cybersourcery/version.rb

@@ -0,0 +1,3 @@
+module Cybersourcery
+  VERSION = '0.0.6'
+end

data/lib/rails/generators/cybersourcery/config/config_generator.rb

@@ -0,0 +1,19 @@
+module Cybersourcery
+  module Generators
+    class ConfigGenerator < Rails::Generators::Base
+      desc 'Creates a configuration file and an initializer file for the Cybersourcery gem'
+
+      def self.source_root
+        @source_root ||= File.expand_path('../templates', __FILE__)
+      end
+
+      def create_config_file
+        template 'cybersourcery_profiles.yml', File.join('config', 'cybersourcery_profiles.yml')
+      end
+
+      def create_initializer_file
+        template 'cybersourcery.rb', File.join('config', 'initializers', 'cybersourcery.rb')
+      end
+    end
+  end
+end

data/lib/rails/generators/cybersourcery/config/templates/cybersourcery.rb

@@ -0,0 +1,5 @@
+Cybersourcery.configure do |config|
+  config.profiles_path = "#{Rails.root}/config/cybersourcery_profiles.yml"
+  config.sop_live_url =  'https://secureacceptance.cybersource.com'
+  config.sop_test_url = 'https://testsecureacceptance.cybersource.com'
+end

data/lib/rails/generators/cybersourcery/config/templates/cybersourcery_profiles.yml

@@ -0,0 +1,14 @@
+replace_this_key_with_your_cybersource_profile_id:
+  name: A nice description
+  service: test
+  access_key: your_access_key
+  secret_key: your_secret_key
+  success_url: http://your_optional_url_for_redirect_after_a_successful_transaction.com
+  transaction_type: sale,create_payment_token
+  endpoint_type: standard
+  payment_method: card
+  locale: en-us
+  currency: USD
+  unsigned_field_names: bill_to_email,bill_to_forename,bill_to_surname,bill_to_address_line1,bill_to_address_line2,bill_to_address_country,bill_to_address_state,bill_to_address_postal_code,bill_to_address_city,card_cvn,card_expiry_date,card_number,card_type
+
+# you can have multiple profiles here

data/lib/tasks/cybersourcery_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :cybersourcery do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,293 @@
+--- !ruby/object:Gem::Specification
+name: cybersourcery
+version: !ruby/object:Gem::Version
+  version: 0.0.6
+platform: ruby
+authors:
+- Michael Toppa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-10-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.1'
+- !ruby/object:Gem::Dependency
+  name: ruby-hmac
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.3'
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.4'
+- !ruby/object:Gem::Dependency
+  name: poltergeist
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: slim-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.1.5
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.1.5
+- !ruby/object:Gem::Dependency
+  name: bootstrap-sass
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.0.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.0.1
+- !ruby/object:Gem::Dependency
+  name: simple_form
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.1.0.rc2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.1.0.rc2
+- !ruby/object:Gem::Dependency
+  name: sass-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: coffee-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: jquery-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.1'
+- !ruby/object:Gem::Dependency
+  name: dotenv-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.11'
+- !ruby/object:Gem::Dependency
+  name: cybersourcery_testing
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+description: Cybersourcery takes care of the most difficult aspects of working with
+  Cybersource in Rails. It makes as few assumptions as possible about your business
+  requirements, allowing you to use any subset of features appropriate to your needs.
+email:
+- public@toppa.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- Rakefile
+- lib/cybersourcery.rb
+- lib/cybersourcery/cart_signature_checker.rb
+- lib/cybersourcery/cart_signer.rb
+- lib/cybersourcery/configuration.rb
+- lib/cybersourcery/container.rb
+- lib/cybersourcery/cybersource_params_normalizer.rb
+- lib/cybersourcery/cybersource_signature_checker.rb
+- lib/cybersourcery/cybersource_signer.rb
+- lib/cybersourcery/exceptions.rb
+- lib/cybersourcery/merchant_data_serializer.rb
+- lib/cybersourcery/payment.rb
+- lib/cybersourcery/payments_helper.rb
+- lib/cybersourcery/profile.rb
+- lib/cybersourcery/railtie.rb
+- lib/cybersourcery/reason_code_checker.rb
+- lib/cybersourcery/signature_checker.rb
+- lib/cybersourcery/version.rb
+- lib/rails/generators/cybersourcery/config/config_generator.rb
+- lib/rails/generators/cybersourcery/config/templates/cybersourcery.rb
+- lib/rails/generators/cybersourcery/config/templates/cybersourcery_profiles.yml
+- lib/tasks/cybersourcery_tasks.rake
+homepage: https://github.com/promptworks/cybersourcery
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.1
+signing_key: 
+specification_version: 4
+summary: A pain removal gem for working with Cybersource Secure Acceptance Silent
+  Order POST
+test_files: []