ecpay_payment 1.1.2

data/lib/ecpay_payment/exec_grant_refund.rb

@@ -0,0 +1,82 @@
+require "digest"
+require "uri"
+require "net/http"
+require "net/https"
+require "json"
+require "ecpay_payment/helper"
+require "ecpay_payment/verification"
+require "ecpay_payment/error"
+require "ecpay_payment/core_ext/hash"
+require "ecpay_payment/core_ext/string"
+#require "helper"
+#require "verification"
+#require "error"
+#require "core_ext/hash"
+#require "core_ext/string"
+
+module ECpayPayment
+
+  class ECpayExecRefundAndGrant
+
+    def initialize
+      @helper = APIHelper.new
+      #@verify_aiochkout = AioCheckOutParamVerify.new
+
+    end
+
+    def credit_do_act(param)
+      act_base_proc!(params: param)
+      res = act_pos_proc!(params: param, apiname: 'DoAction')
+      return res
+    end
+
+    def aio_capture(param)
+      act_base_proc!(params: param)
+      res = act_pos_proc!(params: param, apiname: 'Capture')
+      return res
+    end
+
+    ### Private method definition start ###
+    private
+
+      def act_base_proc!(params:)
+        if params.is_a?(Hash)
+          # Transform param key to string
+          params.stringify_keys()
+
+          # Process PlatformID & MerchantID by contractor setting
+          if @helper.is_contractor?
+            params['PlatformID'] = @helper.get_mercid
+            if params['MerchantID'].nil?
+              raise "[MerchantID] should be specified when you're contractor-Platform."
+            end
+          else
+            params['PlatformID'] = ''
+            params['MerchantID'] = @helper.get_mercid
+          end
+        else
+          raise ECpayInvalidParam, "Recieved parameter object must be a Hash"
+        end
+      end
+
+      def act_pos_proc!(params:, apiname:)
+        verify_query_api = ECpayPayment::ActParamVerify.new(apiname)
+        verify_query_api.verify_act_param(params)
+        #encode special param
+
+        # Insert chkmacval
+        chkmac = @helper.gen_chk_mac_value(params)
+        params['CheckMacValue'] = chkmac
+        # gen post html
+        api_url = verify_query_api.get_svc_url(apiname, @helper.get_op_mode)
+        #post from server
+        resp = @helper.http_request(method: 'POST', url: api_url, payload: params)
+
+        # return  post response
+        return resp
+      end
+
+    ### Private method definition end ###
+
+  end
+end

data/lib/ecpay_payment/helper.rb

@@ -0,0 +1,205 @@
+require 'openssl'
+require 'base64'
+require 'digest'
+require 'uri'
+require 'cgi'
+require 'net/http'
+require 'nokogiri'
+require 'date'
+
+class APIHelper
+    conf = File.join(File.dirname(__FILE__), '..', '..', 'conf', 'payment_conf.xml')
+    @@conf_xml = Nokogiri::XML(File.open(conf))
+
+    def initialize
+        active_merc_info = @@conf_xml.xpath('/Conf/MercProfile').text
+        @op_mode = @@conf_xml.xpath('/Conf/OperatingMode').text
+        @contractor_stat = @@conf_xml.xpath('/Conf/IsProjectContractor').text
+        merc_info = @@conf_xml.xpath("/Conf/MerchantInfo/MInfo[@name=\"#{active_merc_info}\"]")
+        @ignore_payment = []
+        @@conf_xml.xpath('/Conf/IgnorePayment//Method').each {|t| @ignore_payment.push(t.text)}
+        if merc_info != []
+            @merc_id = merc_info[0].xpath('./MerchantID').text.freeze
+            @hkey = merc_info[0].xpath('./HashKey').text.freeze
+            @hiv = merc_info[0].xpath('./HashIV').text.freeze
+
+        else
+            raise "Specified merchant setting name (#{active_merc_info}) not found."
+        end
+    end
+
+    def get_mercid()
+        return @merc_id
+    end
+
+    def get_op_mode()
+        return @op_mode
+    end
+
+    def get_ignore_pay()
+        return @ignore_payment
+    end
+
+    def get_curr_unixtime()
+        return Time.now.to_i
+    end
+
+    def is_contractor?()
+        if @contractor_stat == 'N'
+            return false
+        elsif @contractor_stat == 'Y'
+            return true
+        else
+            raise "Unknown [IsProjectContractor] configuration."
+        end
+    end
+
+    def urlencode_dot_net(raw_data, case_tr:'DOWN')
+        if raw_data.is_a?(String)
+            encoded_data = CGI.escape(raw_data)
+            case case_tr
+            when 'KEEP'
+                # Do nothing
+            when 'UP'
+                encoded_data.upcase!
+            when 'DOWN'
+                encoded_data.downcase!
+            end
+            # Process encoding difference between .NET & CGI
+            encoded_data.gsub!('%21', '!')
+            encoded_data.gsub!('%2a', '*')
+            encoded_data.gsub!('%28', '(')
+            encoded_data.gsub!('%29', ')')
+            return encoded_data
+        else
+            raise "Data recieved is not a string."
+        end
+    end
+
+    def encode_special_param!(params, target_arr)
+        if params.is_a?(Hash)
+            target_arr.each do |n|
+                if params.keys.include?(n)
+                    val = self.urlencode_dot_net(params[n])
+                    params[n] = val
+                end
+            end
+        end
+    end
+
+    def gen_chk_mac_value(params, mode: 1)
+        if params.is_a?(Hash)
+            # raise exception if param contains CheckMacValue, HashKey, HashIV
+            sec = ['CheckMacValue', 'HashKey', 'HashIV']
+            sec.each do |pa|
+                if params.keys.include?(pa)
+                    raise "Parameters shouldn't contain #{pa}"
+                end
+            end
+
+            raw = params.sort_by{|key,val|key.downcase}.map!{|key,val| "#{key}=#{val}"}.join('&')
+            raw = self.urlencode_dot_net(["HashKey=#{@hkey}", raw, "HashIV=#{@hiv}"].join("&"), case_tr: 'DOWN')
+            p raw
+            case mode
+            when 0
+            chksum = Digest::MD5.hexdigest(raw)
+            when 1
+            chksum = Digest::SHA256.hexdigest(raw)
+            else
+                raise "Unexpected hash mode."
+            end
+            return chksum.upcase!
+        else
+            raise "Data recieved is not a Hash."
+        end
+    end
+
+    def gen_aes_encrypt(params)
+        if params.is_a?(Hash)
+            # raise exception if param contains HashKey, HashIV
+            sec = ['HashKey', 'HashIV']
+            sec.each do |pa|
+                if params.keys.include?(pa)
+                    raise "Parameters shouldn't contain #{pa}"
+                end
+            end
+            cipher = OpenSSL::Cipher.new('AES-128-CBC')
+            cipher.encrypt
+            cipher.padding = 16
+            cipher.key = @hkey
+            cipher.iv = @hiv
+            text = params['PaymentToken'].to_s
+            encrypted = cipher.update(text) + cipher.final
+            encrypted_base64 = Base64.encode64(encrypted)
+            return self.urlencode_dot_net(encrypted_base64)
+        else
+            raise "Data recieved is not a Hash."
+        end
+    end
+
+    def http_request(method:, url:, payload:)
+
+        target_url = URI.parse(url)
+
+        case method
+        when 'GET'
+          target_url.query = URI.encode_www_form(payload)
+          res = Net::HTTP.get_response(target_url)
+        when 'POST'
+          res = Net::HTTP.post_form(target_url, payload)
+        else
+          raise ArgumentError, "Only GET & POST method are avaliable."
+        end
+        return res.body
+        # if res == Net::HTTPOK
+        #     return res
+        # else
+        #     raise "#{res.message}, #{res}"
+        # end
+
+        # when Net::HTTPClientError, Net::HTTPInternalServerError
+        #   raise Net::HTTPError.new(http_response.message, http_response)
+        # else
+        #   raise Net::HTTPError.new("Unexpected HTTP response.", http_response)
+        # end
+    end
+
+
+    def gen_html_post_form(act:, id:, parameters:, input_typ:'hidden', submit: true)
+        f = Nokogiri::HTML::Builder.new do |doc|
+            doc.form(method: 'post', action: act, id: id) {
+                parameters.map{|key,val|
+                doc.input(type: input_typ, name: key, id: key, value: val)
+                }
+                if submit == true
+                    doc.script(type: 'text/javascript').text("document.getElementById(\"#{id}\").submit();")
+                end
+            }
+        end
+        return f.to_html
+    end
+
+
+    def valid_chkmac_string?(str)
+        rtn_hash = {}
+        rtn_list = str.split('&')
+        rtn_list.each do |e|
+            param = e.split('=')
+            rtn_hash[param[0]] = param[1]
+        end
+        chkmac = rtn_hash['CheckMacValue']
+        rtn_hash.delete('CheckMacValue')
+        if chkmac.length == 64
+            val = gen_chk_mac_value(rtn_hash)
+        elsif chkmac.length == 32
+            val = gen_chk_mac_value(rtn_hash, mode: 0)
+        end
+        if chkmac == val
+            return true
+        else
+            return false
+        end
+
+    end
+
+end

data/lib/ecpay_payment/payment_client.rb

@@ -0,0 +1,217 @@
+require "digest"
+require "uri"
+require "net/http"
+require "net/https"
+require "json"
+require "ecpay_payment/helper"
+require "ecpay_payment/verification"
+require "ecpay_payment/error"
+require "ecpay_payment/core_ext/hash"
+require "ecpay_payment/core_ext/string"
+# require "../../../gem/lib/ecpay_payment/helper"
+# require "../../../gem/lib/ecpay_payment/verification"
+# require "../../../gem/lib/ecpay_payment/error"
+# require "../../../gem/lib/ecpay_payment/core_ext/hash"
+# require "../../../gem/lib/ecpay_payment/core_ext/string"
+
+module ECpayPayment
+
+	class ECpayPaymentClient
+    include ECpayErrorDefinition
+
+		def initialize
+      @helper = APIHelper.new
+      @verify_aiochkout = ECpayPayment::AioCheckOutParamVerify.new
+
+    end
+
+    def aio_check_out_all(params:, invoice:{})
+      unsupport = []
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'ALL')
+      # handle Ignore Payment
+      params['IgnorePayment'] = @helper.get_ignore_pay.join('#')
+      html = aiochkout_pos_proc!(params: params)
+      return html
+
+    end
+
+    def aio_check_out_credit_onetime(params:, invoice:{})
+      unsupport = ['HoldTradeAMT', 'IgnorePayment']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'Credit')
+      html = aiochkout_pos_proc!(params: params)
+      return html
+    end
+
+    def aio_check_out_applepay(params:, invoice:{})
+      unsupport = ['HoldTradeAMT', 'IgnorePayment']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'ApplePay')
+      html = aiochkout_pos_proc!(params: params)
+      return html
+    end
+    #2019/09/30暫時關閉GooglePay付款方式
+    # def aio_check_out_googlepay(params:, invoice:{})
+    #   unsupport = ['HoldTradeAMT', 'IgnorePayment']
+    #   aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'GooglePay')
+    #   html = aiochkout_pos_proc!(params: params)
+    #   return html
+    # end
+
+    def aio_check_out_credit_divide(params:, invoice:{}, installment: )
+      unsupport = ['HoldTradeAMT', 'IgnorePayment', 'Redeem', 'PeriodAmount', 'PeriodType', 'Frequency', 'ExecTimes', 'PeriodReturnURL']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'Credit')
+      params['CreditInstallment'] = installment
+      html = aiochkout_pos_proc!(params: params)
+      return html
+    end
+
+    def aio_check_out_credit_period(period_info:, params:, invoice:{})
+      # 'PeriodAmount', 'PeriodType', 'Frequency', 'ExecTimes', 'PeriodReturnURL'
+      unsupport = ['HoldTradeAMT', 'IgnorePayment', 'Redeem', 'CreditInstallment', 'InstallmentAmount']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'Credit')
+      if period_info.is_a?(Hash)
+        period_args = ['PeriodAmount', 'PeriodType', 'Frequency', 'ExecTimes', 'PeriodReturnURL']
+        if period_info.keys.sort() == period_args.sort()
+          params.merge!(period_info)
+          # Add total amount protection!!!
+
+          html = aiochkout_pos_proc!(params: params)
+          return html
+        else
+          raise "Credit card period parameters must be #{period_args}."
+        end
+      else
+        raise "Recieved period_info argument must be a Hash."
+      end
+
+    end
+
+    def aio_check_out_atm(params:, url_return_payinfo:'', exp_period:'', client_redirect:'', invoice:{})
+      unsupport = ['IgnorePayment']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'ATM')
+      if exp_period == ''
+        params.delete('ExpireDate')
+      else
+        params['ExpireDate'] = exp_period
+      end
+			if client_redirect == ''
+        params.delete('ClientRedirectURL')
+			else
+				params['ClientRedirectURL'] = client_redirect
+      end
+			if url_return_payinfo == ''
+        params.delete('PaymentInfoURL')
+			else
+				params['PaymentInfoURL'] = url_return_payinfo
+      end
+      html = aiochkout_pos_proc!(params: params)
+      return html
+    end
+
+    def aio_check_out_webatm(params:, invoice:{})
+      unsupport = ['IgnorePayment']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'WebATM')
+      html = aiochkout_pos_proc!(params: params)
+      return html
+    end
+
+    def aio_check_out_cvs(cvs_info:, params:, invoice:{}, client_redirect_url:'')
+      unsupport = ['IgnorePayment']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'CVS')
+      if cvs_info.is_a?(Hash)
+        cvs_args = ['StoreExpireDate', 'Desc_1', 'Desc_2', 'Desc_3', 'Desc_4', 'PaymentInfoURL']
+        if cvs_info.keys.sort() == cvs_args.sort()
+          params.merge!(cvs_info)
+          if client_redirect_url == '' or client_redirect_url.nil?
+            params.delete('ClientRedirectURL')
+          else
+            params['ClientRedirectURL'] = client_redirect_url
+          end
+          html = aiochkout_pos_proc!(params: params)
+          return html
+        else
+          raise "CVS info keys must match #{cvs_args}."
+        end
+      else
+        raise "Recieved cvs_info argument must be a Hash."
+      end
+    end
+
+		def aio_check_out_barcode(barcode_info:, params:, invoice:{}, client_redirect_url:'')
+      unsupport = ['IgnorePayment']
+      aiochkout_base_proc!(params: params, invoice: invoice, unsupport_param: unsupport, pay_method: 'BARCODE')
+      if barcode_info.is_a?(Hash)
+        barcode_args = ['StoreExpireDate', 'Desc_1', 'Desc_2', 'Desc_3', 'Desc_4', 'PaymentInfoURL']
+        if barcode_info.keys.sort() == barcode_args.sort()
+          params.merge!(barcode_info)
+          if client_redirect_url == '' or client_redirect_url.nil?
+            params.delete('ClientRedirectURL')
+          else
+            params['ClientRedirectURL'] = client_redirect_url
+          end
+          html = aiochkout_pos_proc!(params: params)
+          return html
+        else
+          raise "BARCODE info keys must match #{barcode_args}."
+        end
+      else
+        raise "Recieved barcode_info argument must be a Hash."
+      end
+    end
+
+    ### Private method definition start ###
+    private
+      def aiochkout_base_proc!(params:, invoice:{}, unsupport_param:, pay_method:)
+        if params.is_a?(Hash)
+          # Transform param key to string
+          params.stringify_keys()
+          # Remove HoldTradeAMT, IgnorePayment
+          if unsupport_param.is_a?(Array)
+            unsupport_param.each{|pa|params.delete(pa)}
+          else
+            raise "argument unsupport_param must be an Array."
+          end
+          # User doesn't have to specify ChoosePayment
+          params['ChoosePayment'] = pay_method
+          # Process PlatformID & MerchantID by contractor setting
+          if @helper.is_contractor?
+            params['PlatformID'] = @helper.get_mercid
+            if params['MerchantID'].nil?
+              raise "[MerchantID] should be specified when you're contractor-Platform."
+            end
+          else
+            params['PlatformID'] = ''
+            params['MerchantID'] = @helper.get_mercid
+          end
+          # InvoiceMark based on keyword argument: invoice
+          if invoice == {}
+            params['InvoiceMark'] = 'N'
+          else
+            params['InvoiceMark'] = 'Y'
+            @verify_aiochkout.verify_aio_inv_param(invoice)
+            #merge param & inv param
+            params.merge!(invoice)
+          end
+        else
+          raise ECpayInvalidParam, "Recieved parameter object must be a Hash"
+        end
+      end
+
+      def aiochkout_pos_proc!(params:)
+        @verify_aiochkout.verify_aio_payment_param(params)
+        #encode special param
+        sp_param = @verify_aiochkout.get_special_encode_param('AioCheckOut')
+        @helper.encode_special_param!(params, sp_param)
+
+        # Insert chkmacval
+        chkmac = @helper.gen_chk_mac_value(params)
+        params['CheckMacValue'] = chkmac
+        # gen post html
+        api_url = @verify_aiochkout.get_svc_url('AioCheckOut', @helper.get_op_mode)
+        htm = @helper.gen_html_post_form(act: api_url, id: '_form_aiochk', parameters: params)
+        # return  post htm
+        return htm
+      end
+    ### Private method definition end ###
+
+  end
+end

data/lib/ecpay_payment/query_client.rb

@@ -0,0 +1,142 @@
+require "digest"
+require "uri"
+require "net/http"
+require "net/https"
+require "json"
+require "date"
+require "ecpay_payment/helper"
+require "ecpay_payment/verification"
+require "ecpay_payment/error"
+require "ecpay_payment/core_ext/hash"
+require "ecpay_payment/core_ext/string"
+# require "../../../gem/lib/ecpay_payment/helper"
+# require "../../../gem/lib/ecpay_payment/verification"
+# require "../../../gem/lib/ecpay_payment/error"
+# require "../../../gem/lib/ecpay_payment/core_ext/hash"
+# require "../../../gem/lib/ecpay_payment/core_ext/string"
+
+module ECpayPayment
+
+  class ECpayQueryClient
+
+    def initialize
+      @helper = APIHelper.new
+      #@verify_query_api = QueryTradeInfoParamVerify.new
+
+    end
+
+    def create_server_order(param)
+      query_base_proc!(params: param)
+      res = query_pos_proc!(params: param, apiname: 'CreateServerOrder')
+      return res
+    end
+
+    def query_trade_info(param)
+      query_base_proc!(params: param)
+      unix_time = get_curr_unix_time() + 120
+      param['TimeStamp'] = unix_time.to_s
+      p param['TimeStamp']
+      res = query_pos_proc!(params: param, apiname: 'QueryTradeInfo')
+      return res
+    end
+
+    def query_credit_period(param)
+      query_base_proc!(params: param)
+      unix_time = get_curr_unix_time() + 120
+      param['TimeStamp'] = unix_time.to_s
+      p param['TimeStamp']
+      param.delete('PlatformID')
+      res = query_pos_proc!(params: param, apiname: 'QueryCreditCardPeriodInfo')
+      return res
+    end
+
+    def query_transac_csv(param)
+      query_base_proc!(params: param)
+      param.delete('PlatformID')
+      res = query_pos_proc!(params: param, apiname: 'TradeNoAio', big5_trans: true)
+      return res
+    end
+
+    def query_credit_single(param)
+      query_base_proc!(params: param)
+      param.delete('PlatformID')
+      res = query_pos_proc!(params: param, apiname: 'QueryTradeV2')
+      return res
+    end
+
+    def query_credit_csv(param)
+      query_base_proc!(params: param)
+      param.delete('PlatformID')
+      res = query_pos_proc!(params: param, apiname: 'FundingReconDetail')
+      return res
+    end
+
+
+
+    ### Private method definition start ###
+    private
+
+      def get_curr_unix_time()
+        return Time.now.to_i
+      end
+
+      def query_base_proc!(params:)
+        if params.is_a?(Hash)
+          # Transform param key to string
+          params.stringify_keys()
+
+          if @helper.is_contractor?
+            params['PlatformID'] = @helper.get_mercid
+            if params['MerchantID'].nil?
+              raise "[MerchantID] should be specified when you're contractor-Platform."
+            end
+          else
+            params['PlatformID'] = ''
+            params['MerchantID'] = @helper.get_mercid
+          end
+        else
+          raise ECpayInvalidParam, "Recieved parameter object must be a Hash"
+        end
+      end
+
+      def query_pos_proc!(params:, apiname:, big5_trans:false)
+        verify_query_api = ECpayPayment::QueryParamVerify.new(apiname)
+        verify_query_api.verify_query_param(params)
+        if apiname == 'CreateServerOrder'
+          exclusive_list = ['PaymentToken']
+        else
+          exclusive_list = []
+        end
+        #encode special param
+        # for PaymentToken
+        exclusive_ele = {}
+        for param in exclusive_list
+          exclusive_ele[param] = params[param]
+          params.delete(param)
+        end
+        # Insert chkmacval
+        chkmac = @helper.gen_chk_mac_value(params)
+        params['CheckMacValue'] = chkmac
+
+        for param in exclusive_list
+          paymenttoken = @helper.gen_aes_encrypt(exclusive_ele)
+          params[param] = paymenttoken
+        end
+
+        # gen post html
+        api_url = verify_query_api.get_svc_url(apiname, @helper.get_op_mode)
+        p params
+        #post from server
+        resp = @helper.http_request(method: 'POST', url: api_url, payload: params)
+
+        # return  post response
+        if big5_trans
+          return resp.encode('utf-8', 'big5')
+        else
+          return resp
+        end
+      end
+    ### Private method definition end ###
+
+  end
+end