fishman-activemerchant 1.18.0

data/lib/active_merchant/billing/integrations/sage_pay_form/helper.rb

@@ -0,0 +1,111 @@
+require 'uri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        class Helper < ActiveMerchant::Billing::Integrations::Helper
+          include Encryption
+          
+          mapping :credential2, 'EncryptKey'
+          
+          mapping :account, 'Vendor'
+          mapping :amount, 'Amount'
+          mapping :currency, 'Currency'
+        
+          mapping :order, 'VendorTxCode'
+
+          mapping :customer,
+            :first_name => 'BillingFirstnames',
+            :last_name  => 'BillingSurname',
+            :email      => 'CustomerEMail',
+            :phone      => 'BillingPhone',
+            :send_email_confirmation => 'SendEmail'
+
+          mapping :billing_address,
+            :city     => 'BillingCity',
+            :address1 => 'BillingAddress1',
+            :address2 => 'BillingAddress2',
+            :state    => 'BillingState',
+            :zip      => 'BillingPostCode',
+            :country  => 'BillingCountry'
+
+          mapping :shipping_address,
+            :city     => 'DeliveryCity',
+            :address1 => 'DeliveryAddress1',
+            :address2 => 'DeliveryAddress2',
+            :state    => 'DeliveryState',
+            :zip      => 'DeliveryPostCode',
+            :country  => 'DeliveryCountry'
+
+          mapping :return_url, 'SuccessURL'
+          mapping :description, 'Description'
+
+          def form_fields
+            fields['DeliveryFirstnames'] ||= fields['BillingFirstnames']
+            fields['DeliverySurname']    ||= fields['BillingSurname']
+            
+            fields['FailureURL'] ||= fields['SuccessURL']
+
+            crypt_skip = ['Vendor', 'EncryptKey', 'SendEmail']
+            crypt_skip << 'BillingState'  unless fields['BillingCountry']  == 'US'
+            crypt_skip << 'DeliveryState' unless fields['DeliveryCountry'] == 'US'
+            crypt_skip << 'CustomerEMail' unless fields['SendEmail']
+            
+            key = fields['EncryptKey']
+            @crypt ||= create_crypt_field(fields.except(*crypt_skip), key)
+            
+            {
+              'VPSProtocol' => '2.23',
+              'TxType' => 'PAYMENT',
+              'Vendor' => @fields['Vendor'],
+              'Crypt'  => @crypt
+            }
+          end
+
+          private
+
+          def create_crypt_field(fields, key)
+            parts = fields.map { |k, v| "#{k}=#{sanitize(k, v)}" unless v.nil? }.compact.shuffle
+            parts.unshift(sage_encrypt_salt(key.length, key.length * 2))
+            sage_encrypt(parts.join('&'), key)
+          end
+
+          def sanitize(key, value)
+            reject = exact = nil
+            
+            case key
+            when /URL$/
+              # allow all
+            when 'VendorTxCode'
+              reject = /[^A-Za-z0-9{}._-]+/
+            when /[Nn]ames?$/
+              reject = %r{[^[:alpha:] /\\.'-]+}
+            when /(?:Address[12]|City)$/
+              reject = %r{[^[:alnum:] +'/\\:,.\n()-]+}
+            when /PostCode$/
+              reject = /[^A-Za-z0-9 -]+/
+            when /Phone$/
+              reject = /[^0-9A-Za-z+ ()-]+/
+            when 'Currency'
+              exact = /^[A-Z]{3}$/
+            when /State$/
+              exact = /^[A-Z]{2}$/
+            else
+              reject = /&+/
+            end
+            
+            if exact
+              raise ArgumentError, "Invalid value for #{key}: #{value.inspect}" unless value =~ exact
+              value
+            elsif reject
+              value.gsub(reject, ' ')
+            else
+              value
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/sage_pay_form/notification.rb

@@ -0,0 +1,210 @@
+require 'net/http'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        class Notification < ActiveMerchant::Billing::Integrations::Notification
+          class CryptError < StandardError; end
+
+          include Encryption
+          
+          def initialize(post_data, options)
+            super
+            load_crypt_params(params['crypt'], options[:credential2])
+          end
+          
+          # Was the transaction complete?
+          def complete?
+            status_code == 'OK'
+          end
+
+          # Was the transaction cancelled?
+          # Unfortunately, we can't distinguish "user abort" from "idle too long".
+          def cancelled?
+            status_code == 'ABORT'
+          end
+
+          # Text version of #complete?, since we don't support Pending.
+          def status
+            complete? ? 'Completed' : 'Failed'
+          end
+
+          # Status of transaction. List of possible values:
+          # <tt>OK</tt>:: Transaction completed successfully.
+          # <tt>NOTAUTHED</tt>:: Incorrect card details / insufficient funds.
+          # <tt>MALFORMED</tt>:: Invalid input data.
+          # <tt>INVALID</tt>:: Valid input data, but some fields are incorrect.
+          # <tt>ABORT</tt>:: User hit cancel button or went idle for 15+ minutes.
+          # <tt>REJECTED</tt>:: Rejected by account fraud screening rules.
+          # <tt>AUTHENTICATED</tt>:: Authenticated card details secured at SagePay.
+          # <tt>REGISTERED</tt>:: Non-authenticated card details secured at SagePay.
+          # <tt>ERROR</tt>:: Problem internal to SagePay.
+          def status_code
+            params['Status']
+          end
+
+          # Check this if #completed? is false.
+          def message
+            params['StatusDetail']
+          end
+
+          # Vendor-supplied code (:order mapping).
+          def item_id
+            params['VendorTxCode']
+          end
+
+          # Internal SagePay code, typically "{LONG-UUID}".
+          def transaction_id
+            params['VPSTxId']
+          end
+
+          # Authorization number (only if #completed?).
+          def auth_id
+            params['TxAuthNo']
+          end
+
+          # Total amount (no fees).
+          def gross
+            params['Amount']
+          end
+          
+          # AVS and CV2 check results.  Possible values:
+          # <tt>ALL MATCH</tt>::
+          # <tt>SECURITY CODE MATCH ONLY</tt>::
+          # <tt>ADDRESS MATCH ONLY</tt>::
+          # <tt>NO DATA MATCHES</tt>::
+          # <tt>DATA NOT CHECKED</tt>::
+          def avs_cv2_result
+            params['AVSCV2']
+          end
+          
+          # Numeric address check.  Possible values:
+          # <tt>NOTPROVIDED</tt>::
+          # <tt>NOTCHECKED</tt>::
+          # <tt>MATCHED</tt>::
+          # <tt>NOTMATCHED</tt>::          
+          def address_result
+            params['AddressResult']
+          end
+          
+          # Post code check.  Possible values:
+          # <tt>NOTPROVIDED</tt>::
+          # <tt>NOTCHECKED</tt>::
+          # <tt>MATCHED</tt>::
+          # <tt>NOTMATCHED</tt>::          
+          def post_code_result
+            params['PostCodeResult']
+          end
+
+          # CV2 code check.  Possible values:
+          # <tt>NOTPROVIDED</tt>::
+          # <tt>NOTCHECKED</tt>::
+          # <tt>MATCHED</tt>::
+          # <tt>NOTMATCHED</tt>::          
+          def cv2_result
+            params['CV2Result']
+          end
+
+          # Was the Gift Aid box checked?
+          def gift_aid?
+            params['GiftAid'] == '1'
+          end
+
+          # Result of 3D Secure checks.  Possible values:
+          # <tt>OK</tt>:: Authenticated correctly.
+          # <tt>NOTCHECKED</tt>:: Authentication not performed.
+          # <tt>NOTAVAILABLE</tt>:: Card not auth-capable, or auth is otherwise impossible.
+          # <tt>NOTAUTHED</tt>:: User failed authentication.
+          # <tt>INCOMPLETE</tt>:: Authentication unable to complete.
+          # <tt>ERROR</tt>:: Unable to attempt authentication due to data / service errors.
+          def buyer_auth_result
+            params['3DSecureStatus']
+          end
+
+          # Encoded 3D Secure result code.
+          def buyer_auth_result_code
+            params['CAVV']
+          end
+
+          # Address confirmation status.  PayPal only.  Possible values:
+          # <tt>NONE</tt>:: 
+          # <tt>CONFIRMED</tt>:: 
+          # <tt>UNCONFIRMED</tt>:: 
+          def address_status
+            params['AddressStatus']
+          end
+
+          # Payer verification.  Undocumented.
+          def payer_verified?
+            params['PayerStatus'] == 'VERIFIED'
+          end
+          
+          # Credit card type.  Possible values:
+          # <tt>VISA</tt>:: Visa
+          # <tt>MC</tt>:: MasterCard
+          # <tt>DELTA</tt>:: Delta
+          # <tt>SOLO</tt>:: Solo
+          # <tt>MAESTRO</tt>:: Maestro (UK and International)
+          # <tt>UKE</tt>:: Visa Electron
+          # <tt>AMEX</tt>:: American Express
+          # <tt>DC</tt>:: Diners Club
+          # <tt>JCB</tt>:: JCB
+          # <tt>LASER</tt>:: Laser
+          # <tt>PAYPAL</tt>:: PayPal
+          def credit_card_type
+            params['CardType']
+          end
+
+          # Last four digits of credit card.
+          def credit_card_last_4_digits
+            params['Last4Digits']
+          end
+
+          # Used by composition methods, but not supplied by SagePay.
+          def currency
+            nil
+          end
+
+          def test?
+            false
+          end
+          
+          def acknowledge      
+            true
+          end
+
+          private
+
+          def load_crypt_params(crypt, key)
+            raise MissingCryptData if crypt.blank?
+            raise MissingCryptKey  if key.blank?
+            
+            crypt_data = sage_decrypt(crypt.gsub(' ', '+'), key)
+            raise InvalidCryptData unless crypt_data =~ /(^|&)Status=/
+
+            params.clear            
+            parse(crypt_data)
+          end
+
+          class MissingCryptKey  < CryptError
+            def message
+              'No merchant decryption key supplied'
+            end
+          end
+          class MissingCryptData < CryptError
+            def message
+              'No data received from SagePay'
+            end
+          end
+          class InvalidCryptData < CryptError
+            def message
+              'Invalid data received from SagePay'
+            end
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/sage_pay_form/return.rb

@@ -0,0 +1,31 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        class Return < ActiveMerchant::Billing::Integrations::Return
+
+          def initialize(query_string, options)
+            begin
+              @notification = Notification.new(query_string, options)
+            rescue Notification::CryptError => e
+              @message = e.message
+            end
+          end
+
+          def success?
+            @notification && @notification.complete?
+          end
+
+          def cancelled?
+            @notification && @notification.cancelled?
+          end
+
+          def message
+            @message || @notification.message
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/two_checkout.rb

@@ -0,0 +1,23 @@
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module TwoCheckout 
+        autoload 'Helper', File.dirname(__FILE__) + '/two_checkout/helper'
+        autoload 'Return', File.dirname(__FILE__) + '/two_checkout/return'
+        autoload 'Notification', File.dirname(__FILE__) + '/two_checkout/notification'
+       
+        mattr_accessor :service_url
+        self.service_url = 'https://www.2checkout.com/2co/buyer/purchase'
+
+        def self.notification(post, options = {})
+          Notification.new(post)
+        end  
+        
+        def self.return(query_string, options = {})
+          Return.new(query_string)
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/two_checkout/helper.rb

@@ -0,0 +1,59 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module TwoCheckout
+        class Helper < ActiveMerchant::Billing::Integrations::Helper
+          def initialize(order, account, options = {})
+            super
+            add_field('fixed', 'Y')
+            
+            if ActiveMerchant::Billing::Base.integration_mode == :test || options[:test]
+              add_field('demo', 'Y')
+            end 
+          end
+          
+          # The 2checkout vendor account number
+          mapping :account, 'sid'
+          
+          # he total amount to be billed, in decimal form, without a currency symbol. (8 characters, decimal, 2 characters: Example: 99999999.99)
+          mapping :amount, 'total'
+        
+          # a unique order id from your program. (128 characters max)
+          mapping :order, 'cart_order_id'
+
+
+          mapping :customer, :email      => 'email',
+                             :phone      => 'phone'
+
+          mapping :billing_address, :city     => 'city',
+                                    :address1 => 'street_address',
+                                    :address2 => 'street_address2',
+                                    :state    => 'state',
+                                    :zip      => 'zip',
+                                    :country  => 'country'
+          
+          mapping :shipping_address, :city     => 'ship_city',
+                                     :address1 => 'ship_street_address',
+                                     :state    => 'ship_state',
+                                     :zip      => 'ship_zip',
+                                     :country  => 'ship_country'
+          
+          mapping :invoice, 'merchant_order_id'
+          
+          # Does nothing, since we've disabled the Continue Shopping button by using the fixed = Y field
+          mapping :return_url, 'return_url'
+          
+          #mapping :description, ''
+          #mapping :tax, ''
+          #mapping :shipping, ''
+          
+          def customer(params = {})
+            add_field(mappings[:customer][:email], params[:email])
+            add_field(mappings[:customer][:phone], params[:phone])
+            add_field('card_holder_name', "#{params[:first_name]} #{params[:last_name]}")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/two_checkout/notification.rb

@@ -0,0 +1,114 @@
+require 'net/http'
+require 'base64'
+require 'digest/md5'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module TwoCheckout
+        class Notification < ActiveMerchant::Billing::Integrations::Notification
+        #  order_number	2Checkout.com order number
+        #   	card_holder_name	Card holder's name
+        #   	street_address	Card holder's address
+        #   	city	Card holder's city
+        #   	state	Card holder's state
+        #   	zip	Card holder's zip
+        #   	country	Card holder's country
+        #   	email	Card holder's email
+        #   	phone	Card holder's phone
+        #   	credit_card_processed	Y if successful, K if waiting for approval
+        #   	total	 Total purchase amount
+        #   	ship_name	Shipping information
+        #   	ship_street_address	Shipping information
+        #   	ship_city	Shipping information
+        #   	ship_state	Shipping information
+        #   	ship_zip	 Shipping information
+        #   	ship_country	Shipping information
+        #   	product_id	2Checkout product ID for purchased items will append a number if more than one item. 
+        #  ex. product_id,product_id1,product_id2
+        #   	quantity	quantity of corresponding product will append a number if more than one item.
+        #  ex. quantity,quantity1,quantity2
+        #   	merchant_product_id	 your product ID for purchased items will append a number if more than one item.
+        #  ex. merchant_product_id,merchant_product_id1,merchant_product_id2
+        #   	product_description	your description for purchased items will append a number if more than one item.
+        #  ex. product_description,product_description1,product_description2
+          
+          def currency
+            'USD'
+          end
+          
+          def complete?
+            status == 'Completed'
+          end 
+
+          def item_id
+            params['cart_order_id']
+          end
+
+          def transaction_id
+            params['order_number']
+          end
+
+          def received_at
+            params['']
+          end
+
+          def payer_email
+            params['email']
+          end
+         
+          def receiver_email
+            params['']
+          end 
+
+          # The MD5 Hash
+          def security_key
+            params['key']
+          end
+
+          # the money amount we received in X.2 decimal.
+          def gross
+            params['total']
+          end
+
+          # Was this a test transaction? # Use the hash
+          def test?
+            params['demo'] == 'Y'
+          end
+
+          def status
+            case params['credit_card_processed']
+            when 'Y'
+              'Completed'
+            when 'K'
+              'Pending'
+            else
+              'Failed'
+            end
+          end
+          
+          def secret
+            @options[:credential2]
+          end
+          
+          def acknowledge
+            return false if security_key.blank?
+            
+            Digest::MD5.hexdigest("#{secret}#{params['sid']}#{transaction_id}#{gross}").upcase == security_key.upcase
+          end
+          
+          private
+          
+          def parse(post)
+            @raw = post.to_s
+            for line in @raw.split('&')    
+              key, value = *line.scan( %r{^(\w+)\=(.*)$} ).flatten
+              params[key] = CGI.unescape(value || '')
+            end
+          end
+          
+        end
+      end
+    end
+  end
+end