floorplanner-adyen 0.2.2

data/lib/adyen/soap.rb

@@ -0,0 +1,153 @@
+require "handsoap"
+
+module Adyen
+
+  # The SOAP module contains classes that interact with the Adyen
+  # SOAP services. The clients are based on the Handsoap library.
+  # Shared functionality for all services is implemented in the
+  # Adyen::SOAP::Base class.
+  #
+  # Note that you'll need an Adyen notification PSP reference for
+  # most SOAP calls. Because of this, store all notifications that
+  # Adyen sends to you. (e.g. using the Adyen::Notification ActiveRecord
+  # class). Moreover, most SOAP calls do not respond that they were
+  # successful immediately, but a notifications to indicate that will
+  # be sent later on.
+  #
+  # You'll need to provide a username and password to interact
+  # with the Adyen SOAP services:
+  #
+  #     Adyen::SOAP.username = 'ws@Company.MyAccount'
+  #     Adyen::SOAP.password = 'very$ecret'
+  #
+  # You can setup default values for every SOAP call that needs them:
+  #
+  #     Adyen::SOAP.default_arguments[:merchent_account] = 'MyMerchant'
+  #
+  # For now, only the recurring payment service client is implemented
+  # (Adyen::SOAP::RecurringService).
+  module SOAP
+
+    class << self
+      # Set up accessors for HTTP Basic Authentication and
+      # for adding default arguments to SOAP calls.
+      attr_accessor :username, :password, :default_arguments
+    end
+
+    # Use no default arguments by default
+    self.default_arguments = {}
+
+    # The base class sets up XML namespaces and HTTP authentication
+    # for all the Adyen SOAP services
+    class Base < Handsoap::Service
+
+      def self.inherited(klass)
+        # The version must be set to construct the request envelopes,
+        # the URI wil be set later using the correct Adyen.environment.
+        klass.endpoint :version => 1, :uri => 'bogus'
+      end
+
+      # Setup basic auth headers in the HTTP client
+      def on_after_create_http_client(http_client)
+        debug { |logger| logger.puts "Authorization: #{Adyen::SOAP.username}:#{Adyen::SOAP.password}..." }
+        # Handsoap BUG: Setting headers does not work, using a Curb specific method for now.
+        # auth = Base64.encode64("#{Adyen::SOAP.username}:#{Adyen::SOAP.password}").chomp
+        # http_client.headers['Authorization'] = "Basic #{auth}"
+        http_client.userpwd         = "#{Adyen::SOAP.username}:#{Adyen::SOAP.password}"
+        # We explicitly set the http_client, curb in this case, to follow the location.
+        # By doing so, we avoid the cryptic Curl::Err::TooManyRedirectsError error.
+        http_client.follow_location = true
+        http_client.max_redirects   = 1
+      end
+
+      # Setup XML namespaces for SOAP request body
+      def on_create_document(doc)
+        doc.alias 'payment',   'http://payment.services.adyen.com'
+        doc.alias 'recurring', 'http://recurring.services.adyen.com'
+        doc.alias 'common',    'http://common.services.adyen.com'
+      end
+
+      # Setup XML namespaces for SOAP response
+      def on_response_document(doc)
+        doc.add_namespace 'payment',   'http://payment.services.adyen.com'
+        doc.add_namespace 'recurring', 'http://recurring.services.adyen.com'
+        doc.add_namespace 'common',    'http://common.services.adyen.com'
+      end
+
+      # Set endpoint URI before dispatch, so that changes in environment
+      # are reflected correctly.
+      def on_before_dispatch
+        self.class.endpoint(:uri => self.class::ENDPOINT_URI % Adyen.environment.to_s, :version => 1)
+      end
+    end
+
+    # SOAP client to interact with the payment modification service of Adyen.
+    # At this moment, none of the calls are implemented.
+    class PaymentService < Base
+
+      ENDPOINT_URI = 'https://pal-%s.adyen.com/pal/servlet/soap/Payment'
+
+    end
+
+    # SOAP client to interact with the recurring payment service of Adyen.
+    # This client implements the submitRecurring call to submit payments
+    # for a recurring contract. Moreover, it implements the deactiveRecurring
+    # call to cancel a recurring contract.
+    #
+    # See the Adyen Recurring manual for more information about this SOAP service
+    class RecurringService < Base
+
+      ENDPOINT_URI = 'https://pal-%s.adyen.com/pal/servlet/soap/Recurring'
+
+      # Submits a recurring payment. Requires the following arguments as hash:
+      #
+      # * <tt>:currency</tt> The currency code (EUR, GBP, USD, etc)
+      # * <tt>:value</tt> The value of the payments in cents
+      # * <tt>:merchent_account</tt> The merchant account under which to place
+      #       this payment.
+      # * <tt>:recurring_reference</tt> The psp_reference of the RECURRING_CONTRACT
+      #       notification that was sent after the initial payment.
+      # * <tt>:reference</tt> The (merchant) reference for this payment.
+      # * <tt>:shopper_email</tt> The email address of the shopper.
+      # * <tt>:shopper_reference</tt> The refrence of the shopper. This should be
+      #       the same as the reference that was used to create the recurring contract.
+      def submit(args = {})
+        invoke_args = Adyen::SOAP.default_arguments.merge(args)
+        response = invoke('recurring:submitRecurring') do |message|
+          message.add('recurring:recurringRequest') do |req|
+            req.add('recurring:amount') do |amount|
+              amount.add('common:currency', invoke_args[:currency])
+              amount.add('common:value', invoke_args[:value])
+            end
+            req.add('recurring:merchantAccount', invoke_args[:merchant_account])
+            req.add('recurring:recurringReference', invoke_args[:recurring_reference])
+            req.add('recurring:reference', invoke_args[:reference])
+            req.add('recurring:shopperEmail', invoke_args[:shopper_email])
+            req.add('recurring:shopperReference', invoke_args[:shopper_reference])
+          end
+        end
+      end
+
+      # Deactivates a recurring payment contract. Requires the following arguments:
+      #
+      # * <tt>:merchent_account</tt> The merchant account under which to place
+      #       this payment.
+      # * <tt>:recurring_reference</tt> The psp_reference of the RECURRING_CONTRACT
+      #       notification that was sent after the initial payment.
+      # * <tt>:reference</tt> The (merchant) reference for this deactivation.
+      # * <tt>:shopper_reference</tt> The refrence of the shopper. This should be
+      #       the same as the reference that was used to create the recurring contract.
+      def deactivate(args = {})
+        invoke_args = Adyen::SOAP.default_arguments.merge(args)
+        response = invoke('recurring:deactivateRecurring') do |message|
+          message.add('recurring:recurringRequest') do |req|
+            req.add('recurring:merchantAccount', invoke_args[:merchant_account])
+            req.add('recurring:recurringReference', invoke_args[:recurring_reference])
+            req.add('recurring:reference', invoke_args[:reference])
+            req.add('recurring:shopperReference', invoke_args[:shopper_reference])
+          end
+        end
+      end
+    end
+  end
+end

data/spec/adyen_spec.rb

@@ -0,0 +1,53 @@
+require "#{File.dirname(__FILE__)}/spec_helper.rb"
+
+describe Adyen do
+  describe Adyen::Encoding do
+    it "should a hmac_base64 correcly" do
+      encoded_str = Adyen::Encoding.hmac_base64('bla', 'bla')
+      encoded_str.should_not be_blank
+      encoded_str.size.should == 28
+    end
+
+    it "should gzip_base64 correcly" do
+      encoded_str = Adyen::Encoding.gzip_base64('bla')
+      encoded_str.should_not be_blank
+      encoded_str.size.should == 32
+    end
+  end
+
+  describe Adyen::Formatter::DateTime do
+    it "should accept dates" do
+      Adyen::Formatter::DateTime.fmt_date(Date.today).should match(/^\d{4}-\d{2}-\d{2}$/)
+    end
+
+    it "should accept times" do
+      Adyen::Formatter::DateTime.fmt_time(Time.now).should match(/^\d{4}-\d{2}-\d{2}T\d{2}\:\d{2}\:\d{2}Z$/)
+    end
+
+    it "should accept valid time strings" do
+      Adyen::Formatter::DateTime.fmt_time('2009-01-01T11:11:11Z').should match(/^\d{4}-\d{2}-\d{2}T\d{2}\:\d{2}\:\d{2}Z$/)
+    end
+
+    it "should accept valid time strings" do
+      Adyen::Formatter::DateTime.fmt_date('2009-01-01').should match(/^\d{4}-\d{2}-\d{2}$/)
+    end
+
+    it "should raise on an invalid time string" do
+      lambda { Adyen::Formatter::DateTime.fmt_time('2009-01-01 11:11:11') }.should raise_error
+    end
+
+    it "should raise on an invalid date string" do
+      lambda { Adyen::Formatter::DateTime.fmt_date('2009-1-1') }.should raise_error
+    end
+  end
+
+  describe Adyen::Formatter::Price do
+    it "should return a Fixnum with digits only when converting to cents" do
+      Adyen::Formatter::Price.in_cents(33.76).should be_kind_of(Fixnum)
+    end
+
+    it "should return a BigDecimal when converting from cents" do
+      Adyen::Formatter::Price.from_cents(1234).should be_kind_of(BigDecimal)
+    end
+  end
+end

data/spec/form_spec.rb

@@ -0,0 +1,152 @@
+require "#{File.dirname(__FILE__)}/spec_helper.rb"
+
+describe Adyen::Form do
+
+  before(:all) do
+    Adyen::Form.register_skin(:testing, '4aD37dJA', 'Kah942*$7sdp0)')
+    Adyen::Form.default_parameters[:merchant_account] = 'TestMerchant'
+  end
+
+  describe 'Action URLs' do
+
+    before(:each) do
+      # Use autodetection for the environment unless otherwise specified
+      Adyen.environment = nil
+    end
+
+    it "should generate correct the testing url" do
+      Adyen::Form.url.should eql('https://test.adyen.com/hpp/select.shtml')
+    end
+
+    it "should generate a live url if the environemtn is set top live" do
+      Adyen.environment = :live
+      Adyen::Form.url.should eql('https://live.adyen.com/hpp/select.shtml')
+    end
+
+    it "should generate correct live url in a production environment" do
+      Adyen.stub!(:autodetect_environment).and_return('live')
+      Adyen::Form.url.should eql('https://live.adyen.com/hpp/select.shtml')
+    end
+
+    it "should generate correct live url if explicitely asked for" do
+      Adyen::Form.url(:live).should eql('https://live.adyen.com/hpp/select.shtml')
+    end
+  end
+
+  describe 'redirect signature check' do
+    before(:each) do
+      # Example taken from integration manual
+
+      # Example get params sent back with redirect
+      @params = { :authResult => 'AUTHORISED', :pspReference => '1211992213193029',
+        :merchantReference => 'Internet Order 12345', :skinCode => '4aD37dJA',
+        :merchantSig => 'ytt3QxWoEhAskUzUne0P5VA9lPw='}
+    end
+
+    it "should calculate the signature string correctly" do
+      Adyen::Form.redirect_signature_string(@params).should eql('AUTHORISED1211992213193029Internet Order 123454aD37dJA')
+    end
+
+    it "should calculate the signature correctly" do
+      Adyen::Form.redirect_signature(@params).should eql(@params[:merchantSig])
+    end
+
+    it "should check the signature correctly with explicit shared signature" do
+      Adyen::Form.redirect_signature_check(@params, 'Kah942*$7sdp0)').should be_true
+    end
+
+    it "should check the signature correctly using the stored shared secret" do
+      Adyen::Form.redirect_signature_check(@params).should be_true
+    end
+
+
+    it "should detect a tampered field" do
+      Adyen::Form.redirect_signature_check(@params.merge(:pspReference => 'tampered')).should be_false
+    end
+
+    it "should detect a tampered signature" do
+      Adyen::Form.redirect_signature_check(@params.merge(:merchantSig => 'tampered')).should be_false
+    end
+
+  end
+
+  describe 'redirect URL generation' do
+    before(:each) do
+      @attributes = { :currency_code => 'GBP', :payment_amount => 10000, :ship_before_date => Date.today,
+        :merchant_reference => 'Internet Order 12345', :skin => :testing,
+        :session_validity => 1.hour.from_now }
+
+      @redirect_url = Adyen::Form.redirect_url(@attributes)
+    end
+    
+    it "should return an URL pointing to the adyen server" do
+      @redirect_url.should =~ %r[^#{Adyen::Form.url}]
+    end
+    
+    it "should include all provided attributes" do
+      params = @redirect_url.split('?', 2).last.split('&').map { |param| param.split('=', 2).first }
+      params.should include(*(@attributes.keys.map { |k| k.to_s.camelize(:lower) }))
+    end
+    
+    it "should include the merchant signature" do
+      params = @redirect_url.split('?', 2).last.split('&').map { |param| param.split('=', 2).first }
+      params.should include('merchantSig')
+    end
+  end
+
+  describe 'hidden fields generation' do
+
+    include ActionView::Helpers::TagHelper
+
+    before(:each) do
+      @attributes = { :currency_code => 'GBP', :payment_amount => 10000, :ship_before_date => Date.today,
+        :merchant_reference => 'Internet Order 12345', :skin => :testing,
+        :session_validity => 1.hour.from_now }
+    end
+
+    it "should generate a valid payment form" do
+      content_tag(:form, Adyen::Form.hidden_fields(@attributes),
+          :action => Adyen::Form.url, :method => :post).should have_adyen_payment_form
+    end
+  end
+
+  describe 'signature calculation' do
+
+    # This example is taken from the Adyen integration manual
+
+    before(:each) do
+
+      @parameters = { :currency_code => 'GBP', :payment_amount => 10000,
+        :ship_before_date => '2007-10-20', :merchant_reference => 'Internet Order 12345',
+        :skin => :testing, :session_validity => '2007-10-11T11:00:00Z' }
+
+      Adyen::Form.do_parameter_transformations!(@parameters)
+    end
+
+    it "should construct the signature string correctly" do
+      signature_string = Adyen::Form.calculate_signature_string(@parameters)
+      signature_string.should eql("10000GBP2007-10-20Internet Order 123454aD37dJATestMerchant2007-10-11T11:00:00Z")
+    end
+    
+    it "should calculate the signature correctly" do
+      signature = Adyen::Form.calculate_signature(@parameters)
+      signature.should eql('x58ZcRVL1H6y+XSeBGrySJ9ACVo=')
+    end
+
+    it "should calculate the signature correctly for a recurring payment" do
+      # Add the required recurrent payment attributes
+      @parameters.merge!(:recurring_contract => 'DEFAULT', :shopper_reference => 'grasshopper52', :shopper_email => 'gras.shopper@somewhere.org')
+
+      signature_string = Adyen::Form.calculate_signature_string(@parameters)
+      signature_string.should eql("10000GBP2007-10-20Internet Order 123454aD37dJATestMerchant2007-10-11T11:00:00Zgras.shopper@somewhere.orggrasshopper52DEFAULT")
+    end
+
+    it "should calculate the signature correctly for a recurring payment" do
+      # Add the required recurrent payment attributes
+      @parameters.merge!(:recurring_contract => 'DEFAULT', :shopper_reference => 'grasshopper52', :shopper_email => 'gras.shopper@somewhere.org')
+
+      signature = Adyen::Form.calculate_signature(@parameters)
+      signature.should eql('F2BQEYbE+EUhiRGuPtcD16Gm7JY=')
+    end
+  end
+end

data/spec/notification_spec.rb

@@ -0,0 +1,97 @@
+require "#{File.dirname(__FILE__)}/spec_helper.rb"
+
+describe Adyen::Notification do
+
+  before(:all) do
+    ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => ':memory:')
+
+    ActiveRecord::Migration.verbose = false
+    Adyen::Notification::Migration.up
+  end
+
+  after(:all) do
+    Adyen::Notification::Migration.down
+  end
+
+  describe Adyen::Notification::HttpPost do
+
+    describe 'receiving payment authorization notification' do
+
+      before(:each) do
+        @request = mock('request')
+        @request.stub!(:params).and_return({
+              "merchantAccountCode"=>"FloorPlannerNL", "eventCode"=>"AUTHORISATION",
+              "paymentMethod"=>"mc", "eventDate"=>"2009-08-10T09:00:08.04Z",
+              "operations"=>"CANCEL,CAPTURE,REFUND", "merchantReference"=>"4",
+              "action"=>"process_adyen", "live"=>"false", "controller"=>"payment_notifications",
+              "value"=>"2500", "success"=>"false", "reason"=>"10676:1111:12/2012",
+              "originalReference"=>"", "pspReference"=>"8712498948081194", "currency"=>"USD"})
+
+        @notification = Adyen::Notification::HttpPost.log(@request)
+      end
+
+      after(:each) { @notification.destroy }
+
+      it "should have saved the notification record" do
+        @notification.should_not be_new_record
+      end
+
+      it "should be an authorization" do
+        @notification.should be_authorisation
+      end
+
+      it "should convert the amount to a bigdecimal" do
+        @notification.value.should eql(BigDecimal.new('25.00'))
+      end
+
+      it "should convert live to a boolean" do
+        @notification.should_not be_live
+      end
+
+      it "should convert success to a boolean" do
+        @notification.should_not be_success
+      end
+
+      it "should not be a successfull authorization" do
+        @notification.should_not be_successful_authorization
+      end
+
+      it "should convert the eventDate" do
+        @notification.event_date.should be_kind_of(Time)
+      end
+
+      it "should convert the empty original reference to NULL" do
+        @notification.original_reference.should be_nil
+      end
+    end
+
+    context 'duplicate detection' do
+      before(:each) do
+
+        @fields = { "merchantAccountCode"=>"FloorPlannerNL", "eventCode"=>"AUTHORISATION",
+                    "paymentMethod"=>"mc", "eventDate"=>"2009-08-10T09:00:08.04Z",
+                    "operations"=>"CANCEL,CAPTURE,REFUND", "merchantReference"=>"4",
+                    "action"=>"process_adyen", "live"=>"false", "controller"=>"payment_notifications",
+                    "value"=>"2500", "success"=>"false", "reason"=>"10676:1111:12/2012",
+                    "originalReference"=>"", "pspReference"=>"8712498948081194", "currency"=>"USD"}
+
+        @request = mock('request')
+        @request.stub!(:params).and_return(@fields)
+        @notification = Adyen::Notification::HttpPost.log(@request)
+      end
+
+      after(:each) { @notification.destroy }
+
+      it "should raise an error on a duplicate notification" do
+        lambda { Adyen::Notification::HttpPost.log(@request) }.should raise_error(ActiveRecord::RecordInvalid)
+      end
+
+      it "should not raise an error on a when success is set to true" do
+        second_request = mock('request')
+        second_request.stub!(:params).and_return(@fields.merge('success' => 'true'))
+        lambda { Adyen::Notification::HttpPost.log(second_request) }.should_not raise_error
+      end
+
+    end
+  end
+end