gonow-activemerchant 1.15.0

data/lib/active_merchant/billing/gateways/garanti.rb

@@ -0,0 +1,262 @@
+if RUBY_VERSION < '1.9' && $KCODE == "NONE"
+  $KCODE = 'u'
+end
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class GarantiGateway < Gateway
+      URL = 'https://sanalposprov.garanti.com.tr/VPServlet'
+
+      # The countries the gateway supports merchants from as 2 digit ISO country codes
+      self.supported_countries = ['US','TR']
+
+      # The card types supported by the payment gateway
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+
+      # The homepage URL of the gateway
+      self.homepage_url = 'https://sanalposweb.garanti.com.tr'
+
+      # The name of the gateway
+      self.display_name = 'Garanti Sanal POS'
+
+      self.default_currency = 'TRL'
+
+      self.money_format = :cents
+
+      CURRENCY_CODES = {
+        'YTL' => 949,
+        'TRL' => 949,
+        'TL'  => 949,
+        'USD' => 840,
+        'EUR' => 978,
+        'GBP' => 826,
+        'JPY' => 392
+      }
+
+
+      def initialize(options = {})
+        requires!(options, :login, :password, :terminal_id, :merchant_id)
+        @options = options
+        super
+      end
+
+      def purchase(money, credit_card, options = {})
+        options = options.merge(:gvp_order_type => "sales")
+        commit(money, build_sale_request(money, credit_card, options))
+      end
+
+      def authorize(money, credit_card, options = {})
+        options = options.merge(:gvp_order_type => "preauth")
+        commit(money, build_authorize_request(money, credit_card, options))
+      end
+
+      def capture(money, ref_id, options = {})
+        options = options.merge(:gvp_order_type => "postauth")
+        commit(money, build_capture_request(money, ref_id, options))
+      end
+
+      private
+
+      def security_data
+        rjusted_terminal_id = @options[:terminal_id].to_s.rjust(9, "0")
+        Digest::SHA1.hexdigest(@options[:password].to_s + rjusted_terminal_id).upcase
+      end
+
+      def generate_hash_data(order_id, terminal_id, credit_card_number, amount, security_data)
+        data = [order_id, terminal_id, credit_card_number, amount, security_data].join
+        Digest::SHA1.hexdigest(data).upcase
+      end
+
+      def build_xml_request(money, credit_card, options, &block)
+        card_number = credit_card.respond_to?(:number) ? credit_card.number : ''
+        hash_data   = generate_hash_data(format_order_id(options[:order_id]), @options[:terminal_id], card_number, amount(money), security_data)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct! :xml, :version => "1.0", :encoding => "UTF-8"
+
+        xml.tag! 'GVPSRequest' do
+          xml.tag! 'Mode', test? ? 'TEST' : 'PROD'
+          xml.tag! 'Version', 'V0.01'
+          xml.tag! 'Terminal' do
+            xml.tag! 'ProvUserID', 'PROVAUT'
+            xml.tag! 'HashData', hash_data
+            xml.tag! 'UserID', @options[:login]
+            xml.tag! 'ID', @options[:terminal_id]
+            xml.tag! 'MerchantID', @options[:merchant_id]
+          end
+
+          if block_given?
+            yield xml
+          else
+            xml.target!
+          end
+        end
+      end
+
+      def build_sale_request(money, credit_card, options)
+        build_xml_request(money, credit_card, options) do |xml|
+          add_customer_data(xml, options)
+          add_order_data(xml, options) do |xml|
+            add_addresses(xml, options)
+          end
+          add_credit_card(xml, credit_card)
+          add_transaction_data(xml, money, options)
+
+          xml.target!
+        end
+      end
+
+      def build_authorize_request(money, credit_card, options)
+         build_xml_request(money, credit_card, options) do |xml|
+          add_customer_data(xml, options)
+          add_order_data(xml, options)  do |xml|
+            add_addresses(xml, options)
+          end
+          add_credit_card(xml, credit_card)
+          add_transaction_data(xml, money, options)
+
+          xml.target!
+        end
+      end
+
+      def build_capture_request(money, ref_id, options)
+        options = options.merge(:order_id => ref_id)
+         build_xml_request(money, ref_id, options) do |xml|
+          add_customer_data(xml, options)
+          add_order_data(xml, options)
+          add_transaction_data(xml, money, options)
+
+          xml.target!
+        end
+      end
+
+      def add_customer_data(xml, options)
+        xml.tag! 'Customer' do
+          xml.tag! 'IPAddress', options[:ip] || '1.1.1.1'
+          xml.tag! 'EmailAddress', options[:email]
+        end
+      end
+
+      def add_order_data(xml, options, &block)
+        xml.tag! 'Order' do
+          xml.tag! 'OrderID', format_order_id(options[:order_id])
+          xml.tag! 'GroupID'
+
+          if block_given?
+            yield xml
+          end
+        end
+      end
+
+      def add_credit_card(xml, credit_card)
+        xml.tag! 'Card' do
+          xml.tag! 'Number', credit_card.number
+          xml.tag! 'ExpireDate', [format_exp(credit_card.month), format_exp(credit_card.year)].join
+          xml.tag! 'CVV2', credit_card.verification_value
+        end
+      end
+
+      def format_exp(value)
+        format(value, :two_digits)
+      end
+
+      # OrderId field must be A-Za-z0-9_ format and max 36 char
+      def format_order_id(order_id)
+        order_id.to_s.gsub(/[^A-Za-z0-9_]/, '')[0...36]
+      end
+
+      def add_addresses(xml, options)
+        xml.tag! 'AddressList' do
+          if billing_address = options[:billing_address] || options[:address]
+            xml.tag! 'Address' do
+              xml.tag! 'Type', 'B'
+              add_address(xml, billing_address)
+            end
+          end
+
+          if options[:shipping_address]
+            xml.tag! 'Address' do
+              xml.tag! 'Type', 'S'
+              add_address(xml, options[:shipping_address])
+            end
+          end
+        end
+      end
+
+      def add_address(xml, address)
+        xml.tag! 'Name', normalize(address[:name])
+        address_text = address[:address1]
+        address_text << " #{ address[:address2]}" if address[:address2]
+        xml.tag! 'Text', normalize(address_text)
+        xml.tag! 'City', normalize(address[:city])
+        xml.tag! 'District', normalize(address[:state])
+        xml.tag! 'PostalCode', address[:zip]
+        xml.tag! 'Country', normalize(address[:country])
+        xml.tag! 'Company', normalize(address[:company])
+        xml.tag! 'PhoneNumber', address[:phone].to_s.gsub(/[^0-9]/, '') if address[:phone]
+      end
+
+      def normalize(text)
+        return unless text
+        
+        if ActiveSupport::Inflector.method(:transliterate).arity == -2
+          ActiveSupport::Inflector.transliterate(text,'')
+        elsif RUBY_VERSION >= '1.9'
+          text.gsub(/[^\x00-\x7F]+/, '')
+        else
+          ActiveSupport::Inflector.transliterate(text).to_s
+        end
+      end
+
+      def add_transaction_data(xml, money, options)
+        xml.tag! 'Transaction' do
+          xml.tag! 'Type', options[:gvp_order_type]
+          xml.tag! 'Amount', amount(money)
+          xml.tag! 'CurrencyCode', currency_code(options[:currency] || currency(money))
+          xml.tag! 'CardholderPresentCode', 0
+        end
+      end
+
+      def currency_code(currency)
+        CURRENCY_CODES[currency] || CURRENCY_CODES[default_currency]
+      end
+
+      def commit(money,request)
+        raw_response = ssl_post(URL, "data=" + request)
+        response = parse(raw_response)
+
+        success = success?(response)
+
+        Response.new(success,
+                     success ? 'Approved' : "Declined (Reason: #{response[:reason_code]} - #{response[:error_msg]} - #{response[:sys_err_msg]})",
+                     response,
+                     :test => test?,
+                     :authorization => response[:order_id])
+      end
+
+      def parse(body)
+        xml = REXML::Document.new(body)
+
+        response = {}
+        xml.root.elements.to_a.each do |node|
+          parse_element(response, node)
+        end
+        response
+      end
+
+      def parse_element(response, node)
+        if node.has_elements?
+          node.elements.each{|element| parse_element(response, element) }
+        else
+          response[node.name.underscore.to_sym] = node.text
+        end
+      end
+
+      def success?(response)
+        response[:message] == "Approved"
+      end
+
+    end
+  end
+end
+

data/lib/active_merchant/billing/gateways/ideal/ideal_base.rb

@@ -0,0 +1,250 @@
+require File.dirname(__FILE__) + '/ideal_response'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # Implementation contains some simplifications
+    # - does not support multiple subID per merchant
+    # - language is fixed to 'nl'
+    class IdealBaseGateway < Gateway
+      class_attribute :test_url, :live_url, :server_pem, :pem_password, :default_expiration_period
+      self.default_expiration_period = 'PT10M'
+      self.default_currency = 'EUR'
+      self.pem_password = true
+
+      # These constants will never change for most users
+      AUTHENTICATION_TYPE = 'SHA1_RSA'
+      LANGUAGE = 'nl'
+      SUB_ID = '0'
+      API_VERSION = '1.1.0'
+
+      attr_reader :url
+
+      def initialize(options = {})
+        requires!(options, :login, :password, :pem)
+        @options = options
+
+        @options[:pem_password] = options[:password]
+        @url = test? ? test_url : live_url
+        super
+      end
+
+      # Setup transaction. Get redirect_url from response.service_url
+      def setup_purchase(money, options = {})
+        requires!(options, :issuer_id, :return_url, :order_id, :currency, :description, :entrance_code)
+
+        commit(build_transaction_request(money, options))
+      end
+
+      # Check status of transaction and confirm payment
+      # transaction_id must be a valid transaction_id from a prior setup.
+      def capture(transaction, options = {})
+        options[:transaction_id] = transaction
+        commit(build_status_request(options))
+      end
+
+      # Get list of issuers from response.issuer_list
+      def issuers
+        commit(build_directory_request)
+      end
+
+      def test?
+        @options[:test] || Base.gateway_mode == :test
+      end
+
+      private
+      def token
+        if @token.nil?
+          @token = create_fingerprint(@options[:pem])
+        end
+        @token
+      end
+
+      # <?xml version="1.0" encoding="UTF-8"?>
+      # <AcquirerTrxReq xmlns="http://www.idealdesk.com/Message" version="1.1.0">
+      #  <createDateTimeStamp>2001-12-17T09:30:47.0Z</createDateTimeStamp>
+      #  <Issuer>
+      #   <issuerID>1003</issuerID>
+      #  </Issuer>
+      #   <Merchant>
+      #     <merchantID>000123456</merchantID>
+      #     <subID>0</subID>
+      #     <authentication>passkey</authentication>
+      #     <token>1</token>
+      #     <tokenCode>3823ad872eff23</tokenCode>
+      #     <merchantReturnURL>https://www.mijnwinkel.nl/betaalafhandeling
+      #      </merchantReturnURL>
+      #   </Merchant>
+      #   <Transaction>
+      #     <purchaseID>iDEAL-aankoop 21</purchaseID>
+      #     <amount>5999</amount>
+      #     <currency>EUR</currency>
+      #     <expirationPeriod>PT3M30S</expirationPeriod>
+      #     <language>nl</language>
+      #     <description>Documentensuite</description>
+      #     <entranceCode>D67tyx6rw9IhY71</entranceCode>
+      #   </Transaction>
+      # </AcquirerTrxReq>
+      def build_transaction_request(money, options)
+        date_time_stamp = create_time_stamp
+        message  = date_time_stamp +
+                   options[:issuer_id] +
+                   @options[:login] +
+                   SUB_ID +
+                   options[:return_url] +
+                   options[:order_id] +
+                   money.to_s +
+                   (options[:currency] || currency(money)) +
+                   LANGUAGE +
+                   options[:description] +
+                   options[:entrance_code]
+        token_code = sign_message(@options[:pem], @options[:password], message)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!
+        xml.tag! 'AcquirerTrxReq', 'xmlns' => 'http://www.idealdesk.com/Message', 'version' => API_VERSION do
+          xml.tag! 'createDateTimeStamp', date_time_stamp
+          xml.tag! 'Issuer' do
+            xml.tag! 'issuerID', options[:issuer_id]
+          end
+          xml.tag! 'Merchant' do
+            xml.tag! 'merchantID', @options[:login]
+            xml.tag! 'subID', SUB_ID
+            xml.tag! 'authentication', AUTHENTICATION_TYPE
+            xml.tag! 'token', token
+            xml.tag! 'tokenCode', token_code
+            xml.tag! 'merchantReturnURL', options[:return_url]
+          end
+          xml.tag! 'Transaction' do
+            xml.tag! 'purchaseID', options[:order_id]
+            xml.tag! 'amount', money
+            xml.tag! 'currency', options[:currency]
+            xml.tag! 'expirationPeriod', options[:expiration_period] || default_expiration_period
+            xml.tag! 'language', LANGUAGE
+            xml.tag! 'description', options[:description]
+            xml.tag! 'entranceCode', options[:entrance_code]
+          end
+          xml.target!
+        end
+      end
+
+      # <?xml version="1.0" encoding="UTF-8"?>
+      # <AcquirerStatusReq xmlns="http://www.idealdesk.com/Message" version="1.1.0">
+      #  <createDateTimeStamp>2001-12-17T09:30:47.0Z</createDateTimeStamp>
+      #  <Merchant>
+      #   <merchantID>000123456</merchantID>
+      #   <subID>0</subID>
+      #   <authentication>keyed hash</authentication>
+      #   <token>1</token>
+      #   <tokenCode>3823ad872eff23</tokenCode>
+      #  </Merchant>
+      #  <Transaction>
+      #   <transactionID>0001023456789112</transactionID>
+      #  </Transaction>
+      # </AcquirerStatusReq>
+      def build_status_request(options)
+        datetimestamp = create_time_stamp
+        message = datetimestamp + @options[:login] + SUB_ID + options[:transaction_id]
+        tokenCode = sign_message(@options[:pem], @options[:password], message)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!
+        xml.tag! 'AcquirerStatusReq', 'xmlns' => 'http://www.idealdesk.com/Message', 'version' => API_VERSION do
+          xml.tag! 'createDateTimeStamp', datetimestamp
+          xml.tag! 'Merchant' do
+            xml.tag! 'merchantID', @options[:login]
+            xml.tag! 'subID', SUB_ID
+            xml.tag! 'authentication' , AUTHENTICATION_TYPE
+            xml.tag! 'token', token
+            xml.tag! 'tokenCode', tokenCode
+          end
+          xml.tag! 'Transaction' do
+            xml.tag! 'transactionID', options[:transaction_id]
+          end
+        end
+        xml.target!
+      end
+
+      # <?xml version="1.0" encoding="UTF-8"?>
+      # <DirectoryReq xmlns="http://www.idealdesk.com/Message" version="1.1.0">
+      #  <createDateTimeStamp>2001-12-17T09:30:47.0Z</createDateTimeStamp>
+      #  <Merchant>
+      #   <merchantID>000000001</merchantID>
+      #   <subID>0</subID>
+      #   <authentication>1</authentication>
+      #   <token>hashkey</token>
+      #   <tokenCode>WajqV1a3nDen0be2r196g9FGFF=</tokenCode>
+      #  </Merchant>
+      # </DirectoryReq>
+      def build_directory_request
+        datetimestamp = create_time_stamp
+        message = datetimestamp + @options[:login] + SUB_ID
+        tokenCode = sign_message(@options[:pem], @options[:password], message)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!
+        xml.tag! 'DirectoryReq', 'xmlns' => 'http://www.idealdesk.com/Message', 'version' => API_VERSION do
+          xml.tag! 'createDateTimeStamp', datetimestamp
+          xml.tag! 'Merchant' do
+            xml.tag! 'merchantID', @options[:login]
+            xml.tag! 'subID', SUB_ID
+            xml.tag! 'authentication', AUTHENTICATION_TYPE
+            xml.tag! 'token', token
+            xml.tag! 'tokenCode', tokenCode
+          end
+        end
+        xml.target!
+      end
+
+      def commit(request)
+        raw_response = ssl_post(url, request)
+        response = Hash.from_xml(raw_response.to_s)
+        response_type = response.keys[0]
+
+        case response_type
+          when 'AcquirerTrxRes', 'DirectoryRes'
+            success = true
+          when 'ErrorRes'
+            success = false
+          when 'AcquirerStatusRes'
+            raise SecurityError, "Message verification failed.", caller unless status_response_verified?(response)
+            success = (response['AcquirerStatusRes']['Transaction']['status'] == 'Success')
+          else
+            raise ArgumentError, "Unknown response type.", caller
+        end
+
+        return IdealResponse.new(success, response.keys[0], response, :test => test?)
+      end
+
+      def create_fingerprint(cert_file)
+        cert_data   = OpenSSL::X509::Certificate.new(cert_file).to_s
+        cert_data   = cert_data.sub(/-----BEGIN CERTIFICATE-----/, '')
+        cert_data   = cert_data.sub(/-----END CERTIFICATE-----/, '')
+        fingerprint = ActiveSupport::Base64.decode64(cert_data)
+        fingerprint = Digest::SHA1.hexdigest(fingerprint)
+        return fingerprint.upcase
+      end
+
+      def sign_message(private_key_data, password, data)
+        private_key  = OpenSSL::PKey::RSA.new(private_key_data, password)
+        signature = private_key.sign(OpenSSL::Digest::SHA1.new, data.gsub('\s', ''))
+        return ActiveSupport::Base64.encode64(signature).gsub(/\n/, '')
+      end
+
+      def verify_message(cert_file, data, signature)
+        public_key = OpenSSL::X509::Certificate.new(cert_file).public_key
+        return public_key.verify(OpenSSL::Digest::SHA1.new, ActiveSupport::Base64.decode64(signature), data)
+      end
+
+      def status_response_verified?(response)
+        transaction = response['AcquirerStatusRes']['Transaction']
+        message = response['AcquirerStatusRes']['createDateTimeStamp'] + transaction['transactionID' ] + transaction['status']
+        message << transaction['consumerAccountNumber'].to_s
+        verify_message(server_pem, message, response['AcquirerStatusRes']['Signature']['signatureValue'])
+      end
+
+      def create_time_stamp
+        Time.now.gmtime.strftime('%Y-%m-%dT%H:%M:%S.000Z')
+      end
+    end
+  end
+end