jelaniharris-activemerchant 1.24.1

data/lib/active_merchant/billing/gateways/quickpay.rb

@@ -0,0 +1,298 @@
+require 'rexml/document'
+require 'digest/md5'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class QuickpayGateway < Gateway
+      URL = 'https://secure.quickpay.dk/api'
+
+      self.default_currency = 'DKK'
+      self.money_format = :cents
+      self.supported_cardtypes = [:dankort, :forbrugsforeningen, :visa, :master, :american_express, :diners_club, :jcb, :maestro]
+      self.supported_countries = ['DK', 'SE']
+      self.homepage_url = 'http://quickpay.dk/'
+      self.display_name = 'Quickpay'
+
+      MD5_CHECK_FIELDS = {
+        3 => {
+          :authorize => %w(protocol msgtype merchant ordernumber amount
+                           currency autocapture cardnumber expirationdate
+                           cvd cardtypelock testmode),
+
+          :capture   => %w(protocol msgtype merchant amount transaction),
+
+          :cancel    => %w(protocol msgtype merchant transaction),
+
+          :refund    => %w(protocol msgtype merchant amount transaction),
+
+          :subscribe => %w(protocol msgtype merchant ordernumber cardnumber
+                           expirationdate cvd cardtypelock description testmode),
+
+          :recurring => %w(protocol msgtype merchant ordernumber amount
+                           currency autocapture transaction),
+
+          :status    => %w(protocol msgtype merchant transaction),
+
+          :chstatus  => %w(protocol msgtype merchant)
+        },
+
+        4 => {
+          :authorize => %w(protocol msgtype merchant ordernumber amount
+                           currency autocapture cardnumber expirationdate cvd
+                           cardtypelock testmode fraud_remote_addr
+                           fraud_http_accept fraud_http_accept_language
+                           fraud_http_accept_encoding fraud_http_accept_charset
+                           fraud_http_referer fraud_http_user_agent apikey),
+
+          :capture   => %w(protocol msgtype merchant amount transaction
+                           fraud_remote_addr fraud_http_accept
+                           fraud_http_accept_language fraud_http_accept_encoding
+                           fraud_http_accept_charset fraud_http_referer
+                           fraud_http_user_agent apikey),
+
+          :cancel    => %w(protocol msgtype merchant transaction fraud_remote_addr
+                           fraud_http_accept fraud_http_accept_language
+                           fraud_http_accept_encoding fraud_http_accept_charset
+                           fraud_http_referer fraud_http_user_agent apikey),
+
+          :refund    => %w(protocol msgtype merchant amount transaction
+                           fraud_remote_addr fraud_http_accept fraud_http_accept_language
+                           fraud_http_accept_encoding fraud_http_accept_charset
+                           fraud_http_referer fraud_http_user_agent apikey),
+
+          :subscribe => %w(protocol msgtype merchant ordernumber cardnumber
+                           expirationdate cvd cardtypelock description testmode
+                           fraud_remote_addr fraud_http_accept fraud_http_accept_language
+                           fraud_http_accept_encoding fraud_http_accept_charset
+                           fraud_http_referer fraud_http_user_agent apikey),
+
+          :recurring => %w(protocol msgtype merchant ordernumber amount currency
+                           autocapture transaction fraud_remote_addr fraud_http_accept
+                           fraud_http_accept_language fraud_http_accept_encoding
+                           fraud_http_accept_charset fraud_http_referer
+                           fraud_http_user_agent apikey),
+
+          :status    => %w(protocol msgtype merchant transaction fraud_remote_addr
+                           fraud_http_accept fraud_http_accept_language
+                           fraud_http_accept_encoding fraud_http_accept_charset
+                           fraud_http_referer fraud_http_user_agent apikey),
+
+          :chstatus  => %w(protocol msgtype merchant fraud_remote_addr fraud_http_accept
+                           fraud_http_accept_language fraud_http_accept_encoding
+                           fraud_http_accept_charset fraud_http_referer
+                           fraud_http_user_agent apikey)
+        }
+      }
+
+      APPROVED = '000'
+
+      # The login is the QuickpayId
+      # The password is the md5checkword from the Quickpay manager
+      # To use the API-key from the Quickpay manager, specify :api-key
+      # Using the API-key, requires that you use version 4. Specify :version => 4 in options.
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        @protocol = options.delete(:version) || 3 # default to protocol version 3
+        @options = options
+        super
+      end
+
+      def authorize(money, credit_card_or_reference, options = {})
+        post = {}
+
+        add_amount(post, money, options)
+        add_invoice(post, options)
+        add_creditcard_or_reference(post, credit_card_or_reference, options)
+        add_autocapture(post, false)
+        add_fraud_parameters(post, options)
+        add_testmode(post)
+
+        commit(recurring_or_authorize(credit_card_or_reference), post)
+      end
+
+      def purchase(money, credit_card_or_reference, options = {})
+        post = {}
+
+        add_amount(post, money, options)
+        add_creditcard_or_reference(post, credit_card_or_reference, options)
+        add_invoice(post, options)
+        add_fraud_parameters(post, options)
+        add_autocapture(post, true)
+
+        commit(recurring_or_authorize(credit_card_or_reference), post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+
+        add_reference(post, authorization)
+        add_amount_without_currency(post, money)
+        add_fraud_parameters(post, options)
+
+        commit(:capture, post)
+      end
+
+      def void(identification, options = {})
+        post = {}
+
+        add_reference(post, identification)
+        add_fraud_parameters(post, options)
+
+        commit(:cancel, post)
+      end
+
+      def refund(money, identification, options = {})
+        post = {}
+
+        add_amount_without_currency(post, money)
+        add_reference(post, identification)
+        add_fraud_parameters(post, options)
+
+        commit(:refund, post)
+      end
+
+      def credit(money, identification, options = {})
+        deprecated CREDIT_DEPRECATION_MESSAGE
+        refund(money, identification, options)
+      end
+
+      def store(creditcard, options = {})
+        post = {}
+
+        add_creditcard(post, creditcard, options)
+        add_invoice(post, options)
+        add_description(post, options)
+        add_fraud_parameters(post, options)
+        add_testmode(post)
+
+        commit(:subscribe, post)
+      end
+
+      private
+
+      def add_amount(post, money, options = {})
+        post[:amount]   = amount(money)
+        post[:currency] = options[:currency] || currency(money)
+      end
+
+      def add_amount_without_currency(post, money, options = {})
+        post[:amount] = amount(money)
+      end
+
+      def add_invoice(post, options)
+        post[:ordernumber] = format_order_number(options[:order_id])
+      end
+
+      def add_creditcard(post, credit_card, options)
+        post[:cardnumber]     = credit_card.number
+        post[:cvd]            = credit_card.verification_value
+        post[:expirationdate] = expdate(credit_card)
+        post[:cardtypelock]   = options[:cardtypelock] unless options[:cardtypelock].blank?
+      end
+
+      def add_reference(post, identification)
+        post[:transaction] = identification
+      end
+
+      def add_creditcard_or_reference(post, credit_card_or_reference, options)
+        if credit_card_or_reference.is_a?(String)
+          add_reference(post, credit_card_or_reference)
+        else
+          add_creditcard(post, credit_card_or_reference, options)
+        end
+      end
+
+      def add_autocapture(post, autocapture)
+        post[:autocapture] = autocapture ? 1 : 0
+      end
+
+      def recurring_or_authorize(credit_card_or_reference)
+        credit_card_or_reference.is_a?(String) ? :recurring : :authorize
+      end
+
+      def add_description(post, options)
+        post[:description] = options[:description]
+      end
+
+      def add_testmode(post)
+        return if post[:transaction].present? 
+        post[:testmode] = test? ? '1' : '0'
+      end
+      
+      def add_fraud_parameters(post, options)
+        if @protocol == 4
+          post[:fraud_remote_addr] = options[:fraud_remote_addr] if options[:fraud_remote_addr]
+          post[:fraud_http_accept] = options[:fraud_http_accept] if options[:fraud_http_accept]
+          post[:fraud_http_accept_language] = options[:fraud_http_accept_language] if options[:fraud_http_accept_language]
+          post[:fraud_http_accept_encoding] = options[:fraud_http_accept_encoding] if options[:fraud_http_accept_encoding]
+          post[:fraud_http_accept_charset] = options[:fraud_http_accept_charset] if options[:fraud_http_accept_charset]
+          post[:fraud_http_referer] = options[:fraud_http_referer] if options[:fraud_http_referer]
+          post[:fraud_http_user_agent] = options[:fraud_http_user_agent] if options[:fraud_http_user_agent]
+        end
+      end
+
+      def commit(action, params)
+        response = parse(ssl_post(URL, post_data(action, params)))
+
+        Response.new(successful?(response), message_from(response), response,
+          :test => test?,
+          :authorization => response[:transaction]
+        )
+      end
+
+      def successful?(response)
+        response[:qpstat] == APPROVED
+      end
+
+      def parse(data)
+        response = {}
+
+        doc = REXML::Document.new(data)
+
+        doc.root.elements.each do |element|
+          response[element.name.to_sym] = element.text
+        end
+
+        response
+      end
+
+      def message_from(response)
+        response[:qpstatmsg].to_s
+      end
+
+      def post_data(action, params = {})
+        params[:protocol] = @protocol
+        params[:msgtype]  = action.to_s
+        params[:merchant] = @options[:login]
+        params[:apikey] = @options[:apikey] if @options[:apikey]
+        params[:md5check] = generate_check_hash(action, params)
+
+        params.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+      end
+
+      def generate_check_hash(action, params)
+        string = MD5_CHECK_FIELDS[@protocol][action].collect do |key|
+          params[key.to_sym]
+        end.join('')
+
+        # Add the md5checkword
+        string << @options[:password].to_s
+
+        Digest::MD5.hexdigest(string)
+      end
+
+      def expdate(credit_card)
+        year  = format(credit_card.year, :two_digits)
+        month = format(credit_card.month, :two_digits)
+
+        "#{year}#{month}"
+      end
+
+      # Limited to 20 digits max
+      def format_order_number(number)
+        number.to_s.gsub(/[^\w_]/, '').rjust(4, "0")[0...20]
+      end
+    end
+  end
+end
+

data/lib/active_merchant/billing/gateways/realex.rb

@@ -0,0 +1,313 @@
+require 'nokogiri'
+require 'digest/sha1'
+
+module ActiveMerchant
+  module Billing
+    # Realex is the leading CC gateway in Ireland
+    # see http://www.realexpayments.com
+    # Contributed by John Ward (john@ward.name)
+    # see http://thinedgeofthewedge.blogspot.com
+    #
+    # Realex works using the following
+    # login - The unique id of the merchant
+    # password - The secret is used to digitally sign the request
+    # account - This is an optional third part of the authentication process
+    # and is used if the merchant wishes do distuinguish cc traffic from the different sources
+    # by using a different account. This must be created in advance
+    #
+    # the Realex team decided to make the orderid unique per request,
+    # so if validation fails you can not correct and resend using the
+    # same order id
+    class RealexGateway < Gateway
+      URL = 'https://epage.payandshop.com/epage-remote.cgi'
+
+      CARD_MAPPING = {
+        'master'            => 'MC',
+        'visa'              => 'VISA',
+        'american_express'  => 'AMEX',
+        'diners_club'       => 'DINERS',
+        'switch'            => 'SWITCH',
+        'solo'              => 'SWITCH',
+        'laser'             => 'LASER'
+      }
+
+      self.money_format = :cents
+      self.default_currency = 'EUR'
+      self.supported_cardtypes = [ :visa, :master, :american_express, :diners_club, :switch, :solo, :laser ]
+      self.supported_countries = [ 'IE', 'GB' ]
+      self.homepage_url = 'http://www.realexpayments.com/'
+      self.display_name = 'Realex'
+
+      SUCCESS, DECLINED          = "Successful", "Declined"
+      BANK_ERROR = REALEX_ERROR  = "Gateway is in maintenance. Please try again later."
+      ERROR = CLIENT_DEACTIVATED = "Gateway Error"
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        options[:refund_hash] = Digest::SHA1.hexdigest(options[:rebate_secret]) if options.has_key?(:rebate_secret)
+        @options = options
+        super
+      end
+
+      def purchase(money, credit_card, options = {})
+        requires!(options, :order_id)
+
+        request = build_purchase_or_authorization_request(:purchase, money, credit_card, options)
+        commit(request)
+      end
+
+      def authorize(money, creditcard, options = {})
+        requires!(options, :order_id)
+
+        request = build_purchase_or_authorization_request(:authorization, money, creditcard, options)
+        commit(request)
+      end
+
+      def capture(money, authorization, options = {})
+        request = build_capture_request(authorization, options)
+        commit(request)
+      end
+
+      def refund(money, authorization, options = {})
+        request = build_refund_request(money, authorization, options)
+        commit(request)
+      end
+
+      def credit(money, authorization, options = {})
+        deprecated CREDIT_DEPRECATION_MESSAGE
+        refund(money, authorization, options)
+      end
+
+      def void(authorization, options = {})
+        request = build_void_request(authorization, options)
+        commit(request)
+      end
+
+      private
+      def commit(request)
+        response = parse(ssl_post(URL, request))
+
+        Response.new(response[:result] == "00", message_from(response), response,
+          :test => response[:message] =~ /\[ test system \]/,
+          :authorization => authorization_from(response),
+          :cvv_result => response[:cvnresult],
+          :avs_result => {
+            :street_match => response[:avspostcoderesponse],
+            :postal_match => response[:avspostcoderesponse]
+          }
+        )
+      end
+
+      def parse(xml)
+        response = {}
+
+        doc = Nokogiri::XML(xml)
+        doc.xpath('//response/*').each do |node|
+          if (node.elements.size == 0)
+            response[node.name.downcase.to_sym] = normalize(node.text)
+          else
+            node.elements.each do |childnode|
+              name = "#{node.name.downcase}_#{childnode.name.downcase}"
+              response[name.to_sym] = normalize(childnode.text)
+            end
+          end
+        end unless doc.root.nil?
+
+        response
+      end
+
+      def authorization_from(parsed)
+        [parsed[:orderid], parsed[:pasref], parsed[:authcode]].join(';')
+      end
+
+      def build_purchase_or_authorization_request(action, money, credit_card, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'auth' do
+          add_merchant_details(xml, options)
+          xml.tag! 'orderid', sanitize_order_id(options[:order_id])
+          add_amount(xml, money, options)
+          add_card(xml, credit_card)
+          xml.tag! 'autosettle', 'flag' => auto_settle_flag(action)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), credit_card.number)
+          add_comments(xml, options)
+          add_address_and_customer_info(xml, options)
+        end
+        xml.target!
+      end
+
+      def build_capture_request(authorization, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'settle' do
+          add_merchant_details(xml, options)
+          add_transaction_identifiers(xml, authorization, options)
+          add_comments(xml, options)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), nil, nil, nil)
+        end
+        xml.target!
+      end
+
+      def build_refund_request(money, authorization, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'rebate' do
+          add_merchant_details(xml, options)
+          add_transaction_identifiers(xml, authorization, options)
+          xml.tag! 'amount', amount(money), 'currency' => options[:currency] || currency(money)
+          xml.tag! 'refundhash', @options[:refund_hash] if @options[:refund_hash]
+          xml.tag! 'autosettle', 'flag' => 1
+          add_comments(xml, options)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), nil)
+        end
+        xml.target!
+      end
+
+      def build_void_request(authorization, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'void' do
+          add_merchant_details(xml, options)
+          add_transaction_identifiers(xml, authorization, options)
+          add_comments(xml, options)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), nil, nil, nil)
+        end
+        xml.target!
+      end
+
+      def add_address_and_customer_info(xml, options)
+        billing_address = options[:billing_address] || options[:address]
+        shipping_address = options[:shipping_address]
+
+        return unless billing_address || shipping_address || options[:customer] || options[:invoice] || options[:ip]
+
+        xml.tag! 'tssinfo' do
+          xml.tag! 'custnum', options[:customer] if options[:customer]
+          xml.tag! 'prodid', options[:invoice] if options[:invoice]
+          xml.tag! 'custipaddress', options[:ip] if options[:ip]
+
+          if billing_address
+            xml.tag! 'address', 'type' => 'billing' do
+              xml.tag! 'code', avs_input_code( billing_address )
+              xml.tag! 'country', billing_address[:country]
+            end
+          end
+
+          if shipping_address
+            xml.tag! 'address', 'type' => 'shipping' do
+              xml.tag! 'code', format_shipping_zip_code(shipping_address[:zip])
+              xml.tag! 'country', shipping_address[:country]
+            end
+          end
+        end
+      end
+
+      def add_merchant_details(xml, options)
+        xml.tag! 'merchantid', @options[:login]
+        if options[:account] || @options[:account]
+          xml.tag! 'account', (options[:account] || @options[:account])
+        end
+      end
+
+      def add_transaction_identifiers(xml, authorization, options)
+        options[:order_id], pasref, authcode = authorization.split(';')
+        xml.tag! 'orderid', sanitize_order_id(options[:order_id])
+        xml.tag! 'pasref', pasref
+        xml.tag! 'authcode', authcode
+      end
+
+      def add_comments(xml, options)
+        return unless options[:description]
+        xml.tag! 'comments' do
+          xml.tag! 'comment', options[:description], 'id' => 1
+        end
+      end
+
+      def add_amount(xml, money, options)
+        xml.tag! 'amount', amount(money), 'currency' => options[:currency] || currency(money)
+      end
+
+      def add_card(xml, credit_card)
+        xml.tag! 'card' do
+          xml.tag! 'number', credit_card.number
+          xml.tag! 'expdate', expiry_date(credit_card)
+          xml.tag! 'chname', credit_card.name
+          xml.tag! 'type', CARD_MAPPING[card_brand(credit_card).to_s]
+          xml.tag! 'issueno', credit_card.issue_number
+          xml.tag! 'cvn' do
+            xml.tag! 'number', credit_card.verification_value
+            xml.tag! 'presind', (options['presind'] || (credit_card.verification_value? ? 1 : nil))
+          end
+        end
+      end
+
+      def avs_input_code(address)
+        address.values_at(:zip, :address1).map{ |v| extract_digits(v) }.join('|')
+      end
+
+      def format_shipping_zip_code(zip)
+        zip.to_s.gsub(/\W/, '')
+      end
+
+      def extract_digits(string)
+        return "" if string.nil?
+        string.gsub(/[\D]/,'')
+      end
+
+      def new_timestamp
+        Time.now.strftime('%Y%m%d%H%M%S')
+      end
+
+      def add_signed_digest(xml, *values)
+        string = Digest::SHA1.hexdigest(values.join("."))
+        xml.tag! 'sha1hash', Digest::SHA1.hexdigest([string, @options[:password]].join("."))
+      end
+
+      def auto_settle_flag(action)
+        action == :authorization ? '0' : '1'
+      end
+
+      def expiry_date(credit_card)
+        "#{format(credit_card.month, :two_digits)}#{format(credit_card.year, :two_digits)}"
+      end
+
+      def normalize(field)
+        case field
+        when "true"   then true
+        when "false"  then false
+        when ""       then nil
+        when "null"   then nil
+        else field
+        end
+      end
+
+      def message_from(response)
+        message = nil
+        case response[:result]
+        when "00"
+          message = SUCCESS
+        when "101"
+          message = response[:message]
+        when "102", "103"
+          message = DECLINED
+        when /^2[0-9][0-9]/
+          message = BANK_ERROR
+        when /^3[0-9][0-9]/
+          message = REALEX_ERROR
+        when /^5[0-9][0-9]/
+          message = response[:message]
+        when "600", "601", "603"
+          message = ERROR
+        when "666"
+          message = CLIENT_DEACTIVATED
+        else
+          message = DECLINED
+        end
+      end
+
+      def sanitize_order_id(order_id)
+        order_id.to_s.gsub(/[^a-zA-Z0-9\-_]/, '')
+      end
+    end
+  end
+end