killbill-cybersource 4.0.1 → 4.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 70b683af2803875628c898a0e286c606904729e5
-  data.tar.gz: 5c89305ff541fb3bafc46b17af392c2f33ff8f29
+  metadata.gz: 9b493be89fec342f29d8b2301b33df6d1fb2242f
+  data.tar.gz: af046593004ae23ac977ea4c818df2fc53620e5d
 SHA512:
-  metadata.gz: c24e46930e496e0dc56ed77e2e67c1207ebcbaf5fd164c86090cfdb3b975e7b3c1df59e337ae93355ca63ba40a0cd732aaffb3970bb76ffde06995ad403bf8fc
-  data.tar.gz: f0823fc7f52a074d5b6b8bd8cd847dbd2762d27fddb5c0e19123466a03a34bfe415391b9431511ca31d4511626222caeaf495a29c97141ffc030047984d02d9c
+  metadata.gz: 1f76a9a57ab6780e4bfefc3deb1429a7d86cfba8efb70bc45d0ac058557c36edf0912cdd6a87209dd699ba0bfd4fbcbbfbfaeb46a1ce6a4447aca02bbff59b5a
+  data.tar.gz: fd5086b9920e5cc9b734b094b94952e428b37b19d41f9bc4879fec8f3051ed85812aedd9440a94ca6eec5da944c507275ddd6747a19e17806b55212b9443fdee

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    killbill-cybersource (4.0.1)
+    killbill-cybersource (4.0.2)
       actionpack (~> 4.1.0)
       actionview (~> 4.1.0)
       activemerchant (~> 1.48.0)
@@ -19,13 +19,13 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (4.1.14)
-      actionview (= 4.1.14)
-      activesupport (= 4.1.14)
+    actionpack (4.1.15)
+      actionview (= 4.1.15)
+      activesupport (= 4.1.15)
       rack (~> 1.5.2)
       rack-test (~> 0.6.2)
-    actionview (4.1.14)
-      activesupport (= 4.1.14)
+    actionview (4.1.15)
+      activesupport (= 4.1.15)
       builder (~> 3.1)
       erubis (~> 2.7.0)
     active_utils (3.0.0)
@@ -36,17 +36,17 @@ GEM
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
       nokogiri (~> 1.4)
-    activemodel (4.1.14)
-      activesupport (= 4.1.14)
+    activemodel (4.1.15)
+      activesupport (= 4.1.15)
       builder (~> 3.1)
-    activerecord (4.1.14)
-      activemodel (= 4.1.14)
-      activesupport (= 4.1.14)
+    activerecord (4.1.15)
+      activemodel (= 4.1.15)
+      activesupport (= 4.1.15)
       arel (~> 5.0.0)
     activerecord-bogacs (0.4.1)
-    activerecord-jdbc-adapter (1.3.19)
+    activerecord-jdbc-adapter (1.3.20)
       activerecord (>= 2.2)
-    activesupport (4.1.14)
+    activesupport (4.1.15)
       i18n (~> 0.6, >= 0.6.9)
       json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
@@ -78,21 +78,21 @@ GEM
       ruby-maven (~> 3.3, >= 3.3.3)
     jdbc-mariadb (1.2.3)
     jdbc-sqlite3 (3.8.11.2)
-    jruby-openssl (0.9.12-java)
+    jruby-openssl (0.9.16-java)
     json (1.8.3-java)
-    killbill (7.0.1)
+    killbill (7.0.3)
       rack (>= 1.5.2)
       sinatra (~> 1.3.4)
       typhoeus (~> 0.6.9)
       tzinfo (~> 1.2.0)
     maven-tools (1.0.13)
       virtus (~> 1.0)
-    minitest (5.8.3)
+    minitest (5.8.4)
     monetize (1.1.0)
       money (~> 6.5.0)
     money (6.5.1)
       i18n (>= 0.6.4, <= 0.7.0)
-    nokogiri (1.6.7.1-java)
+    nokogiri (1.6.7.2-java)
     offsite_payments (2.1.0)
       actionpack (>= 3.2.20, < 5.0.0)
       active_utils (~> 3.0.0)
@@ -146,4 +146,4 @@ DEPENDENCIES
   rspec (~> 2.12.0)
 
 BUNDLED WITH
-   1.10.6
+   1.11.2

data/NEWS

@@ -1,3 +1,8 @@
+4.0.2
+    Add support for auth reversal after voiding a capture
+    Add support for ignore_avs and ignore_cvv properties
+    https://github.com/killbill/killbill-cybersource-plugin/issues/5
+
 4.0.1
     Add support for standalone credits on CreditCards
 

data/README.md

@@ -135,6 +135,8 @@ Plugin properties
 | skip_gw                      | If true, skip the call to CyberSource                             |
 | payment_processor_account_id | Config entry name of the merchant account to use                  |
 | external_key_as_order_id     | If true, set the payment external key as the CyberSource order id |
+| ignore_avs                   | If true, ignore the results of AVS checking                       |
+| ignore_cvv                   | If true, ignore the results of CVN checking                       |
 | cc_first_name                | Credit card holder first name                                     |
 | cc_last_name                 | Credit card holder last name                                      |
 | cc_type                      | Credit card brand                                                 |

data/VERSION

@@ -1 +1 @@
-4.0.1
+4.0.2

data/lib/cybersource/api.rb

@@ -282,6 +282,9 @@ module Killbill #:nodoc:
           end
           options[:email] = email
         end
+
+        ::Killbill::Plugin::ActiveMerchant::Utils.normalize_property(properties, 'ignore_avs')
+        ::Killbill::Plugin::ActiveMerchant::Utils.normalize_property(properties, 'ignore_cvv')
       end
 
       def get_report_api(kb_tenant_id)

data/lib/cybersource/ext/active_merchant/active_merchant.rb

@@ -25,9 +25,14 @@ module ActiveMerchant
         response = parse(raw_response)
 
         success = response[:decision] == 'ACCEPT'
-        message = @@response_codes[('r' + response[:reasonCode]).to_sym] rescue response[:message]
         authorization = success ? [options[:order_id], response[:requestID], response[:requestToken]].compact.join(";") : nil
 
+        if response[:faultcode] == 'wsse:FailedCheck'
+          message = { :exception_message => response[:message], :payment_plugin_status => :CANCELED }.to_json
+        else
+          message = @@response_codes[('r' + response[:reasonCode]).to_sym] rescue response[:message]
+        end
+
         Response.new(success, message, response,
                      :test => test?,
                      :authorization => authorization,

data/pom.xml

@@ -25,7 +25,7 @@
     <groupId>org.kill-bill.billing.plugin.ruby</groupId>
     <artifactId>cybersource-plugin</artifactId>
     <packaging>pom</packaging>
-    <version>4.0.1</version>
+    <version>4.0.2</version>
     <name>cybersource-plugin</name>
     <url>http://github.com/killbill/killbill-cybersource-plugin</url>
     <description>Plugin for accessing Cybersource as a payment gateway</description>

data/spec/cybersource/base_plugin_spec.rb

@@ -46,6 +46,66 @@ describe Killbill::Cybersource::PaymentPlugin do
     end
   end
 
+  context 'Business Rules' do
+
+    it 'does not ignore AVS nor CVN' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post) do |host, request_body|
+        request_body.should_not match('<ignoreAVSResult>')
+        request_body.should_not match('<ignoreCVResult>')
+        successful_purchase_response
+      end
+      purchase
+      purchase(:PROCESSED, [build_property('ignore_avs', 'false'), build_property('ignore_cvv', 'false')])
+    end
+
+    it 'ignores AVS and CVN' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post) do |host, request_body|
+        request_body.should match('<ignoreAVSResult>')
+        request_body.should match('<ignoreCVResult>')
+        successful_purchase_response
+      end
+      purchase(:PROCESSED, [build_property('ignore_avs', 'true'), build_property('ignore_cvv', 'true')])
+    end
+
+    it 'ignores AVS but not CVN' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post) do |host, request_body|
+        request_body.should match('<ignoreAVSResult>')
+        request_body.should_not match('<ignoreCVResult>')
+        successful_purchase_response
+      end
+      purchase(:PROCESSED, [build_property('ignore_avs', 'true')])
+      purchase(:PROCESSED, [build_property('ignore_avs', 'true'), build_property('ignore_cvv', 'false')])
+    end
+
+    it 'ignores CVN but not AVS' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post) do |host, request_body|
+        request_body.should_not match('<ignoreAVSResult>')
+        request_body.should match('<ignoreCVResult>')
+        successful_purchase_response
+      end
+      purchase(:PROCESSED, [build_property('ignore_cvv', 'true')])
+      purchase(:PROCESSED, [build_property('ignore_avs', 'false'), build_property('ignore_cvv', 'true')])
+    end
+  end
+
+  context 'Errors handling' do
+
+    it 'handles expired passwords as CANCELED transactions' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post).and_return(password_expired_response)
+      purchase(:CANCELED).gateway_error.should == 'wsse:FailedCheck: Security Data : Merchant password has expired.'
+    end
+
+    it 'handles bad passwords as CANCELED transactions' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post).and_return(bad_password_response)
+      purchase(:CANCELED).gateway_error.should == 'wsse:FailedCheck: Security Data : UsernameToken authentication failed.'
+    end
+
+    it 'handles unsuccessful authorizations as ERROR transactions' do
+      ::ActiveMerchant::Billing::CyberSourceGateway.any_instance.stub(:ssl_post).and_return(unsuccessful_authorization_response)
+      purchase(:ERROR).gateway_error.should == 'Invalid account number'
+    end
+  end
+
   private
 
   def with_transaction(kb_payment_id, transaction_type, created_at, context)
@@ -64,4 +124,49 @@ describe Killbill::Cybersource::PaymentPlugin do
   ensure
     t.destroy! unless t.nil?
   end
+
+  def purchase(expected_status = :PROCESSED, properties = [])
+    kb_payment_id = SecureRandom.uuid
+    kb_payment = @plugin.kb_apis.proxied_services[:payment_api].add_payment(kb_payment_id)
+    kb_transaction_id = kb_payment.transactions[0].id
+
+    properties << build_property('email', 'foo@bar.com')
+    properties << build_property('token', '1234')
+
+    payment_response = @plugin.purchase_payment(SecureRandom.uuid, kb_payment_id, kb_transaction_id, SecureRandom.uuid, BigDecimal.new('100'), 'USD', properties, build_call_context)
+    payment_response.status.should eq(expected_status), payment_response.gateway_error
+    payment_response
+  end
+
+  def successful_purchase_response
+    <<-XML
+<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
+<soap:Header>
+<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-2636690"><wsu:Created>2008-01-15T21:42:03.343Z</wsu:Created></wsu:Timestamp></wsse:Security></soap:Header><soap:Body><c:replyMessage xmlns:c="urn:schemas-cybersource-com:transaction-data-1.26"><c:merchantReferenceCode>b0a6cf9aa07f1a8495f89c364bbd6a9a</c:merchantReferenceCode><c:requestID>2004333231260008401927</c:requestID><c:decision>ACCEPT</c:decision><c:reasonCode>100</c:reasonCode><c:requestToken>Afvvj7Ke2Fmsbq0wHFE2sM6R4GAptYZ0jwPSA+R9PhkyhFTb0KRjoE4+ynthZrG6tMBwjAtT</c:requestToken><c:purchaseTotals><c:currency>USD</c:currency></c:purchaseTotals><c:ccAuthReply><c:reasonCode>100</c:reasonCode><c:amount>1.00</c:amount><c:authorizationCode>123456</c:authorizationCode><c:avsCode>Y</c:avsCode><c:avsCodeRaw>Y</c:avsCodeRaw><c:cvCode>M</c:cvCode><c:cvCodeRaw>M</c:cvCodeRaw><c:authorizedDateTime>2008-01-15T21:42:03Z</c:authorizedDateTime><c:processorResponse>00</c:processorResponse><c:authFactorCode>U</c:authFactorCode></c:ccAuthReply></c:replyMessage></soap:Body></soap:Envelope>
+    XML
+  end
+
+  def password_expired_response
+    <<-XML
+<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
+<soap:Header>
+<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-2636690"><wsu:Created>2008-01-15T21:42:03.343Z</wsu:Created></wsu:Timestamp></wsse:Security></soap:Header><soap:Body><soap:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:c="urn:schemas-cybersource-com:transaction-data-1.0"><faultcode>wsse:FailedCheck</faultcode><faultstring>Security Data : Merchant password has expired.</faultstring></soap:Fault></soap:Body></soap:Envelope>
+    XML
+  end
+
+  def bad_password_response
+    <<-XML
+<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
+<soap:Header>
+<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-2636690"><wsu:Created>2008-01-15T21:42:03.343Z</wsu:Created></wsu:Timestamp></wsse:Security></soap:Header><soap:Body><soap:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:c="urn:schemas-cybersource-com:transaction-data-1.0"><faultcode>wsse:FailedCheck</faultcode><faultstring>Security Data : UsernameToken authentication failed.</faultstring></soap:Fault></soap:Body></soap:Envelope>
+    XML
+  end
+
+  def unsuccessful_authorization_response
+    <<-XML
+<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
+<soap:Header>
+<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-28121162"><wsu:Created>2008-01-15T21:50:41.580Z</wsu:Created></wsu:Timestamp></wsse:Security></soap:Header><soap:Body><c:replyMessage xmlns:c="urn:schemas-cybersource-com:transaction-data-1.26"><c:merchantReferenceCode>a1efca956703a2a5037178a8a28f7357</c:merchantReferenceCode><c:requestID>2004338415330008402434</c:requestID><c:decision>REJECT</c:decision><c:reasonCode>231</c:reasonCode><c:requestToken>Afvvj7KfIgU12gooCFE2/DanQIApt+G1OgTSA+R9PTnyhFTb0KRjgFY+ynyIFNdoKKAghwgx</c:requestToken><c:ccAuthReply><c:reasonCode>231</c:reasonCode></c:ccAuthReply></c:replyMessage></soap:Body></soap:Envelope>
+    XML
+  end
 end

data/spec/cybersource/remote/integration_spec.rb

@@ -214,6 +214,16 @@ describe Killbill::Cybersource::PaymentPlugin do
     payment_response = @plugin.void_payment(@pm.kb_account_id, @kb_payment.id, @kb_payment.transactions[2].id, @pm.kb_payment_method_id, @properties, @call_context)
     payment_response.status.should eq(:PROCESSED), payment_response.gateway_error
     payment_response.transaction_type.should == :VOID
+    Killbill::Cybersource::CybersourceResponse.last.params_amount.should == '10.00'
+
+    # From the CyberSource documentation:
+    # When you void a capture, a hold remains on the unused credit card funds. If you are not going to re-capture the authorization as described in "Capture After Void," page 71, and if
+    # your processor supports authorization reversal after void as described in "Authorization Reversal After Void," page 39, CyberSource recommends that you request an authorization reversal
+    # to release the hold on the unused credit card funds.
+    payment_response = @plugin.void_payment(@pm.kb_account_id, @kb_payment.id, @kb_payment.transactions[3].id, @pm.kb_payment_method_id, @properties, @call_context)
+    payment_response.status.should eq(:PROCESSED), payment_response.gateway_error
+    payment_response.transaction_type.should == :VOID
+    Killbill::Cybersource::CybersourceResponse.last.params_amount.should == '100.00'
   end
 
   it 'should be able to credit' do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: killbill-cybersource
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.0.2
 platform: ruby
 authors:
 - Kill Bill core team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-02-17 00:00:00.000000000 Z
+date: 2016-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: killbill