sage_party 0.0.1

data/lib/sage_party.rb

@@ -0,0 +1,119 @@
+require 'digest'
+require 'active_support'
+require 'party_resource'
+
+PartyResource::Connector.add(:sage_party, {})
+
+module SageParty
+  class Transaction
+    include PartyResource
+
+    party_connector :sage_party
+    URLS = {:simulator => 'https://test.sagepay.com/simulator/VSPServerGateway.asp?Service=VendorRegisterTx',
+            :test => 'https://test.sagepay.com/gateway/service/vspserver-register.vsp',
+            :live => 'https://live.sagepay.com/gateway/service/vspserver-register.vsp'}
+    ::SAGE_PAY_SERVER = :simulator unless Object.const_defined?('SAGE_PAY_SERVER')
+
+    connect :raw_register, :post => URLS[::SAGE_PAY_SERVER.to_sym], :as => :raw
+
+    %w{VPSProtocol StatusDetail VPSTxId SecurityKey NextURL
+      VPSTxId VendorTxCode Status TxAuthNo VendorName AVSCV2 SecurityKey
+      AddressResult PostCodeResult CV2Result GiftAid CAVV AddressStatus
+      PayerStatus CardType Last4Digits VPSSignature}.each do |name|
+      property name.underscore, :from => name
+    end
+    property :three_d_secure_status, :from => '3DSecureStatus'
+    property :id, :vendor_name
+
+
+    class << self
+      # Register a new transaction with SagePay
+      # @return [Transaction]
+      def register_tx(data)
+        response = raw_register(data)
+        hash = {}
+        response.split("\r\n").each do |line|
+          line = line.split("=", 2)
+          hash[line.first] = line.last
+        end
+        self.new(hash.merge({:id => data[:VendorTxCode], :vendor_name => data[:Vendor]}))
+      end
+
+      # Find a stored transaction
+      # @return [Transaction]
+      def find(vendor_id, sage_id)
+        transaction = get(vendor_id)
+        return missing_transaction if transaction.nil? || transaction.vps_tx_id != sage_id
+        transaction
+      end
+
+      protected
+      def get(vendor_id)
+        raise 'self.get method get needs to be defined'
+      end
+
+      private
+      def missing_transaction
+        self.new(:not_found => true)
+      end
+    end
+
+    # Return HTTP response to return to SagePay server
+    # @return [String]
+    def response
+      return format_response(:invalid, 'Transaction not found') unless exists?
+      return format_response(:invalid, 'Security check failed') unless signature_ok?
+      return format_response(:error, 'Sage Pay reported an error') if status == 'ERROR'
+      return format_response(:invalid, 'Unexpected status') if %w{AUTHENTICATED REGISTERED}.include?(status)
+      return format_response(:invalid, "Invalid status: #{status}") unless %w{OK NOTAUTHED ABORT REJECTED}.include?(status)
+      format_response(:ok)
+    end
+
+    # Test transaction equality
+    # @return [Boolean]
+    def ==(other)
+      properties_equal?(other) && self.exists? == other.exists?
+    end
+
+    # Detrmine if this transaction exists
+    def exists?
+      !@not_found
+    end
+
+    # Merge in transaction stage two data
+    # @return [Transaction] self
+    def merge!(data)
+      data = data.with_indifferent_access
+      data.delete(:SecurityKey)
+      populate_properties(data)
+      self
+    end
+
+    # Check if transaction data matches its signature
+    def signature_ok?
+      generate_md5 == vps_signature
+    end
+
+    protected
+    def initialize(params)
+      populate_properties(params)
+      @not_found = params[:not_found]
+    end
+
+    def notification_url
+      raise 'notification_url method needs to be defined'
+    end
+
+    private
+    def generate_md5
+      Digest::MD5.hexdigest("#{vps_tx_id}#{vendor_tx_code}#{status}#{tx_auth_no}#{vendor_name}#{avscv2}#{security_key}#{address_result}#{post_code_result}#{cv2_result}#{gift_aid}#{three_d_secure_status}#{cavv}#{address_status}#{payer_status}#{card_type}#{last4_digits}").upcase
+    end
+
+    def format_response(status, details=nil)
+      str = "Status=#{status.to_s.upcase}\r\nRedirectURL=#{notification_url}"
+      str += "\r\nStatusDetail=#{details}" unless details.nil?
+      str
+    end
+
+  end
+end

data/spec/sage_transaction_spec.rb

@@ -0,0 +1,183 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+def m(name)
+  v = mock(name)
+  instance_variable_set("@#{name}", v)
+end
+
+describe SageParty::Transaction do
+  describe 'registering a transaction' do
+    before do
+      SageParty::Transaction.stub!(:raw_register => '')
+      SageParty::Transaction.stub!(:tx_id => 'my_tx_id')
+      @basket = mock(:basket, :id => mock, :null_object => true)
+      @customer = mock(:customer, :null_object => true)
+      @data = {:VendorTxCode => m(:tx_code), :Vendor => m(:vendor)}
+    end
+
+    it 'registers with the data' do
+      SageParty::Transaction.should_receive(:raw_register).with(@data)
+      SageParty::Transaction.register_tx(@data)
+    end
+
+    it 'parses the response' do
+      SageParty::Transaction.stub!(:raw_register => "VPSProtocol=2.23\r\nStatus=OK\r\nStatusDetail=Server transaction registered successfully.\r\nVPSTxId={F2A9E367-AC15-4F5F-AB4C-D74B5A0EE8CF}\r\nSecurityKey=YK4N4LO9PT\r\nNextURL=https://test.sagepay.com/Simulator/VSPServerPaymentPage.asp?SageTransactionID={F2A9E367-AC15-4F5F-AB4C-D74B5A0EE8CF}")
+      result = SageParty::Transaction.new({:vps_protocol => '2.23', :status => 'OK', :status_detail => 'Server transaction registered successfully.', :vps_tx_id => '{F2A9E367-AC15-4F5F-AB4C-D74B5A0EE8CF}', :security_key => 'YK4N4LO9PT', :next_url => 'https://test.sagepay.com/Simulator/VSPServerPaymentPage.asp?SageTransactionID={F2A9E367-AC15-4F5F-AB4C-D74B5A0EE8CF}', :id => @tx_code, :vendor_name => @vendor, :basket_id => @basket.id})
+      SageParty::Transaction.register_tx(@data).should == result
+    end
+  end
+
+  describe 'find' do
+    it 'looks for the transaction' do
+      SageParty::Transaction.should_receive(:get).with('foo')
+      SageParty::Transaction.find('foo', 'bar')
+    end
+
+    context 'transaction can be found' do
+      it 'returns the transaction' do
+        transaction = mock(:transaction, :vps_tx_id => 'bar')
+        SageParty::Transaction.stub!(:get => transaction)
+        SageParty::Transaction.find('foo', 'bar').should == transaction
+      end
+    end
+
+    context 'transaction cannot be found' do
+      it 'returns a "null" transaction' do
+        SageParty::Transaction.stub!(:get => nil)
+        SageParty::Transaction.find('foo', 'bar').should_not be_exists
+      end
+    end
+
+    context 'transaction VPSTxId mismatch' do
+      it 'returns a "null" transaction' do
+        SageParty::Transaction.stub!(:get => mock(:transaction, :vps_tx_id => mock))
+        SageParty::Transaction.find('foo', 'bar').should_not be_exists
+      end
+    end
+  end
+
+  describe 'merge!' do
+    before do
+      @transaction = SageParty::Transaction.new('CardType' => m(:original_card_type), 'Status' => m(:status), 'SecurityKey' => m(:original_security_key))
+      @transaction.merge!('GiftAid' => m(:gift_aid), 'CardType' => m(:card_type), 'SecurityKey' => m(:security_key))
+    end
+      
+    it 'repopulates existing data' do
+      @transaction.card_type.should == @card_type
+    end
+
+    it 'populates new data' do
+      @transaction.gift_aid.should == @gift_aid
+    end
+
+    it 'leaves unchanged data unchaged' do
+      @transaction.status.should == @status
+    end
+
+    it 'DOES NOT repopulate the security key' do
+      @transaction.security_key.should == @original_security_key
+    end
+  end 
+
+  describe 'response' do
+    before do
+      @transaction = SageParty::Transaction.new({:id => mock(:id)})
+      @transaction.stub!(:notification_url => 'notify_url')
+      @transaction.stub!(:signature_ok? => true)
+    end
+
+    def set_status(status)
+      @transaction.merge!('Status' => status)
+    end 
+
+    def check_response(*args)
+      @transaction.response.should == @transaction.send(:format_response, *args)
+    end
+
+    context 'transaction not found' do
+      it 'returns invalid' do
+        @transaction.stub!(:exists? => false)
+        check_response(:invalid, 'Transaction not found')
+      end
+    end
+
+    context 'with incorrect signature' do
+      before do
+        @transaction.stub!(:signature_ok? => false)
+      end
+
+      it 'returns invalid' do
+        check_response(:invalid, 'Security check failed')
+      end
+    end
+
+    context 'when status == ERROR' do
+      before do
+        set_status('ERROR')
+      end
+
+      it 'returns error' do
+        check_response(:error, 'Sage Pay reported an error')
+      end
+    end
+
+    context 'status is an unexpected value' do
+      it 'returns invalid when status is incorrect value' do
+        set_status('CUSTARD')
+        check_response(:invalid, 'Invalid status: CUSTARD')
+      end
+
+      it 'returns invalid when status is blank' do
+        set_status('')
+        check_response(:invalid, 'Invalid status: ')
+      end
+
+      it 'returns invalid when status is nil' do
+        set_status(nil)
+        check_response(:invalid, 'Invalid status: ')
+      end
+
+      it 'returns invalid/unexpected when status is AUTHENTICATED' do
+        set_status('AUTHENTICATED')
+        check_response(:invalid, 'Unexpected status')
+      end
+
+      it 'returns invalid/unexpected when status is REGISTERED' do
+        set_status('REGISTERED')
+        check_response(:invalid, 'Unexpected status')
+      end
+    end
+
+    context 'status is an expected value' do
+      %w{OK NOTAUTHED ABORT REJECTED}.each do |status|
+        it "returns ok when status is #{status}" do
+          set_status(status)
+          check_response(:ok)
+        end
+      end
+    end
+  end
+
+  describe 'signature_ok?' do
+    before do
+      @transaction = SageParty::Transaction.new({:vps_protocol => '2.23', :status => 'OK', :status_detail => 'Server transaction registered successfully.', :vps_tx_id => '{F2A9E367-AC15-4F5F-AB4C-D74B5A0EE8CF}', :security_key => 'YK4N4LO9PT', :next_url => 'https://test.sagepay.com/Simulator/VSPServerPaymentPage.asp?SageTransactionID={F2A9E367-AC15-4F5F-AB4C-D74B5A0EE8CF}', :id => 'tx_code', :vendor_name => 'sage_key'})
+    end
+
+    it 'passes if the signature matches' do
+      @transaction.merge!(:vps_signature => 'DBCB54EB1128738F0C9E48600CBCF4DA')
+      @transaction.signature_ok?.should be_true
+    end
+
+    it 'fails if the signature does not match' do
+      @transaction.merge!(:vps_signature => 'CBCB54EB1128738F0C9E48600CBCF4DA')
+      @transaction.signature_ok?.should be_false
+    end
+
+    it 'fails if the signature is unset' do
+      @transaction.signature_ok?.should be_false
+    end
+  end
+
+end
+
+

data/spec/spec_helper.rb

@@ -0,0 +1,20 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+
+require 'sage_party'
+require 'spec'
+require 'spec/autorun'
+require 'webmock/rspec'
+
+include WebMock
+
+module LetMock
+    def let_mock(name, options = {})
+          let(name) { mock(name, options) }
+            end
+end
+
+Spec::Runner.configure do |config|
+    config.extend(LetMock)
+end
+

metadata

@@ -0,0 +1,129 @@
+--- !ruby/object:Gem::Specification 
+name: sage_party
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Tristan Harris
+- Steve Tooke
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-05-28 00:00:00 +01:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: party_resource
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 0
+        - 2
+        version: 0.0.2
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: activesupport
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 2
+        - 3
+        - 5
+        version: 2.3.5
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 2
+        - 9
+        version: 1.2.9
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: yard
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: webmock
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id005
+description: sage_party is a simple interface to SagePay's Server service built on top of party_resource
+email: dev+sage_party@edendevelopment.co.uk
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- lib/sage_party.rb
+has_rdoc: true
+homepage: http://github.com/edendevelopment/sage_party.git
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Simple interface to the SagePay Server service.
+test_files: 
+- spec/sage_transaction_spec.rb
+- spec/spec_helper.rb