sage_pay 0.1.0 → 0.2.0

data/lib/sage_pay/server.rb

@@ -0,0 +1,31 @@
+module SagePay
+  module Server
+    class << self
+      attr_accessor :default_registration_options
+    end
+    # NOTE: Expected to be something along the lines of:
+    #
+    #     SagePay::Server.default_registration_options = {
+    #       :mode => :live,
+    #       :vendor => "rubaidh",
+    #       :notification_url => "http://test.host/notification"
+    #     }
+    #
+    # ... which you'll want to stick in config/initializers/sage_pay.rb or one
+    # of your environment files, if you're doing this with a Rails app.
+    self.default_registration_options = {}
+
+    def self.payment(attributes = {})
+      registration({ :tx_type => :payment }.merge(attributes))
+    end
+
+    def self.registration(attributes)
+      defaults = {
+        :vendor_tx_code   => TransactionCode.random,
+        :delivery_address => attributes[:billing_address]
+      }.merge(default_registration_options)
+
+      SagePay::Server::TransactionRegistration.new(defaults.merge(attributes))
+    end
+  end
+end

data/lib/sage_pay.rb

@@ -1,3 +1,21 @@
-class SagePay
-  VERSION = '0.1.0'
+require 'validatable'
+require 'bigdecimal'
+require 'net/https'
+require 'uri'
+require 'md5'
+require 'uuid'
+
+module SagePay
+  VERSION = '0.2.0'
 end
+
+require 'validatable-ext'
+
+require 'sage_pay/server/address'
+require 'sage_pay/server/transaction_code'
+require 'sage_pay/server/signature_verification_details'
+require 'sage_pay/server/transaction_registration'
+require 'sage_pay/server/transaction_registration_response'
+require 'sage_pay/server/transaction_notification'
+require 'sage_pay/server/transaction_notification_response'
+require 'sage_pay/server'

data/lib/validatable-ext.rb

@@ -0,0 +1,28 @@
+require 'validatable'
+require 'validations/validates_inclusion_of'
+
+module Validatable
+  module Macros
+    # call-seq: validates_inclusion_of(*args)
+    #
+    # Encapsulates the pattern of wanting to validate that an attribute is is in a list. Example:
+    # 
+    #   class Person
+    #     include Validatable
+    #     validates_inclusion_of :operating_system, :in => ["Mac OS X", "Linux", "Windows"]
+    #   end
+    #
+    # Configuration options:
+    # 
+    #     * in - a list of acceptable answers
+    #     * after_validate - A block that executes following the run of a validation
+    #     * message - The message to add to the errors collection when the validation fails
+    #     * times - The number of times the validation applies
+    #     * level - The level at which the validation should occur
+    #     * if - A block that when executed must return true of the validation will not occur
+    #     * group - The group that this validation belongs to.  A validation can belong to multiple groups
+    def validates_inclusion_of(*args)
+      add_validations(args, ValidatesInclusionOf)
+    end
+  end
+end

data/lib/validations/validates_inclusion_of.rb

@@ -0,0 +1,22 @@
+module Validatable
+  class ValidatesInclusionOf < ValidationBase #:nodoc:
+    option :allow_blank
+    required_option :in
+    
+    def message(instance)
+      super || "is not in the list"
+    end
+    
+    def valid?(instance)
+      valid = true
+      value = instance.send(self.attribute)
+      
+      if value.nil? || (value.respond_to?(:empty?) && value.empty?)
+        return true if allow_blank
+        value = ""
+      end
+
+      @in.include?(value)
+    end
+  end
+end

data/sage_pay.gemspec

@@ -7,8 +7,8 @@ Gem::Specification.new do |s|
   ## If your rubyforge_project name is different, then edit it and comment out
   ## the sub! line in the Rakefile
   s.name              = 'sage_pay'
-  s.version           = '0.1.0'
-  s.date              = '2010-04-07'
+  s.version           = '0.2.0'
+  s.date              = '2010-04-13'
   s.rubyforge_project = 'sage_pay'
 
   ## Make sure your summary is short. The description may be as long
@@ -37,11 +37,12 @@ gateway for accepting credit card payments through your web app.
 
   ## List your runtime dependencies here. Runtime dependencies are those
   ## that are needed for an end user to actually USE your code.
-  # s.add_dependency('DEPNAME', [">= 1.1.0", "< 2.0.0"])
+  s.add_dependency('validatable', [">= 1.6.7"])
+  s.add_dependency('uuid',        [">= 2.3.0"])
 
   ## List your development dependencies here. Development dependencies are
   ## those that are only needed during development
-  # s.add_development_dependency('DEVDEPNAME', [">= 1.1.0", "< 2.0.0"])
+  s.add_development_dependency('rspec')
 
   ## Leave this section as-is. It will be automatically generated from the
   ## contents of your Git repository via the gemspec task. DO NOT REMOVE
@@ -52,11 +53,35 @@ gateway for accepting credit card payments through your web app.
     README.md
     Rakefile
     lib/sage_pay.rb
+    lib/sage_pay/server.rb
+    lib/sage_pay/server/address.rb
+    lib/sage_pay/server/signature_verification_details.rb
+    lib/sage_pay/server/transaction_code.rb
+    lib/sage_pay/server/transaction_notification.rb
+    lib/sage_pay/server/transaction_notification_response.rb
+    lib/sage_pay/server/transaction_registration.rb
+    lib/sage_pay/server/transaction_registration_response.rb
+    lib/validatable-ext.rb
+    lib/validations/validates_inclusion_of.rb
     sage_pay.gemspec
+    spec/integration/sage_pay/server_spec.rb
+    spec/sage_pay/server/address_spec.rb
+    spec/sage_pay/server/signature_verification_details_spec.rb
+    spec/sage_pay/server/transaction_code_spec.rb
+    spec/sage_pay/server/transaction_notification_response_spec.rb
+    spec/sage_pay/server/transaction_notification_spec.rb
+    spec/sage_pay/server/transaction_registration_response_spec.rb
+    spec/sage_pay/server/transaction_registration_spec.rb
+    spec/sage_pay/server_spec.rb
+    spec/sage_pay_spec.rb
+    spec/spec_helper.rb
+    spec/support/factories.rb
+    spec/support/integration.rb
+    spec/support/validation_matchers.rb
   ]
   # = MANIFEST =
 
   ## Test files will be grabbed from the file list. Make sure the path glob
   ## matches what you actually use.
-  s.test_files = s.files.select { |path| path =~ /^test\/test_.*\.rb/ }
+  s.test_files = s.files.select { |path| path =~ /^spec\/.*_spec\.rb/ }
 end

data/spec/integration/sage_pay/server_spec.rb

@@ -0,0 +1,57 @@
+require 'spec_helper'
+
+if run_integration_specs?
+  describe SagePay::Server, "integration specs" do
+    describe ".payment" do
+      before(:each) do
+        SagePay::Server.default_registration_options = {
+          :mode => :simulator,
+          :vendor => "rubaidh",
+          :notification_url => "http://test.host/notification"
+        }
+
+        @payment = SagePay::Server.payment(
+          :description => "Demo payment",
+          :amount => 12.34,
+          :currency => "GBP",
+          :billing_address => address_factory
+        )
+      end
+
+      after(:each) do
+        SagePay::Server.default_registration_options = {}
+      end
+
+      it "should successfully register the payment with SagePay" do
+        @payment.register!.should_not be_nil
+      end
+
+      it "should be a valid registered payment" do
+        registration = @payment.register!
+        registration.should be_ok
+      end
+
+      it "should have a next URL" do
+        registration = @payment.register!
+        registration.next_url.should_not be_nil
+      end
+
+      it "should allow us to follow the next URL and the response should be successful" do
+        pending "URI#parse claims that the URL SagePay hands us isn't a valid URI."
+        registration = @payment.register!
+        uri = URI.parse(registration.next_url)
+      end
+
+      it "should allow us to retrieve signature verification details" do
+        @payment.register!
+        sig_details = @payment.signature_verification_details
+
+        sig_details.should_not                be_nil
+        sig_details.vps_tx_id.should_not      be_nil
+        sig_details.security_key.should_not   be_nil
+        sig_details.vendor.should_not         be_nil
+        sig_details.vendor_tx_code.should_not be_nil
+      end
+    end
+  end
+end

data/spec/sage_pay/server/address_spec.rb

@@ -0,0 +1,119 @@
+require 'spec_helper'
+
+describe SagePay::Server::Address do
+  it "should be valid straight from the factory" do
+    lambda {
+      address_factory.should be_valid
+    }.should_not raise_error
+  end
+
+  describe "validations" do
+    it { validates_the_presence_of(:address, :first_names) }
+    it { validates_the_presence_of(:address, :surname)     }
+    it { validates_the_presence_of(:address, :address_1)   }
+    it { validates_the_presence_of(:address, :city)        }
+    it { validates_the_presence_of(:address, :post_code)   }
+    it { validates_the_presence_of(:address, :country)     }
+
+    it { does_not_require_the_presence_of(:address, :address_2) }
+    it { does_not_require_the_presence_of(:address, :state)     }
+    it { does_not_require_the_presence_of(:address, :phone)     }
+
+    it { validates_the_length_of(:address, :first_names, :max => 20)  }
+    it { validates_the_length_of(:address, :surname,     :max => 20)  }
+    it { validates_the_length_of(:address, :address_1,   :max => 100) }
+    it { validates_the_length_of(:address, :address_2,   :max => 100) }
+    it { validates_the_length_of(:address, :city,        :max => 40)  }
+    it { validates_the_length_of(:address, :post_code,   :max => 10)  }
+    it { validates_the_length_of(:address, :phone,       :max => 20)  }
+
+    it "validates the format of first names" do
+      validates_the_format_of :address, :first_names,
+        :valid => [
+          "Bob", "Graham & Sarah", "John-Angus", "Graeme R.", "O'Brien", "Gr/\\eme"
+        ],
+        :invalid => [
+          "mathie1979", "B()b", "mathie@woss.name"
+        ]
+    end
+
+    it "validates the format of surname" do
+      validates_the_format_of :address, :surname,
+        :valid => [
+          "Bob", "Graham & Sarah", "John-Angus", "Graeme R.", "O'Brien", "Gr/\\eme"
+        ],
+        :invalid => [
+          "mathie1979", "B()b", "mathie@woss.name"
+        ]
+    end
+
+    it "validates the format of address 1" do
+      validates_the_format_of :address, :address_1,
+      :valid => [
+        "123 Any Street, Suburb", "123 Any Street\nSuburb",
+        "123+ Al'Agrathia", "Attn: Bob & Sarah (not John-Angus)."
+      ],
+      :invalid => [
+        "!", "_", ";", "@"
+      ]
+    end
+
+    it "validates the format of address 2" do
+      validates_the_format_of :address, :address_2,
+      :valid => [
+        "123 Any Street, Suburb", "123 Any Street\nSuburb",
+        "123+ Al'Agrathia", "Attn: Bob & Sarah (not John-Angus)."
+      ],
+      :invalid => [
+        "!", "_", ";", "@"
+      ]
+    end
+
+    it "validates the format of city" do
+      validates_the_format_of :address, :city,
+      :valid => [
+        "123 Any Street, Suburb", "123 Any Street\nSuburb",
+        "123+ Al'Agrathia", "Attn: Bob & Sarah (not John-Angus)."
+      ],
+      :invalid => [
+        "!", "_", ";", "@"
+      ]
+    end
+
+    it "validates the format of post code" do
+      validates_the_format_of :address, :post_code,
+      :valid => [
+        "AB12 3CD", "EH21-7PB"
+      ],
+      :invalid => [
+        "AB&^3FG"
+      ]
+    end
+
+    it "validates the format of phone" do
+      validates_the_format_of :address, :phone,
+      :valid => [
+        "+44 (0)131 273 5271", "01312735271", "0131 CALL-FOR-HELP"
+      ],
+      :invalid => [
+        "2735271 ext.3444"
+      ]
+    end
+
+    it "should validate the state against a list of US states" do
+      address = address_factory(:state => "WY")
+      address.should be_valid
+      address = address_factory(:state => "AA")
+      address.should_not be_valid
+      address.errors.on(:state).should == "is not a US state"
+    end
+
+    it "should validate the country against a list of ISO 3166-1 country codes" do
+      address = address_factory(:country => "GB")
+      address.should be_valid
+      address = address_factory(:country => "AA")
+      address.should_not be_valid
+      address.errors.on(:country).should == "is not an ISO3166-1 country code"
+    end
+  end
+end

data/spec/sage_pay/server/signature_verification_details_spec.rb

@@ -0,0 +1,26 @@
+require 'spec_helper'
+
+include SagePay::Server
+describe SignatureVerificationDetails do
+  before(:each) do
+    transaction_registration          = mock("Transaction registration", :vendor_tx_code => "vendor transaction id", :vendor => "vendor")
+    transaction_registration_response = mock("Transaction registration response", :vps_tx_id => "sage pay transaction id", :security_key => "security key")
+    @sig_details = SignatureVerificationDetails.new(transaction_registration, transaction_registration_response)
+  end
+
+  it "should take the vendor_tx_code from the transaction registration" do
+    @sig_details.vendor_tx_code.should == "vendor transaction id"
+  end
+
+  it "should take the vendor from the transaction registration" do
+    @sig_details.vendor.should == "vendor"
+  end
+
+  it "should take the vps_tx_id from the transaction registration response" do
+    @sig_details.vps_tx_id.should == "sage pay transaction id"
+  end
+
+  it "should take the security_key from the transaction registration response" do
+    @sig_details.security_key.should == "security key"
+  end
+end

data/spec/sage_pay/server/transaction_code_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+include SagePay::Server
+
+describe TransactionCode do
+  it "should generate a transaction code" do
+    TransactionCode.random.should_not be_nil
+  end
+
+  it "should not deliver two the same in a row" do
+    first  = TransactionCode.random
+    second = TransactionCode.random
+    first.should_not == second
+  end
+end

data/spec/sage_pay/server/transaction_notification_response_spec.rb

@@ -0,0 +1,75 @@
+require 'spec_helper'
+
+include SagePay::Server
+
+describe TransactionNotificationResponse do
+  it "should work straight from the factory" do
+    lambda {
+      transaction_notification_response_factory.should be_valid
+    }.should_not raise_error
+  end
+
+  describe "validations" do
+    it { validates_the_presence_of(:transaction_notification_response, :status) }
+    it { validates_the_presence_of(:transaction_notification_response, :redirect_url) }
+
+    it "validates the presence of the status_detail field only if the status is something other than OK" do
+      transaction_notification_response = transaction_notification_response_factory(:status => :ok, :status_detail => nil)
+      transaction_notification_response.should be_valid
+
+      transaction_notification_response = transaction_notification_response_factory(:status => :invalid, :status_detail => "Invalid request!")
+      transaction_notification_response.should be_valid
+
+      transaction_notification_response = transaction_notification_response_factory(:status => :invalid, :status_detail => "")
+      transaction_notification_response.should_not be_valid
+      transaction_notification_response.errors.on(:status_detail).should include("can't be empty")
+    end
+
+    it { validates_the_length_of(:transaction_notification_response, :redirect_url,  :max => 255) }
+    it { validates_the_length_of(:transaction_notification_response, :status_detail, :max => 255) }
+
+    it "should allow the status to be one of :ok, :invalid or :error" do
+      transaction_notification_response = transaction_notification_response_factory(:status => :ok)
+      transaction_notification_response.should be_valid
+
+      transaction_notification_response = transaction_notification_response_factory(:status => :invalid)
+      transaction_notification_response.should be_valid
+
+      transaction_notification_response = transaction_notification_response_factory(:status => :error)
+      transaction_notification_response.should be_valid
+
+      transaction_notification_response = transaction_notification_response_factory(:status => :chickens)
+      transaction_notification_response.should_not be_valid
+      transaction_notification_response.errors.on(:status).should include("is not in the list")
+    end
+  end
+
+  describe "#response" do
+    it "should produce the expected response for an OK status" do
+      transaction_notification_response = transaction_notification_response_factory(
+        :status => :ok,
+        :redirect_url => "http://test.host/some/redirect",
+        :status_detail => nil
+      )
+      transaction_notification_response.response.should == <<-RESPONSE.chomp
+Status=OK
+RedirectURL=http://test.host/some/redirect
+      RESPONSE
+    end
+
+    it "should produce the expected response for an invalid status" do
+      transaction_notification_response = transaction_notification_response_factory(
+        :status => :invalid,
+        :redirect_url => "http://test.host/some/redirect",
+        :status_detail => "Totally didn't expect that notification, dude."
+      )
+      # FIXME: I'm asserting here that I don't have to URI-encode the body
+      # here. OK?
+      transaction_notification_response.response.should == <<-RESPONSE.chomp
+Status=INVALID
+RedirectURL=http://test.host/some/redirect
+StatusDetail=Totally didn't expect that notification, dude.
+      RESPONSE
+    end
+  end
+end

data/spec/sage_pay/server/transaction_notification_spec.rb

@@ -0,0 +1,142 @@
+require 'spec_helper'
+
+include SagePay::Server
+
+describe TransactionNotification do
+  it "should work straight from the factory" do
+    lambda {
+      transaction_notification_factory.should_not be_nil
+    }.should_not raise_error
+  end
+
+  describe ".from_params" do
+    context "with an OK status" do
+      before(:each) do
+        signature_verification_details = mock("Signature verification details",
+          :vps_tx_id      => "{728A5721-B45F-4570-937E-90A16B0A5000}",
+          :vendor_tx_code => "unique-tx-code",
+          :vendor         => "rubaidh",
+          :security_key   => "17F13DCBD8"
+        )
+
+        @params = {
+          "VPSProtocol"    => "2.23",
+          "TxType"         => "PAYMENT",
+          "Status"         => "OK",
+          "StatusDetail"   => "2000 : Card processed successfully.", # FIXME: Make this match reality
+          "TxAuthNo"       => "1234567890",
+          "AVSCV2"         => "ALL MATCH",
+          "AddressResult"  => "MATCHED",
+          "PostCodeResult" => "MATCHED",
+          "CV2Result"      => "MATCHED",
+          "GiftAid"        => "0",
+          "3DSecureStatus" => "OK",
+          "CAVV"           => "Something?",
+          "AddressStatus"  => "CONFIRMED",
+          "PayerStatus"    => "VERIFIED",
+          "CardType"       => "VISA",
+          "Last4Digits"    => "1234",
+          # FIXME: Calculated manually using the information above. Should
+          # really get one from a sample transaction...
+          "VPSSignature"   => "6AB7A7FFB5369AF953CD57A84D5C2979"
+        }
+
+        @notification = TransactionNotification.from_params(@params, signature_verification_details)
+      end
+
+      it "should successfully parse the params" do
+        lambda {
+          TransactionNotification.from_params(@params).should_not be_nil
+        }.should_not raise_error
+      end
+
+      it "should report the vps_protocol as '2.23'" do
+        @notification.vps_protocol.should == "2.23"
+      end
+
+      it "should report the status as :ok" do
+        @notification.status.should == :ok
+      end
+
+      it "should be ok" do
+        @notification.should be_ok
+      end
+
+      it "should report the status detail as the status detail message supplied" do
+        @notification.status_detail.should == "2000 : Card processed successfully."
+      end
+
+      it "should report the transaction authorisation number as a string (even if the spec says it's always an integer I'm betting leading zeros are important)" do
+        @notification.tx_auth_no.should == "1234567890"
+      end
+
+      it "should report the avs_cv2 as :all_match" do
+        @notification.avs_cv2.should == :all_match
+      end
+
+      it "should report the avs_cv2? as true" do
+        @notification.should be_avs_cv2_matched
+      end
+
+      it "should report the address result as :matched" do
+        @notification.address_result.should == :matched
+      end
+
+      it "should report the address as matched" do
+        @notification.should be_address_matched
+      end
+
+      it "should report the post code result as :matched" do
+        @notification.post_code_result.should == :matched
+      end
+
+      it "should report the post code as matched" do
+        @notification.should be_post_code_matched
+      end
+
+      it "should report the CV2 result as :matched" do
+        @notification.cv2_result.should == :matched
+      end
+
+      it "should report the cv2 as matched" do
+        @notification.should be_cv2_matched
+      end
+
+      it "should report gift aid as false" do
+        @notification.gift_aid.should be_false
+      end
+
+      it "should report the 3d secure status as :ok" do
+        @notification.threed_secure_status.should == :ok
+      end
+
+      it "should report the 3d secure status as ok" do
+        @notification.should be_threed_secure_status_ok
+      end
+
+      it "should report the value passed in for the CAVV result" do
+        @notification.cavv.should == "Something?"
+      end
+
+      it "should report the address status as confirmed" do
+        @notification.address_status.should == :confirmed
+      end
+
+      it "should report the payer status as verified" do
+        @notification.payer_status.should == :verified
+      end
+
+      it "should report the card type as visa" do
+        @notification.card_type.should == :visa
+      end
+
+      it "should report the last 4 digits as 1234" do
+        @notification.last_4_digits.should == "1234"
+      end
+
+      it "should report that the vps signature is valid" do
+        @notification.should be_valid_signature
+      end
+    end
+  end
+end