secure_trading 1.0.0

data/lib/secure_trading.rb

@@ -0,0 +1,32 @@
+require 'rubygems'
+require 'uri'
+require 'net/https'
+require 'xmlsimple'
+require 'iconv'
+require 'fileutils'
+
+SECURETRADING_API_VERSION = '3.51'
+
+require "secure_trading/util"
+require "secure_trading/connection"
+require "secure_trading/xpay_client"
+require "secure_trading/request"
+require "secure_trading/response"
+require "secure_trading/data_object"
+
+require 'secure_trading/requests/authorisation'
+require 'secure_trading/requests/authorisation_with_tds'
+require 'secure_trading/requests/continuous_authorisation'
+require 'secure_trading/requests/authorisation_reversal'
+require 'secure_trading/requests/transaction_query'
+require 'secure_trading/requests/settlement'
+
+require 'secure_trading/objects/customer'
+require 'secure_trading/objects/order'
+require 'secure_trading/objects/payment_card'
+require 'secure_trading/objects/tds_response'
+require 'secure_trading/objects/transaction'
+require 'secure_trading/objects/user_agent'
+
+module SecureTrading
+end

data/lib/secure_trading/connection.rb

@@ -0,0 +1,29 @@
+module SecureTrading
+  class Connection
+    
+    class CertificateFileNotFound < RuntimeError; end
+    
+    attr_reader :xpay_client, :site_reference, :certificate_path
+    
+    def initialize(xpay_client, site_reference, certificate_path, options = {})
+      @xpay_client          = xpay_client
+      @site_reference       = site_reference
+      @certificate_path     = certificate_path
+      @options              = options
+      @options[:request_cache_path] ||= File.join('', 'tmp', 'securetrading', 'requests')
+    end
+    
+    def certificate
+      if File.exist?(self.certificate_path)
+        File.read(self.certificate_path)
+      else
+        raise CertificateFileNotFound, "Certificate file was not located at #{self.certificate_path}"
+      end
+    end
+    
+    def options
+      @options
+    end
+    
+  end
+end

data/lib/secure_trading/data_object.rb

@@ -0,0 +1,15 @@
+module SecureTrading
+  class DataObject
+    
+    def initialize(attributes = {})
+      attributes.each do |key,value|
+        self.send("#{key}=", value) if self.respond_to?(key)
+      end
+    end
+    
+    def to_xml(options = {})      
+      Util.to_xml(self.to_hash, options) if self.respond_to?(:to_hash)
+    end
+    
+  end
+end

data/lib/secure_trading/objects/customer.rb

@@ -0,0 +1,33 @@
+module SecureTrading
+  module Objects
+    class Customer < DataObject
+    
+      attr_accessor :title, :first_name, :last_name, :company, :address, :phone_number, :email_address
+    
+      def to_hash
+        {
+          'Postal' => {
+                        'Name' => { 'NamePrefix' => sanitize(self.title), 'FirstName' => sanitize(self.first_name), 'LastName' => sanitize(self.last_name) },
+                        'Company' => sanitize(self.company),
+                        'Street' => sanitize(self.address.street),
+                        'City' => sanitize(self.address.city),
+                        'StateProv' => sanitize(self.address.state),
+                        'PostalCode' => sanitize(self.address.postal_code),
+                        'CountryCode' => sanitize(self.address.country)
+                      },
+          'Telecom' => {'Phone' => sanitize(self.phone_number)},
+          'Online' => {'Email' => sanitize(self.email_address)}
+        }
+      end
+      
+      def sanitize(value)
+        Iconv.iconv('ascii//translit//IGNORE', 'utf-8//IGNORE', value).join
+      end
+    
+      class Address < DataObject      
+        attr_accessor :street, :city, :state, :postal_code, :country
+      end
+    
+    end
+  end
+end

data/lib/secure_trading/objects/order.rb

@@ -0,0 +1,17 @@
+module SecureTrading
+  module Objects
+    class Order < DataObject
+    
+      attr_accessor :reference, :details
+    
+      def to_hash
+        {
+          'OrderReference' => self.reference,
+          'OrderInformation' => self.details
+        }
+      end
+    
+    
+    end
+  end
+end

data/lib/secure_trading/objects/payment_card.rb

@@ -0,0 +1,21 @@
+module SecureTrading
+  module Objects
+    class PaymentCard < DataObject
+                
+      attr_accessor :type, :number, :issue, :start_date, :expiry_date, :security_code, :reference
+    
+      def to_hash
+        { 
+          'Type' => self.type,
+          'Number' => self.number,
+          'Issue' => self.issue,
+          'StartDate' => self.start_date,
+          'ExpiryDate' => self.expiry_date,
+          'SecurityCode' => self.security_code,
+          'ParentTransactionReference' => self.reference
+        }
+      end
+            
+    end
+  end
+end

data/lib/secure_trading/objects/tds_response.rb

@@ -0,0 +1,17 @@
+module SecureTrading
+  module Objects
+    class TDSResponse < DataObject
+      
+      attr_accessor :md, :pa_res, :enrolled
+      
+      def to_hash
+        {
+          'Enrolled' => self.enrolled,
+          'PaRes' => self.pa_res,
+          'MD' => self.md
+        }
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/objects/transaction.rb

@@ -0,0 +1,16 @@
+module SecureTrading
+  module Objects
+    class Transaction < DataObject
+      
+      attr_accessor :verifier, :reference
+      
+      def to_hash
+        {
+          'TransactionVerifier' => self.verifier,
+          'ParentTransactionReference' => self.reference
+        }
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/objects/user_agent.rb

@@ -0,0 +1,9 @@
+module SecureTrading
+  module Objects
+    class UserAgent < DataObject
+      
+      attr_accessor :user_agent, :accept_header
+            
+    end
+  end
+end

data/lib/secure_trading/request.rb

@@ -0,0 +1,83 @@
+module SecureTrading
+  class Request
+    
+    class ConnectionTimeout < RuntimeError; end
+    class ConnectionFailed < RuntimeError; end
+    class PrematureXpayQuery < RuntimeError; end
+    
+    attr_accessor :connection
+    attr_reader :response
+    
+    def initialize(connection)
+      @connection = connection
+    end
+    
+    ## Send the XML request, using the provided connection. 
+    def process
+      post_to_xpay!
+      self.response.success?
+    end
+        
+    ## Returns the error message provided from Xpay
+    def error_message
+      @error_message
+    end
+    
+    ## Return the full XML request for this request. The full output from this method should be sent to the secure trading
+    ## Xpay API.
+    def xml_request
+      attributes = {}
+      attributes['RequestBlock'] = {'Version' => SECURETRADING_API_VERSION}
+      attributes['Request'] = {'Type' => self.request_type}
+      @xml_request ||= Util.to_xml({'Request' => self.to_hash, 'Certificate' => self.connection.certificate}, :root => 'RequestBlock', :attributes => attributes)
+    end
+    
+    ## Return a sanitized version of the xml request for storing in a data store. Sensitive card numbers and security codes will be
+    ## replaced with asterisks and the certificate will be removed.
+    def sanitized_xml_request
+      xml = xml_request.dup
+      %w{ Number SecurityCode }.each do |field|
+        xml.gsub!(/\<#{field}\>(.+)\<\/#{field}\>/) { "<#{field}>" + ('*' * $1.size) + "</#{field}>" }
+      end
+      xml.gsub!(/\<Certificate\>(.*)\<\/Certificate\>/m, '<Certificate>{FILTERED}</Certificate>')
+      xml
+    end
+    
+    private
+    
+    ## Post the XML request to the Xpay client and set the full response to @raw_xpay_response. Any connection errors
+    ## will raise exceptions. All requests timeout after 1 minute (don't want anything silly going on really)
+    def post_to_xpay!
+      begin
+        Timeout::timeout(60) do
+          Net::HTTP.start(self.connection.xpay_client.host, self.connection.xpay_client.port) do |http|
+            response = http.post('/', "xml=#{self.xml_request}")
+            @response = Response.new(response.body)
+            save_xml_request
+          end
+        end
+      rescue Timeout::Error
+        raise ConnectionTimeout, "Connection to Xpay at #{self.connection.xpay_client} failed."
+      end
+    end
+    
+    ## Cache the sanitized XML request in the file system in case secure trading support want help figuring
+    ## stuff out for themselves
+    def save_xml_request
+      ## Make the directory for the requests
+      FileUtils.mkdir_p(@connection.options[:request_cache_path])
+      ## Where to save the request?
+      if @response.transaction.reference
+        request_file = File.join(@connection.options[:request_cache_path], @response.transaction.reference.to_s)
+        ## Write the XML output...
+        output = ["## Logged Output for Transaction #{@response.transaction.reference} on #{Time.now}"]
+        output << "## Request sent"
+        output << self.sanitized_xml_request
+        output << "## Response received"
+        output << @response.raw_response
+        File.open(request_file, 'w') { |f| f.write(output.join("\n\n"))}
+      end
+    end
+    
+  end
+end

data/lib/secure_trading/requests/authorisation.rb

@@ -0,0 +1,22 @@
+module SecureTrading
+  module Requests
+    class Authorisation < Request
+          
+      attr_accessor :amount, :currency, :settlement_day, :customer, :payment_method, :order
+      
+      def request_type
+        'AUTH'
+      end
+      
+      def to_hash
+        {
+          'Operation' => {'SiteReference' => self.connection.site_reference, 'Amount' => self.amount, 'Currency' => self.currency || 'GBP', 'SettlementDay' => self.settlement_day || 1 },
+          'CustomerInfo' => customer,
+          'PaymentMethod' => {'CreditCard' => payment_method },
+          'Order' => order
+        }
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/requests/authorisation_reversal.rb

@@ -0,0 +1,20 @@
+module SecureTrading
+  module Requests
+    class AuthorisationReversal < Request
+      
+      attr_accessor :transaction
+      
+      def request_type
+        "AUTHREVERSAL"
+      end
+      
+      def to_hash
+        {
+          'Operation' => {'SiteReference' => self.connection.site_reference},
+          'PaymentMethod' => {'CreditCard' => self.transaction}
+        }
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/requests/authorisation_with_tds.rb

@@ -0,0 +1,19 @@
+module SecureTrading
+  module Requests
+    class AuthorisationWithTDS < Authorisation
+        
+      attr_accessor :tds_response
+      
+      def request_type
+        'ST3DAUTH'
+      end
+      
+      def to_hash
+        hash = super()
+        hash['PaymentMethod']['ThreeDSecure'] = self.tds_response
+        hash
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/requests/continuous_authorisation.rb

@@ -0,0 +1,19 @@
+module SecureTrading
+  module Requests
+    class ContinuousAuthorisation < Authorisation
+        
+      
+      def request_type
+        'CONTINUOUSAUTH'
+      end
+      
+      def to_hash
+        h = super
+        h['Operation'].delete('Amount') if self.amount.nil?
+        h['Operation'].delete('Currency') if self.currency.nil?
+        h
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/requests/refund.rb

@@ -0,0 +1,20 @@
+module SecureTrading
+  module Requests
+    class Refund < Request
+          
+      attr_accessor :amount, :transaction
+      
+      def request_type
+        'REFUND'
+      end
+      
+      def to_hash
+        {
+          'Operation' => {'SiteReference' => self.connection.site_reference, 'Amount' => self.amount},
+          'PaymentMethod' => {'CreditCard' => transaction },
+        }
+      end
+
+    end
+  end
+end

data/lib/secure_trading/requests/settlement.rb

@@ -0,0 +1,25 @@
+module SecureTrading
+  module Requests
+    class Settlement < Request
+          
+      attr_accessor :amount, :transaction_reference, :date, :status
+      
+      def request_type
+        'SETTLEMENT'
+      end
+      
+      def to_hash
+        {
+          'Operation' => {
+            'SiteReference' => self.connection.site_reference, 
+            'TransactionReference' => self.transaction_reference,
+            'SettleDate' => self.date || 'NEXT',
+            'SettleStatus' => self.status.to_i,
+            'SettleAmount' => self.amount
+          },
+        }
+      end
+
+    end
+  end
+end

data/lib/secure_trading/requests/tds_query.rb

@@ -0,0 +1,47 @@
+module SecureTrading
+  module Requests
+    class TDSQuery < Request
+      
+      attr_accessor :amount, :currency, :user_agent, :payment_method, :order, :merchant_name, :term_url
+    
+      def request_type
+        'ST3DCARDQUERY'
+      end
+      
+      def to_hash
+        {
+          'Operation' => {
+                            'SiteReference' => self.connection.site_reference, 
+                            'Amount' => self.amount, 
+                            'Currency' => self.currency || 'GBP', 
+                            'TermUrl' => self.term_url,
+                            'MerchantName' => self.merchant_name
+                          },
+          'CustomerInfo' => self.user_agent,
+          'PaymentMethod' => {'CreditCard' => self.payment_method },
+          'Order' => self.order
+        }
+      end
+      
+      def invalid_details?
+        ## This can actually mean quite a few other things but for now we're assuming the card details are invalid
+        ## as this is the most likely cause for result 0
+        self.response.result == 0
+      end
+      
+      ## Should we perform a 3d auth for this card?
+      def request_3d_auth?
+        return false if self.response.result == 2
+        self.response.result == 1 && ['Y', 'N', 'U'].include?(self.response.operation_response['Enrolled'])
+      end
+      
+      def is_enrolled?
+        self.response.operation_response['Enrolled'].upcase == 'Y'
+      end
+      
+      def enrollment_status
+        self.response.operation_response['Enrolled']
+      end            
+    end
+  end
+end

data/lib/secure_trading/requests/transaction_query.rb

@@ -0,0 +1,19 @@
+module SecureTrading
+  module Requests
+    class TransactionQuery < Request
+          
+      attr_accessor :reference
+      
+      def request_type
+        'TRANSACTIONQUERY'
+      end
+      
+      def to_hash
+        {
+          'Operation' => {'SiteReference' => self.connection.site_reference, 'TransactionReference' => self.reference}
+        }
+      end
+      
+    end
+  end
+end

data/lib/secure_trading/response.rb

@@ -0,0 +1,51 @@
+module SecureTrading
+  class Response
+    
+    attr_reader :response
+    
+    def initialize(response)
+      @response = response
+    end
+    
+    def xml
+      @xml ||= XmlSimple.xml_in(@response)
+    end
+    
+    def type
+      self.xml['Response'].first['Type']
+    end
+    
+    def live?
+      self.xml["Live"] == "TRUE"
+    end
+    
+    def message
+      self.operation_response['Message']
+    end
+    
+    def operation_response
+      Util.stringify_values(self.xml["Response"].first["OperationResponse"].first)
+    end
+    
+    def threed3secure_response
+      Util.stringify_values(self.xml["Response"].first["ThreeDSecure"].first)
+    end
+    
+    def result
+      operation_response['Result'].to_i
+    end
+    
+    def success?
+      result == 1
+    end
+    
+    def transaction
+      Objects::Transaction.new(:verifier => self.operation_response['TransactionVerifier'], :reference => self.operation_response['TransactionReference'])
+    end
+    
+    def raw_response
+      @response
+    end
+    
+  end
+end

data/lib/secure_trading/util.rb

@@ -0,0 +1,44 @@
+require 'builder'
+module SecureTrading
+  class Util
+    class << self
+      def stringify_values(hash)
+        hash.inject({}) do |options, (key,value)|
+          if value.is_a?(Array)
+            options[key] = value.first
+          else
+            options[key] = value
+          end
+          options
+        end
+      end
+  
+      def to_xml(hash, options = {})
+        options[:indent] ||= 2
+        options = {:builder => Builder::XmlMarkup.new(:indent => options[:indent])}.merge(options)
+    
+        attributes      = options[:attributes] ||= {}
+        root_attributes = attributes[options[:root].to_s] || {}
+        options[:builder].__send__(:method_missing, options[:root].to_s, root_attributes) do
+          hash.each do |key, value|
+            case value
+            when ::Hash
+              to_xml(value, options.merge({ :root => key, :skip_instruct => true }))
+            else
+              if value.respond_to?(:to_hash)
+                value = value.to_hash
+              end
+              if value.is_a?(Hash)
+                Util.to_xml(value, options.merge({ :root => key, :skip_instruct => true }))
+              else
+                options[:builder].tag!(key.to_s, value)
+              end
+            end
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/secure_trading/xpay_client.rb

@@ -0,0 +1,15 @@
+module SecureTrading
+  class XpayClient
+    
+    attr_reader :host, :port
+    
+    def initialize(host, port = 5000)
+      @host, @port = host, port
+    end
+    
+    def to_s
+      "<XPayClient::#{host}:#{port}>"
+    end
+    
+  end
+end

metadata

@@ -0,0 +1,65 @@
+--- !ruby/object:Gem::Specification
+name: secure_trading
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease: 
+platform: ruby
+authors:
+- aTech Media
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-05-03 00:00:00.000000000Z
+dependencies: []
+description: 
+email: adam@atechmedia.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/secure_trading/connection.rb
+- lib/secure_trading/data_object.rb
+- lib/secure_trading/objects/customer.rb
+- lib/secure_trading/objects/order.rb
+- lib/secure_trading/objects/payment_card.rb
+- lib/secure_trading/objects/tds_response.rb
+- lib/secure_trading/objects/transaction.rb
+- lib/secure_trading/objects/user_agent.rb
+- lib/secure_trading/request.rb
+- lib/secure_trading/requests/authorisation.rb
+- lib/secure_trading/requests/authorisation_reversal.rb
+- lib/secure_trading/requests/authorisation_with_tds.rb
+- lib/secure_trading/requests/continuous_authorisation.rb
+- lib/secure_trading/requests/refund.rb
+- lib/secure_trading/requests/settlement.rb
+- lib/secure_trading/requests/tds_query.rb
+- lib/secure_trading/requests/transaction_query.rb
+- lib/secure_trading/response.rb
+- lib/secure_trading/util.rb
+- lib/secure_trading/xpay_client.rb
+- lib/secure_trading.rb
+homepage: http://www.atechmedia.com
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Secure Trading Ruby Library
+test_files: []