RubyGems - solidus_braintree - Versions diffs - 1.2.0 → 3.0.0 - Mend

solidus_braintree 1.2.0 → 3.0.0

Files changed (213) hide show

data/app/models/solidus_braintree/address.rb ADDED Viewed

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+module SolidusBraintree
+  class Address
+    delegate :address1,
+      :address2,
+      :city,
+      :country,
+      :phone,
+      :state,
+      :zipcode,
+      to: :spree_address
+    def self.split_name(name)
+      if defined?(Spree::Address::Name)
+        address_name = Spree::Address::Name.new(name)
+        [address_name.first_name, address_name.last_name]
+      else
+        name.strip.split(' ', 2)
+      end
+    end
+    def initialize(spree_address)
+      @spree_address = spree_address
+    end
+    def to_json(*_args)
+      address_hash = {
+        line1: address1,
+        line2: address2,
+        city: city,
+        postalCode: zipcode,
+        countryCode: country.iso,
+        phone: phone,
+        recipientName: "#{firstname} #{lastname}"
+      }
+      if ::Spree::Config.address_requires_state && country.states_required
+        address_hash[:state] = state.name
+      end
+      address_hash.to_json
+    end
+    def firstname
+      if SolidusSupport.combined_first_and_last_name_in_address?
+        self.class.split_name(spree_address.name).first
+      else
+        spree_address.firstname
+      end
+    end
+    def lastname
+      if SolidusSupport.combined_first_and_last_name_in_address?
+        self.class.split_name(spree_address.name).last
+      else
+        spree_address.lastname
+      end
+    end
+    private
+    attr_reader :spree_address
+  end
+end

data/app/models/solidus_braintree/avs_result.rb ADDED Viewed

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+require 'active_merchant/billing/avs_result'
+module SolidusBraintree
+  class AVSResult < ActiveMerchant::Billing::AVSResult
+    # Mapping took from ActiveMerchant::Billing::BraintreeBlueGateway
+    AVS_MAPPING = {
+      'M' => {
+        'M' => 'M',
+        'N' => 'A',
+        'U' => 'B',
+        'I' => 'B',
+        'A' => 'B'
+      },
+      'N' => {
+        'M' => 'Z',
+        'N' => 'C',
+        'U' => 'C',
+        'I' => 'C',
+        'A' => 'C'
+      },
+      'U' => {
+        'M' => 'P',
+        'N' => 'N',
+        'U' => 'I',
+        'I' => 'I',
+        'A' => 'I'
+      },
+      'I' => {
+        'M' => 'P',
+        'N' => 'C',
+        'U' => 'I',
+        'I' => 'I',
+        'A' => 'I'
+      },
+      'A' => {
+        'M' => 'P',
+        'N' => 'C',
+        'U' => 'I',
+        'I' => 'I',
+        'A' => 'I'
+      },
+      'B' => {
+        'B' => 'B'
+      },
+      nil => { nil => nil }
+    }.freeze
+    class << self
+      private :new
+      def build(transaction)
+        new(
+          code: avs_code_from(transaction),
+          street_match: transaction.avs_street_address_response_code,
+          postal_match: transaction.avs_postal_code_response_code
+        )
+      end
+      private
+      def avs_code_from(transaction)
+        transaction.avs_error_response_code ||
+          AVS_MAPPING[transaction.avs_street_address_response_code][transaction.avs_postal_code_response_code]
+      end
+    end
+  end
+end

data/app/models/solidus_braintree/configuration.rb ADDED Viewed

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+module SolidusBraintree
+  class Configuration < ::Spree::Base
+    PAYPAL_BUTTON_PREFERENCES = {
+      color: { availables: %w[gold blue silver white black], default: 'white' },
+      shape: { availables: %w[pill rect], default: 'rect' },
+      label: { availables: %w[checkout credit pay buynow paypal installment], default: 'checkout' },
+      tagline: { availables: %w[true false], default: 'false' },
+      layout: { availables: %w[horizontal vertical], default: 'horizontal' },
+      messaging: { availables: %w[true false], default: 'false' }
+    }.freeze
+    include ::Spree::Preferences::Persistable
+    belongs_to :store, class_name: 'Spree::Store', optional: false
+    # Preferences for Paypal button
+    PAYPAL_BUTTON_PREFERENCES.each do |name, desc|
+      preference_name = "paypal_button_#{name}".to_sym
+      attribute_name = "preferred_#{preference_name}".to_sym
+      preference preference_name, :string, default: desc[:default]
+      validates attribute_name, inclusion: desc[:availables]
+    end
+    preference :venmo_button_color, :preference_select, default: 'blue'
+    preference :venmo_button_width, :preference_select, default: '320'
+    def preferred_venmo_button_color_options
+      [["Blue", "blue"], ["White", "white"]]
+    end
+    def preferred_venmo_button_width_options
+      [["280", "280"], ["320", "320"], ["375", "375"]]
+    end
+  end
+end

data/app/models/solidus_braintree/customer.rb ADDED Viewed

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+module SolidusBraintree
+  class Customer < ApplicationRecord
+    belongs_to :user, class_name: ::Spree::UserClassHandle.new, optional: true
+    has_many :sources, class_name: "SolidusBraintree::Source", inverse_of: :customer, dependent: :destroy
+  end
+end

data/app/models/solidus_braintree/gateway.rb ADDED Viewed

@@ -0,0 +1,437 @@
+# frozen_string_literal: true
+require 'braintree'
+require 'solidus_braintree/request_protection'
+module SolidusBraintree
+  class Gateway < ::Spree::PaymentMethod
+    include RequestProtection
+    class TokenGenerationDisabledError < StandardError; end
+    # Error message from Braintree that gets returned by a non voidable transaction
+    NON_VOIDABLE_STATUS_ERROR_REGEXP = /can only be voided if status is authorized/.freeze
+    TOKEN_GENERATION_DISABLED_MESSAGE = 'Token generation is disabled. ' \
+                                        'To re-enable set the `token_generation_enabled` preference on the ' \
+                                        'gateway to `true`.'
+    ALLOWED_BRAINTREE_OPTIONS = [
+      :device_data,
+      :device_session_id,
+      :merchant_account_id,
+      :order_id
+    ].freeze
+    VOIDABLE_STATUSES = [
+      Braintree::Transaction::Status::SubmittedForSettlement,
+      Braintree::Transaction::Status::SettlementPending,
+      Braintree::Transaction::Status::Authorized
+    ].freeze
+    # This is useful in feature tests to avoid rate limited requests from
+    # Braintree
+    preference(:client_sdk_enabled, :boolean, default: true)
+    preference(:token_generation_enabled, :boolean, default: true)
+    # Preferences for configuration of Braintree credentials
+    preference(:environment, :string, default: 'sandbox')
+    preference(:merchant_id, :string, default: nil)
+    preference(:public_key,  :string, default: nil)
+    preference(:private_key, :string, default: nil)
+    preference(:http_open_timeout, :integer, default: 60)
+    preference(:http_read_timeout, :integer, default: 60)
+    preference(:merchant_currency_map, :hash, default: {})
+    preference(:paypal_payee_email_map, :hash, default: {})
+    # Which checkout flow to use (vault/checkout)
+    preference(:paypal_flow, :string, default: 'vault')
+    # A hash that gets passed to the `style` key when initializing the credit card fields.
+    # See https://developers.braintreepayments.com/guides/hosted-fields/styling/javascript/v3
+    preference(:credit_card_fields_style, :hash, default: {})
+    # A hash that gets its keys passed to the associated braintree field placeholder tag.
+    # Example: { number: "Enter card number", cvv: "Enter CVV", expirationDate: "mm/yy" }
+    preference(:placeholder_text, :hash, default: {})
+    # Wether to use the JS device data collector
+    preference(:use_data_collector, :boolean, default: true)
+    # Useful for testing purposes, as PayPal will show funding sources based on the buyer's country;
+    # usually retrieved by their  ip geolocation. I.e. Venmo will show for US buyers, but not European.
+    preference(:force_buyer_country, :string)
+    preference(:enable_venmo_funding, :boolean, default: false)
+    # When on mobile, paying with Venmo, the user may be returned to the same store tab
+    # depending on if their browser supports it, otherwise a new tab will be created
+    # However, returning to a new tab may break the payment checkout flow for some stores, for example,
+    # if they are single-page applications (SPA). Set this to false if this is the case
+    preference(:venmo_new_tab_support, :boolean, default: true)
+    def partial_name
+      "braintree"
+    end
+    alias_method :method_type, :partial_name
+    def payment_source_class
+      Source
+    end
+    def braintree
+      @braintree ||= Braintree::Gateway.new(gateway_options)
+    end
+    def gateway_options
+      {
+        environment: preferred_environment.to_sym,
+        merchant_id: preferred_merchant_id,
+        public_key: preferred_public_key,
+        private_key: preferred_private_key,
+        http_open_timeout: preferred_http_open_timeout,
+        http_read_timeout: preferred_http_read_timeout,
+        logger: logger
+      }
+    end
+    # Create a payment and submit it for settlement all at once.
+    #
+    # @api public
+    # @param money_cents [Number, String] amount to authorize
+    # @param source [Source] payment source
+    # @params gateway_options [Hash]
+    #   extra options to send along. e.g.: device data for fraud prevention
+    # @return [Response]
+    def purchase(money_cents, source, gateway_options)
+      protected_request do
+        result = braintree.transaction.sale(
+          amount: dollars(money_cents),
+          **transaction_options(source, gateway_options, submit_for_settlement: true)
+        )
+        Response.build(result)
+      end
+    end
+    # Authorize a payment to be captured later.
+    #
+    # @api public
+    # @param money_cents [Number, String] amount to authorize
+    # @param source [Source] payment source
+    # @params gateway_options [Hash]
+    #   extra options to send along. e.g.: device data for fraud prevention
+    # @return [Response]
+    def authorize(money_cents, source, gateway_options)
+      protected_request do
+        result = braintree.transaction.sale(
+          amount: dollars(money_cents),
+          **transaction_options(source, gateway_options)
+        )
+        Response.build(result)
+      end
+    end
+    # Collect funds from an authorized payment.
+    #
+    # @api public
+    # @param money_cents [Number, String]
+    #   amount to capture (partial settlements are supported by the gateway)
+    # @param response_code [String] the transaction id of the payment to capture
+    # @return [Response]
+    def capture(money_cents, response_code, _gateway_options)
+      protected_request do
+        result = braintree.transaction.submit_for_settlement(
+          response_code,
+          dollars(money_cents)
+        )
+        Response.build(result)
+      end
+    end
+    # Used to refeund a customer for an already settled transaction.
+    #
+    # @api public
+    # @param money_cents [Number, String] amount to refund
+    # @param response_code [String] the transaction id of the payment to refund
+    # @return [Response]
+    def credit(money_cents, _source, response_code, _gateway_options)
+      protected_request do
+        result = braintree.transaction.refund(
+          response_code,
+          dollars(money_cents)
+        )
+        Response.build(result)
+      end
+    end
+    # Used to cancel a transaction before it is settled.
+    #
+    # @api public
+    # @param response_code [String] the transaction id of the payment to void
+    # @return [Response]
+    def void(response_code, _source, _gateway_options)
+      protected_request do
+        result = braintree.transaction.void(response_code)
+        Response.build(result)
+      end
+    end
+    # Will either refund or void the payment depending on its state.
+    #
+    # If the transaction has not yet been settled, we can void the transaction.
+    # Otherwise, we need to issue a refund.
+    #
+    # @api public
+    # @param response_code [String] the transaction id of the payment to void
+    # @return [Response]
+    def cancel(response_code)
+      transaction = protected_request do
+        braintree.transaction.find(response_code)
+      end
+      if VOIDABLE_STATUSES.include?(transaction.status)
+        void(response_code, nil, {})
+      else
+        credit(cents(transaction.amount), nil, response_code, {})
+      end
+    end
+    # Will void the payment depending on its state or return false
+    #
+    # Used by Solidus >= 2.4 instead of +cancel+
+    #
+    # If the transaction has not yet been settled, we can void the transaction.
+    # Otherwise, we return false so Solidus creates a refund instead.
+    #
+    # @api public
+    # @param payment [Spree::Payment] the payment to void
+    # @return [Response|FalseClass]
+    def try_void(payment)
+      transaction = braintree.transaction.find(payment.response_code)
+      if transaction.status.in? SolidusBraintree::Gateway::VOIDABLE_STATUSES
+        # Sometimes Braintree returns a voidable status although it is not voidable anymore.
+        # When we try to void that transaction we receive an error and need to return false
+        # so Solidus can create a refund instead.
+        begin
+          void(payment.response_code, nil, {})
+        rescue ActiveMerchant::ConnectionError => e
+          e.message.match(NON_VOIDABLE_STATUS_ERROR_REGEXP) ? false : raise(e)
+        end
+      else
+        false
+      end
+    end
+    # Creates a new customer profile in Braintree
+    #
+    # @api public
+    # @param payment [Spree::Payment]
+    # @return [SolidusBraintree::Customer]
+    def create_profile(payment)
+      source = payment.source
+      return if source.token.present? || source.customer.present? || source.nonce.nil?
+      result = braintree.customer.create(customer_profile_params(payment))
+      fail ::Spree::Core::GatewayError, result.message unless result.success?
+      customer = result.customer
+      source.create_customer!(braintree_customer_id: customer.id).tap do
+        if customer.payment_methods.any?
+          source.token = customer.payment_methods.last.token
+        end
+        source.save!
+      end
+    end
+    # @raise [TokenGenerationDisabledError]
+    #   If `preferred_token_generation_enabled` is false
+    #
+    # @return [String]
+    #   The token that should be used along with the Braintree js-client sdk.
+    #
+    # @example
+    #   <script>
+    #     var token = #{Spree::Braintree::Gateway.first!.generate_token}
+    #
+    #     braintree.client.create(
+    #       {
+    #         authorization: token
+    #       },
+    #       function(clientError, clientInstance) {
+    #         ...
+    #       }
+    #     );
+    #   </script>
+    def generate_token
+      unless preferred_token_generation_enabled
+        raise TokenGenerationDisabledError, TOKEN_GENERATION_DISABLED_MESSAGE
+      end
+      braintree.client_token.generate
+    end
+    def payment_profiles_supported?
+      true
+    end
+    def sources_by_order(order)
+      source_ids = order.payments.where(payment_method_id: id).pluck(:source_id).uniq
+      payment_source_class.where(id: source_ids).with_payment_profile
+    end
+    def reusable_sources(order)
+      if order.completed?
+        sources_by_order(order)
+      elsif order.user_id
+        payment_source_class.where(
+          payment_method_id: id,
+          user_id: order.user_id
+        ).with_payment_profile
+      else
+        []
+      end
+    end
+    private
+    # Whether to store this payment method in the PayPal Vault. This only works when the checkout
+    # flow is "vault", so make sure to call +super+ if you override it.
+    def store_in_vault
+      preferred_paypal_flow == 'vault'
+    end
+    def logger
+      Braintree::Configuration.logger.clone.tap do |logger|
+        logger.level = Rails.logger.level
+      end
+    end
+    def dollars(cents)
+      Money.new(cents).dollars
+    end
+    def cents(dollars)
+      dollars.to_money.cents
+    end
+    def to_hash(preference_string)
+      JSON.parse(preference_string.gsub("=>", ":"))
+    end
+    def convert_preference_value(value, type, preference_encryptor = nil)
+      if type == :hash && value.is_a?(String)
+        value = to_hash(value)
+      end
+      if method(__method__).super_method.arity == 3
+        super
+      else
+        super(value, type)
+      end
+    end
+    def transaction_options(source, options, submit_for_settlement: false)
+      params = options.select do |key, _|
+        ALLOWED_BRAINTREE_OPTIONS.include?(key)
+      end
+      params[:channel] = "Solidus"
+      params[:options] = { store_in_vault_on_success: store_in_vault }
+      if submit_for_settlement
+        params[:options][:submit_for_settlement] = true
+      end
+      if paypal_email = paypal_payee_email_for(source, options)
+        params[:options][:paypal] = { payee_email: paypal_email }
+      end
+      if source.venmo? && venmo_business_profile_id
+        params[:options][:venmo] = { profile_id: venmo_business_profile_id }
+      end
+      if merchant_account_id = merchant_account_for(source, options)
+        params[:merchant_account_id] = merchant_account_id
+      end
+      if source.token
+        params[:payment_method_token] = source.token
+      else
+        params[:payment_method_nonce] = source.nonce
+      end
+      if source&.device_data
+        params[:device_data] = source.device_data
+      end
+      if source.paypal?
+        params[:shipping] = braintree_shipping_address(options)
+      end
+      if source.credit_card?
+        params[:billing] = braintree_billing_address(options)
+      end
+      if source.customer.present?
+        params[:customer_id] = source.customer.braintree_customer_id
+      end
+      params
+    end
+    def braintree_shipping_address(options)
+      braintree_address_attributes(options[:shipping_address])
+    end
+    def braintree_billing_address(options)
+      braintree_address_attributes(options[:billing_address])
+    end
+    def braintree_address_attributes(address)
+      first, last = address[:name].split(" ", 2)
+      {
+        first_name: first,
+        last_name: last,
+        street_address: [address[:address1], address[:address2]].compact.join(" "),
+        locality: address[:city],
+        postal_code: address[:zip],
+        region: address[:state],
+        country_code_alpha2: address[:country]
+      }
+    end
+    def merchant_account_for(_source, options)
+      return unless options[:currency]
+      preferred_merchant_currency_map[options[:currency]]
+    end
+    def paypal_payee_email_for(source, options)
+      return unless source.paypal?
+      preferred_paypal_payee_email_map[options[:currency]]
+    end
+    def customer_profile_params(payment)
+      params = {}
+      params[:email] = payment&.order&.email
+      if store_in_vault && payment.source.try(:nonce)
+        params[:payment_method_nonce] = payment.source.nonce
+      end
+      params
+    end
+    # override with the Venmo business profile that you want to use for transactions,
+    # or leave it to be nil if want Braintree to use your default account
+    def venmo_business_profile_id
+      nil
+    end
+  end
+end

data/app/models/solidus_braintree/response.rb ADDED Viewed

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+require 'active_merchant/billing/response'
+require_relative 'avs_result'
+# Response object that all actions on the gateway should return
+module SolidusBraintree
+  class Response < ActiveMerchant::Billing::Response
+    # def initialize(success, message, params = {}, options = {})
+    class << self
+      private :new
+      # @param result [Braintree::SuccessfulResult, Braintree::ErrorResult]
+      def build(result)
+        result.success? ? build_success(result) : build_failure(result)
+      end
+      private
+      def build_success(result)
+        transaction = result.transaction
+        new(true, transaction.status, {}, response_options(transaction))
+      end
+      def build_failure(result)
+        transaction = result.transaction
+        options = response_options(transaction).update(
+          # For error responses we want to have the CVV code
+          cvv_result: transaction&.cvv_response_code
+        )
+        new(false, error_message(result), result.params.deep_stringify_keys, options)
+      end
+      def response_options(transaction)
+        # Some error responses do not have a transaction
+        return {} if transaction.nil?
+        {
+          authorization: transaction.id,
+          avs_result: SolidusBraintree::AVSResult.build(transaction),
+          # As we do not provide the CVV while submitting the transaction (for PCI compliance reasons),
+          # we need to ignore the only response we get back (I = not provided).
+          # Otherwise Solidus thinks this payment is risky.
+          cvv_result: nil
+        }
+      end
+      def error_message(result)
+        if result.errors.any?
+          result.errors.map { |e| "#{e.message} (#{e.code})" }.join(" ")
+        else
+          transaction_error_message(result.transaction)
+        end
+      end
+      # Human readable error message for transaction responses
+      def transaction_error_message(transaction)
+        case transaction.status
+        when 'gateway_rejected'
+          I18n.t(transaction.gateway_rejection_reason,
+            scope: 'solidus_braintree.gateway_rejection_reasons',
+            default: "#{transaction.status.humanize} #{transaction.gateway_rejection_reason.humanize}")
+        when 'processor_declined'
+          I18n.t(transaction.processor_response_code,
+            scope: 'solidus_braintree.processor_response_codes',
+            default: "#{transaction.processor_response_text} (#{transaction.processor_response_code})")
+        when 'settlement_declined'
+          I18n.t(transaction.processor_settlement_response_code,
+            scope: 'solidus_braintree.processor_settlement_response_codes',
+            default: "#{transaction.processor_settlement_response_text} (#{transaction.processor_settlement_response_code})") # rubocop:disable Layout/LineLength
+        else
+          I18n.t(transaction.status,
+            scope: 'solidus_braintree.transaction_statuses',
+            default: transaction.status.humanize)
+        end
+      end
+    end
+  end
+end