RubyGems - solidus_paypal_braintree - Versions diffs - 0.2.0 → 1.1.0 - Mend

solidus_paypal_braintree 0.2.0 → 1.1.0

Files changed (168) hide show

data/app/models/solidus_paypal_braintree/avs_result.rb ADDED Viewed

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+require 'active_merchant/billing/avs_result'
+module SolidusPaypalBraintree
+  class AVSResult < ActiveMerchant::Billing::AVSResult
+    # Mapping took from ActiveMerchant::Billing::BraintreeBlueGateway
+    AVS_MAPPING = {
+      'M' => {
+        'M' => 'M',
+        'N' => 'A',
+        'U' => 'B',
+        'I' => 'B',
+        'A' => 'B'
+      },
+      'N' => {
+        'M' => 'Z',
+        'N' => 'C',
+        'U' => 'C',
+        'I' => 'C',
+        'A' => 'C'
+      },
+      'U' => {
+        'M' => 'P',
+        'N' => 'N',
+        'U' => 'I',
+        'I' => 'I',
+        'A' => 'I'
+      },
+      'I' => {
+        'M' => 'P',
+        'N' => 'C',
+        'U' => 'I',
+        'I' => 'I',
+        'A' => 'I'
+      },
+      'A' => {
+        'M' => 'P',
+        'N' => 'C',
+        'U' => 'I',
+        'I' => 'I',
+        'A' => 'I'
+      },
+      'B' => {
+        'B' => 'B'
+      },
+      nil => { nil => nil }
+    }.freeze
+    class << self
+      private :new
+      def build(transaction)
+        new(
+          code: avs_code_from(transaction),
+          street_match: transaction.avs_street_address_response_code,
+          postal_match: transaction.avs_postal_code_response_code
+        )
+      end
+      private
+      def avs_code_from(transaction)
+        transaction.avs_error_response_code ||
+          AVS_MAPPING[transaction.avs_street_address_response_code][transaction.avs_postal_code_response_code]
+      end
+    end
+  end
+end

data/app/models/solidus_paypal_braintree/configuration.rb CHANGED Viewed

@@ -1,5 +1,41 @@
-class SolidusPaypalBraintree::Configuration < ApplicationRecord
-  belongs_to :store, class_name: 'Spree::Store'
+# frozen_string_literal: true
-  validates :store, presence: true
+module SolidusPaypalBraintree
+  class Configuration < ::Spree::Base
+    PAYPAL_BUTTON_PREFERENCES = {
+      color: { availables: %w[gold blue silver white black], default: 'white' },
+      shape: { availables: %w[pill rect], default: 'rect' },
+      label: { availables: %w[checkout credit pay buynow paypal installment], default: 'checkout' },
+      tagline: { availables: %w[true false], default: 'false' },
+      layout: { availables: %w[horizontal vertical], default: 'horizontal' },
+      messaging: { availables: %w[true false], default: 'false' }
+    }.freeze
+    unless respond_to?(:preference)
+      include ::Spree::Preferences::Persistable
+    end
+    belongs_to :store, class_name: 'Spree::Store', optional: false
+    # Preferences for Paypal button
+    PAYPAL_BUTTON_PREFERENCES.each do |name, desc|
+      preference_name = "paypal_button_#{name}".to_sym
+      attribute_name = "preferred_#{preference_name}".to_sym
+      preference preference_name, :string, default: desc[:default]
+      validates attribute_name, inclusion: desc[:availables]
+    end
+    preference :venmo_button_color, :preference_select, default: 'blue'
+    preference :venmo_button_width, :preference_select, default: '320'
+    def preferred_venmo_button_color_options
+      [["Blue", "blue"], ["White", "white"]]
+    end
+    def preferred_venmo_button_width_options
+      [["280", "280"], ["320", "320"], ["375", "375"]]
+    end
+  end
 end

data/app/models/solidus_paypal_braintree/customer.rb CHANGED Viewed

@@ -1,4 +1,8 @@
-class SolidusPaypalBraintree::Customer < ApplicationRecord
-  belongs_to :user, class_name: Spree::UserClassHandle.new
-  has_many :sources, class_name: "SolidusPaypalBraintree::Source", inverse_of: :customer
+# frozen_string_literal: true
+module SolidusPaypalBraintree
+  class Customer < ApplicationRecord
+    belongs_to :user, class_name: ::Spree::UserClassHandle.new, optional: true
+    has_many :sources, class_name: "SolidusPaypalBraintree::Source", inverse_of: :customer, dependent: :destroy
+  end
 end

data/app/models/solidus_paypal_braintree/gateway.rb CHANGED Viewed

@@ -1,20 +1,30 @@
+# frozen_string_literal: true
 require 'braintree'
 module SolidusPaypalBraintree
   class Gateway < ::Spree::PaymentMethod
+    include RequestProtection
+    class TokenGenerationDisabledError < StandardError; end
+    # Error message from Braintree that gets returned by a non voidable transaction
+    NON_VOIDABLE_STATUS_ERROR_REGEXP = /can only be voided if status is authorized/.freeze
     TOKEN_GENERATION_DISABLED_MESSAGE = 'Token generation is disabled.' \
-      ' To re-enable set the `token_generation_enabled` preference on the' \
-      ' gateway to `true`.'.freeze
+                                        ' To re-enable set the `token_generation_enabled` preference on the' \
+                                        ' gateway to `true`.'
     ALLOWED_BRAINTREE_OPTIONS = [
       :device_data,
       :device_session_id,
       :merchant_account_id,
       :order_id
-    ]
+    ].freeze
     VOIDABLE_STATUSES = [
       Braintree::Transaction::Status::SubmittedForSettlement,
+      Braintree::Transaction::Status::SettlementPending,
       Braintree::Transaction::Status::Authorized
     ].freeze
@@ -29,9 +39,37 @@ module SolidusPaypalBraintree
     preference(:merchant_id, :string, default: nil)
     preference(:public_key,  :string, default: nil)
     preference(:private_key, :string, default: nil)
+    preference(:http_open_timeout, :integer, default: 60)
+    preference(:http_read_timeout, :integer, default: 60)
     preference(:merchant_currency_map, :hash, default: {})
     preference(:paypal_payee_email_map, :hash, default: {})
+    # Which checkout flow to use (vault/checkout)
+    preference(:paypal_flow, :string, default: 'vault')
+    # A hash that gets passed to the `style` key when initializing the credit card fields.
+    # See https://developers.braintreepayments.com/guides/hosted-fields/styling/javascript/v3
+    preference(:credit_card_fields_style, :hash, default: {})
+    # A hash that gets its keys passed to the associated braintree field placeholder tag.
+    # Example: { number: "Enter card number", cvv: "Enter CVV", expirationDate: "mm/yy" }
+    preference(:placeholder_text, :hash, default: {})
+    # Wether to use the JS device data collector
+    preference(:use_data_collector, :boolean, default: true)
+    # Useful for testing purposes, as PayPal will show funding sources based on the buyer's country;
+    # usually retrieved by their  ip geolocation. I.e. Venmo will show for US buyers, but not European.
+    preference(:force_buyer_country, :string)
+    preference(:enable_venmo_funding, :boolean, default: false)
+    # When on mobile, paying with Venmo, the user may be returned to the same store tab
+    # depending on if their browser supports it, otherwise a new tab will be created
+    # However, returning to a new tab may break the payment checkout flow for some stores, for example,
+    # if they are single-page applications (SPA). Set this to false if this is the case
+    preference(:venmo_new_tab_support, :boolean, default: true)
     def partial_name
       "paypal_braintree"
     end
@@ -51,7 +89,9 @@ module SolidusPaypalBraintree
         merchant_id: preferred_merchant_id,
         public_key: preferred_public_key,
         private_key: preferred_private_key,
-        logger: Braintree::Configuration.logger.clone
+        http_open_timeout: preferred_http_open_timeout,
+        http_read_timeout: preferred_http_read_timeout,
+        logger: logger
       }
     end
@@ -64,12 +104,14 @@ module SolidusPaypalBraintree
     #   extra options to send along. e.g.: device data for fraud prevention
     # @return [Response]
     def purchase(money_cents, source, gateway_options)
-      result = braintree.transaction.sale(
-        amount: dollars(money_cents),
-        **transaction_options(source, gateway_options, true)
-      )
+      protected_request do
+        result = braintree.transaction.sale(
+          amount: dollars(money_cents),
+          **transaction_options(source, gateway_options, submit_for_settlement: true)
+        )
-      Response.build(result)
+        Response.build(result)
+      end
     end
     # Authorize a payment to be captured later.
@@ -81,12 +123,14 @@ module SolidusPaypalBraintree
     #   extra options to send along. e.g.: device data for fraud prevention
     # @return [Response]
     def authorize(money_cents, source, gateway_options)
-      result = braintree.transaction.sale(
-        amount: dollars(money_cents),
-        **transaction_options(source, gateway_options)
-      )
+      protected_request do
+        result = braintree.transaction.sale(
+          amount: dollars(money_cents),
+          **transaction_options(source, gateway_options)
+        )
-      Response.build(result)
+        Response.build(result)
+      end
     end
     # Collect funds from an authorized payment.
@@ -97,11 +141,13 @@ module SolidusPaypalBraintree
     # @param response_code [String] the transaction id of the payment to capture
     # @return [Response]
     def capture(money_cents, response_code, _gateway_options)
-      result = braintree.transaction.submit_for_settlement(
-        response_code,
-        dollars(money_cents)
-      )
-      Response.build(result)
+      protected_request do
+        result = braintree.transaction.submit_for_settlement(
+          response_code,
+          dollars(money_cents)
+        )
+        Response.build(result)
+      end
     end
     # Used to refeund a customer for an already settled transaction.
@@ -111,11 +157,13 @@ module SolidusPaypalBraintree
     # @param response_code [String] the transaction id of the payment to refund
     # @return [Response]
     def credit(money_cents, _source, response_code, _gateway_options)
-      result = braintree.transaction.refund(
-        response_code,
-        dollars(money_cents)
-      )
-      Response.build(result)
+      protected_request do
+        result = braintree.transaction.refund(
+          response_code,
+          dollars(money_cents)
+        )
+        Response.build(result)
+      end
     end
     # Used to cancel a transaction before it is settled.
@@ -124,8 +172,10 @@ module SolidusPaypalBraintree
     # @param response_code [String] the transaction id of the payment to void
     # @return [Response]
     def void(response_code, _source, _gateway_options)
-      result = braintree.transaction.void(response_code)
-      Response.build(result)
+      protected_request do
+        result = braintree.transaction.void(response_code)
+        Response.build(result)
+      end
     end
     # Will either refund or void the payment depending on its state.
@@ -137,7 +187,9 @@ module SolidusPaypalBraintree
     # @param response_code [String] the transaction id of the payment to void
     # @return [Response]
     def cancel(response_code)
-      transaction = braintree.transaction.find(response_code)
+      transaction = protected_request do
+        braintree.transaction.find(response_code)
+      end
       if VOIDABLE_STATUSES.include?(transaction.status)
         void(response_code, nil, {})
       else
@@ -145,6 +197,32 @@ module SolidusPaypalBraintree
       end
     end
+    # Will void the payment depending on its state or return false
+    #
+    # Used by Solidus >= 2.4 instead of +cancel+
+    #
+    # If the transaction has not yet been settled, we can void the transaction.
+    # Otherwise, we return false so Solidus creates a refund instead.
+    #
+    # @api public
+    # @param payment [Spree::Payment] the payment to void
+    # @return [Response|FalseClass]
+    def try_void(payment)
+      transaction = braintree.transaction.find(payment.response_code)
+      if transaction.status.in? SolidusPaypalBraintree::Gateway::VOIDABLE_STATUSES
+        # Sometimes Braintree returns a voidable status although it is not voidable anymore.
+        # When we try to void that transaction we receive an error and need to return false
+        # so Solidus can create a refund instead.
+        begin
+          void(payment.response_code, nil, {})
+        rescue ActiveMerchant::ConnectionError => e
+          e.message.match(NON_VOIDABLE_STATUS_ERROR_REGEXP) ? false : raise(e)
+        end
+      else
+        false
+      end
+    end
     # Creates a new customer profile in Braintree
     #
     # @api public
@@ -156,7 +234,7 @@ module SolidusPaypalBraintree
       return if source.token.present? || source.customer.present? || source.nonce.nil?
       result = braintree.customer.create(customer_profile_params(payment))
-      fail Spree::Core::GatewayError, result.message unless result.success?
+      fail ::Spree::Core::GatewayError, result.message unless result.success?
       customer = result.customer
@@ -169,12 +247,12 @@ module SolidusPaypalBraintree
       end
     end
+    # @raise [TokenGenerationDisabledError]
+    #   If `preferred_token_generation_enabled` is false
+    #
     # @return [String]
     #   The token that should be used along with the Braintree js-client sdk.
     #
-    #   returns an error message if `preferred_token_generation_enabled` is
-    #   set to false.
-    #
     # @example
     #   <script>
     #     var token = #{Spree::Braintree::Gateway.first!.generate_token}
@@ -189,7 +267,10 @@ module SolidusPaypalBraintree
     #     );
     #   </script>
     def generate_token
-      return TOKEN_GENERATION_DISABLED_MESSAGE unless preferred_token_generation_enabled
+      unless preferred_token_generation_enabled
+        raise TokenGenerationDisabledError, TOKEN_GENERATION_DISABLED_MESSAGE
+      end
       braintree.client_token.generate
     end
@@ -217,6 +298,18 @@ module SolidusPaypalBraintree
     private
+    # Whether to store this payment method in the PayPal Vault. This only works when the checkout
+    # flow is "vault", so make sure to call +super+ if you override it.
+    def store_in_vault
+      preferred_paypal_flow == 'vault'
+    end
+    def logger
+      Braintree::Configuration.logger.clone.tap do |logger|
+        logger.level = Rails.logger.level
+      end
+    end
     def dollars(cents)
       Money.new(cents).dollars
     end
@@ -229,20 +322,24 @@ module SolidusPaypalBraintree
       JSON.parse(preference_string.gsub("=>", ":"))
     end
-    def convert_preference_value(value, type)
+    def convert_preference_value(value, type, preference_encryptor = nil)
       if type == :hash && value.is_a?(String)
         value = to_hash(value)
       end
-      super
+      if method(__method__).super_method.arity == 3
+        super
+      else
+        super(value, type)
+      end
     end
-    def transaction_options(source, options, submit_for_settlement = false)
+    def transaction_options(source, options, submit_for_settlement: false)
       params = options.select do |key, _|
         ALLOWED_BRAINTREE_OPTIONS.include?(key)
       end
       params[:channel] = "Solidus"
-      params[:options] = { store_in_vault_on_success: true }
+      params[:options] = { store_in_vault_on_success: store_in_vault }
       if submit_for_settlement
         params[:options][:submit_for_settlement] = true
@@ -252,6 +349,10 @@ module SolidusPaypalBraintree
         params[:options][:paypal] = { payee_email: paypal_email }
       end
+      if source.venmo? && venmo_business_profile_id
+        params[:options][:venmo] = { profile_id: venmo_business_profile_id }
+      end
       if merchant_account_id = merchant_account_for(source, options)
         params[:merchant_account_id] = merchant_account_id
       end
@@ -299,25 +400,31 @@ module SolidusPaypalBraintree
     end
     def merchant_account_for(_source, options)
-      if options[:currency]
-        preferred_merchant_currency_map[options[:currency]]
-      end
+      return unless options[:currency]
+      preferred_merchant_currency_map[options[:currency]]
     end
     def paypal_payee_email_for(source, options)
-      if source.paypal?
-        preferred_paypal_payee_email_map[options[:currency]]
-      end
+      return unless source.paypal?
+      preferred_paypal_payee_email_map[options[:currency]]
     end
     def customer_profile_params(payment)
       params = {}
-      if payment.source.try(:nonce)
+      if store_in_vault && payment.source.try(:nonce)
         params[:payment_method_nonce] = payment.source.nonce
       end
       params
     end
+    # override with the Venmo business profile that you want to use for transactions,
+    # or leave it to be nil if want Braintree to use your default account
+    def venmo_business_profile_id
+      nil
+    end
   end
 end

data/app/models/solidus_paypal_braintree/response.rb CHANGED Viewed

@@ -1,3 +1,8 @@
+# frozen_string_literal: true
+require 'active_merchant/billing/response'
+require_relative 'avs_result'
 # Response object that all actions on the gateway should return
 module SolidusPaypalBraintree
   class Response < ActiveMerchant::Billing::Response
@@ -15,36 +20,59 @@ module SolidusPaypalBraintree
       def build_success(result)
         transaction = result.transaction
-        test = true
-        authorization = transaction.id
-        fraud_review = nil
-        avs_result = nil
-        cvv_result = nil
-        options = {
-          test: test,
-          authorization: authorization,
-          fraud_review: fraud_review,
-          avs_result: avs_result,
-          cvv_result: cvv_result
-        }
-        new(true, transaction.status, {}, options)
+        new(true, transaction.status, {}, response_options(transaction))
       end
       def build_failure(result)
-        new(false, error_message(result))
+        transaction = result.transaction
+        options = response_options(transaction).update(
+          # For error responses we want to have the CVV code
+          cvv_result: transaction&.cvv_response_code
+        )
+        new(false, error_message(result), result.params, options)
+      end
+      def response_options(transaction)
+        # Some error responses do not have a transaction
+        return {} if transaction.nil?
+        {
+          authorization: transaction.id,
+          avs_result: SolidusPaypalBraintree::AVSResult.build(transaction),
+          # As we do not provide the CVV while submitting the transaction (for PCI compliance reasons),
+          # we need to ignore the only response we get back (I = not provided).
+          # Otherwise Solidus thinks this payment is risky.
+          cvv_result: nil
+        }
       end
       def error_message(result)
         if result.errors.any?
           result.errors.map { |e| "#{e.message} (#{e.code})" }.join(" ")
         else
-          [result.transaction.status,
-           result.transaction.gateway_rejection_reason,
-           result.transaction.processor_settlement_response_code,
-           result.transaction.processor_settlement_response_text].compact.join(" ")
+          transaction_error_message(result.transaction)
+        end
+      end
+      # Human readable error message for transaction responses
+      def transaction_error_message(transaction)
+        case transaction.status
+        when 'gateway_rejected'
+          I18n.t(transaction.gateway_rejection_reason,
+            scope: 'solidus_paypal_braintree.gateway_rejection_reasons',
+            default: "#{transaction.status.humanize} #{transaction.gateway_rejection_reason.humanize}")
+        when 'processor_declined'
+          I18n.t(transaction.processor_response_code,
+            scope: 'solidus_paypal_braintree.processor_response_codes',
+            default: "#{transaction.processor_response_text} (#{transaction.processor_response_code})")
+        when 'settlement_declined'
+          I18n.t(transaction.processor_settlement_response_code,
+            scope: 'solidus_paypal_braintree.processor_settlement_response_codes',
+            default: "#{transaction.processor_settlement_response_text} (#{transaction.processor_settlement_response_code})") # rubocop:disable Layout/LineLength
+        else
+          I18n.t(transaction.status,
+            scope: 'solidus_paypal_braintree.transaction_statuses',
+            default: transaction.status.humanize)
         end
       end
     end

data/app/models/solidus_paypal_braintree/source.rb CHANGED Viewed

@@ -1,22 +1,41 @@
+# frozen_string_literal: true
 module SolidusPaypalBraintree
-  class Source < ApplicationRecord
+  class Source < SolidusSupport.payment_source_parent_class
+    include RequestProtection
     PAYPAL = "PayPalAccount"
     APPLE_PAY = "ApplePayCard"
+    VENMO = "VenmoAccount"
     CREDIT_CARD = "CreditCard"
-    belongs_to :user, class_name: Spree::UserClassHandle.new
+    enum paypal_funding_source: {
+      applepay: 0, bancontact: 1, blik: 2, boleto: 3, card: 4, credit: 5, eps: 6, giropay: 7, ideal: 8,
+      itau: 9, maxima: 10, mercadopago: 11, mybank: 12, oxxo: 13, p24: 14, paylater: 15, paypal: 16, payu: 17,
+      sepa: 18, sofort: 19, trustly: 20, venmo: 21, verkkopankki: 22, wechatpay: 23, zimpler: 24
+    }, _suffix: :funding
+    belongs_to :user, class_name: ::Spree::UserClassHandle.new, optional: true
     belongs_to :payment_method, class_name: 'Spree::PaymentMethod'
-    has_many :payments, as: :source, class_name: "Spree::Payment"
+    has_many :payments, as: :source, class_name: "Spree::Payment", dependent: :destroy
-    belongs_to :customer, class_name: "SolidusPaypalBraintree::Customer"
+    belongs_to :customer, class_name: "SolidusPaypalBraintree::Customer", optional: true
-    validates :payment_type, inclusion: [PAYPAL, APPLE_PAY, CREDIT_CARD]
+    validates :payment_type, inclusion: [PAYPAL, APPLE_PAY, VENMO, CREDIT_CARD]
+    before_save :clear_paypal_funding_source, unless: :paypal?
     scope(:with_payment_profile, -> { joins(:customer) })
     scope(:credit_card, -> { where(payment_type: CREDIT_CARD) })
-    delegate :last_4, :card_type, to: :braintree_payment_method, allow_nil: true
+    delegate :last_4, :card_type, :expiration_month, :expiration_year, :email,
+      :username, :source_description, to: :braintree_payment_method, allow_nil: true
+    # Aliases to match Spree::CreditCard's interface
     alias_method :last_digits, :last_4
+    alias_method :month, :expiration_month
+    alias_method :year, :expiration_year
+    alias_method :cc_type, :card_type
     # we are not currenctly supporting an "imported" flag
     def imported
@@ -32,7 +51,14 @@ module SolidusPaypalBraintree
     end
     def can_void?(payment)
-      !payment.failed? && !payment.void?
+      return false unless payment.response_code
+      transaction = protected_request do
+        braintree_client.transaction.find(payment.response_code)
+      end
+      Gateway::VOIDABLE_STATUSES.include?(transaction.status)
+    rescue ActiveMerchant::ConnectionError
+      false
     end
     def can_credit?(payment)
@@ -51,23 +77,57 @@ module SolidusPaypalBraintree
       payment_type == PAYPAL
     end
+    def venmo?
+      payment_type == VENMO
+    end
+    def reusable?
+      token.present?
+    end
     def credit_card?
       payment_type == CREDIT_CARD
     end
     def display_number
-      "XXXX-XXXX-XXXX-#{last_digits}"
+      if paypal?
+        email
+      elsif venmo?
+        username
+      else
+        "XXXX-XXXX-XXXX-#{last_digits.to_s.rjust(4, 'X')}"
+      end
+    end
+    def display_paypal_funding_source
+      I18n.t(paypal_funding_source,
+        scope: 'solidus_paypal_braintree.paypal_funding_sources',
+        default: paypal_funding_source)
+    end
+    def display_payment_type
+      "#{I18n.t('solidus_paypal_braintree.payment_type.label')}: #{friendly_payment_type}"
     end
     private
     def braintree_payment_method
-      return unless braintree_client && credit_card?
-      @braintree_payment_method ||= braintree_client.payment_method.find(token)
+      return unless braintree_client
+      @braintree_payment_method ||= protected_request do
+        braintree_client.payment_method.find(token)
+      end
+    rescue ActiveMerchant::ConnectionError, ArgumentError => e
+      Rails.logger.warn("#{e}: token unknown or missing for #{inspect}")
+      nil
     end
     def braintree_client
       @braintree_client ||= payment_method.try(:braintree)
     end
+    def clear_paypal_funding_source
+      self.paypal_funding_source = nil
+    end
   end
 end