spree_gateway 3.7.2 → 3.9.0

data/config/routes.rb

@@ -4,3 +4,15 @@
 Rails.application.routes.draw do
   get '/.well-known/apple-developer-merchantid-domain-association' => 'spree/apple_pay_domain_verification#show'
 end
+
+Spree::Core::Engine.add_routes do
+  namespace :api, defaults: { format: 'json' } do
+    namespace :v2 do
+      namespace :storefront do
+        namespace :intents do
+          post :handle_response
+        end
+      end
+    end
+  end
+end

data/db/migrate/20200317135551_add_spree_check_payment_source.rb

@@ -0,0 +1,22 @@
+class AddSpreeCheckPaymentSource < ActiveRecord::Migration[5.1]
+  def change
+    create_table :spree_checks do |t|
+      t.references :payment_method
+      t.references :user
+      t.string "account_holder_name"
+      t.string "account_holder_type"
+      t.string "routing_number"
+      t.string "account_number"
+      t.string "account_type", default: 'checking'
+      t.string "status"
+      t.string "last_digits"
+      t.string "gateway_customer_profile_id"
+      t.string "gateway_payment_profile_id"
+
+      t.datetime "created_at", null: false
+      t.datetime "updated_at", null: false
+      t.datetime "deleted_at"
+    end
+    add_index :spree_payment_methods, :id
+  end
+end

data/db/migrate/20200422114908_add_intent_key_to_payment.rb

@@ -0,0 +1,5 @@
+class AddIntentKeyToPayment < ActiveRecord::Migration[4.2]
+  def change
+    add_column :spree_payments, :intent_client_key, :string
+  end
+end

data/gemfiles/{spree_3_2.gemfile → spree_4_1.gemfile}

@@ -3,6 +3,6 @@
 source "https://rubygems.org"
 
 gem "rails-controller-testing"
-gem "spree", "~> 3.2.0"
+gem "spree", "~> 4.1.0"
 
 gemspec path: "../"

data/gemfiles/{spree_3_5.gemfile → spree_4_2.gemfile}

@@ -3,6 +3,6 @@
 source "https://rubygems.org"
 
 gem "rails-controller-testing"
-gem "spree", "~> 3.5.0"
+gem "spree", "~> 4.2.0.beta"
 
 gemspec path: "../"

data/lib/active_merchant/billing/stripe_gateway_decorator.rb

@@ -1,6 +1,19 @@
 module ActiveMerchant
   module Billing
     module StripeGatewayDecorator
+      def verify(source, **options)
+        customer = source.gateway_customer_profile_id
+        bank_account_token = source.gateway_payment_profile_id
+
+        commit(:post, "customers/#{CGI.escape(customer)}/sources/#{bank_account_token}/verify", amounts: options[:amounts])
+      end
+
+      def retrieve(source, **options)
+        customer = source.gateway_customer_profile_id
+        bank_account_token = source.gateway_payment_profile_id
+        commit(:get, "customers/#{CGI.escape(customer)}/bank_accounts/#{bank_account_token}")
+      end
+
       private
 
       def headers(options = {})

data/lib/controllers/spree/api/v2/storefront/intents_controller.rb

@@ -0,0 +1,27 @@
+module Spree
+  module Api
+    module V2
+      module Storefront
+        class IntentsController < ::Spree::Api::V2::BaseController
+          include Spree::Api::V2::Storefront::OrderConcern
+
+          def handle_response
+            if params['response']['error']
+              invalidate_payment
+              render_error_payload(params['response']['error']['message'])
+            else
+              render_serialized_payload { { message: I18n.t('spree.payment_successfully_authorized') } }
+            end
+          end
+
+          private
+
+          def invalidate_payment
+            payment = spree_current_order.payments.find_by!(response_code: params['response']['error']['payment_intent']['id'])
+            payment.update(state: 'failed', intent_client_key: nil)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/spree_gateway.rb

@@ -2,3 +2,4 @@ require 'spree_core'
 require 'spree_gateway/engine'
 require 'spree_gateway/version'
 require 'spree_extension'
+require 'deface'

data/lib/spree_gateway/engine.rb

@@ -32,6 +32,7 @@ module SpreeGateway
       app.config.spree.payment_methods << Spree::Gateway::StripeGateway
       app.config.spree.payment_methods << Spree::Gateway::StripeElementsGateway
       app.config.spree.payment_methods << Spree::Gateway::StripeApplePayGateway
+      app.config.spree.payment_methods << Spree::Gateway::StripeAchGateway
       app.config.spree.payment_methods << Spree::Gateway::UsaEpayTransaction
       app.config.spree.payment_methods << Spree::Gateway::Worldpay
     end

data/lib/spree_gateway/version.rb

@@ -1,5 +1,5 @@
 module SpreeGateway
   def self.version
-    '3.7.2'
+    '3.9.0'
   end
 end

data/lib/views/backend/spree/admin/payments/source_forms/_stripe_ach.html.erb

@@ -0,0 +1,86 @@
+<fieldset data-id="bank_transfer">
+  <div id="bank_transfer_form<%= payment_method.id %>" class="margint" data-hook>
+    <% param_prefix = "payment_source[#{payment_method.id}]" %>
+
+    <div data-hook="account_holder_name" class="form-group">
+      <%= label_tag "account_holder_name#{payment_method.id}", raw(Spree.t('stripe.ach.account_holder_name') + required_span_tag) %>
+      <%= text_field_tag "#{param_prefix}[account_holder_name]", '', class: 'required form-control', id: "account_holder_name#{payment_method.id}" %>
+    </div>
+
+    <div data-hook="account_holder_type">
+      <%= label_tag "account_holder_type#{payment_method.id}", raw(Spree.t('stripe.ach.account_holder_type') + required_span_tag) %>
+      <%= select_tag "#{param_prefix}[account_holder_type]", options_for_select(%w(Individual Company)), {id: "account_holder_type#{payment_method.id}", class: 'required form-control'} %>
+    </div>
+
+    <div data-hook="routing_number">
+      <%= label_tag "routing_number#{payment_method.id}", raw(Spree.t('stripe.ach.routing_number') + required_span_tag)%>
+      <%= text_field_tag "#{param_prefix}[routing_number]", '', class: 'required form-control', id: "routing_number#{payment_method.id}", maxlength: 9 %>
+    </div>
+    <div data-hook="account_number">
+      <%= label_tag "account_number#{payment_method.id}", raw(Spree.t('stripe.ach.account_number') + required_span_tag) %>
+      <%= text_field_tag "#{param_prefix}[account_number]", '', class: 'required form-control', id: "account_number#{payment_method.id}" %>
+    </div>
+    <div data-hook="account_number">
+      <%= label_tag "verify_account_number#{payment_method.id}", raw(Spree.t('stripe.ach.verify_account_number') + required_span_tag) %>
+      <%= text_field_tag "#{param_prefix}[verify_account_number]", '', class: 'required form-control', id: "verify_account_number#{payment_method.id}" %>
+    </div>
+  </div>
+</fieldset>
+
+<script type="text/javascript" src="https://js.stripe.com/v3/"></script>
+<script type="text/javascript">
+    var stripe = Stripe("<%= payment_method.preferred_publishable_key %>");
+</script>
+
+<script>
+    stripeResponseHandler = function(response) {
+        var token, paymentMethodId;
+        if (response.error) {
+            $('#stripeError').html(response.error.message);
+            const param_map = {
+                account_holder_name: '#account_holder_name',
+                account_holder_type: '#account_holder_type',
+                account_number: '#account_number',
+                routing_number: '#routing_number'
+            }
+            if (response.error.param){
+                errorField = Spree.stripePaymentMethod.find(param_map[response.error.param])
+                errorField.addClass('error');
+                errorField.parent().addClass('has-error');
+            }
+            return $('#stripeError').show();
+        } else {
+            Spree.stripePaymentMethod.find('#account_holder_name, #account_holder_type, #account_number, #routing_number').prop("disabled", true);
+            token = response.token['id'];
+            paymentMethodId = Spree.stripePaymentMethod.prop('id').split("_")[2];
+            Spree.stripePaymentMethod.append("<input type='hidden' class='stripeToken' name='payment_source[" + paymentMethodId + "][gateway_payment_profile_id]' value='" + token + "'/>");
+            return Spree.stripePaymentMethod.parents("form").trigger('submit');
+        }
+    };
+
+    window.addEventListener('DOMContentLoaded', function() {
+        Spree.stripePaymentMethod = $('#payment_method_' + <%= payment_method.id %>);
+
+        Spree.ready(function() {
+            Spree.stripePaymentMethod.prepend("<div id='stripeError' class='errorExplanation alert alert-danger' style='display:none'></div>");
+            return $('#new_payment [data-hook=buttons]').click(function() {
+                var params;
+                $('#stripeError').hide();
+                Spree.stripePaymentMethod.find('#account_holder_name, #account_holder_type, #account_number, #routing_number').removeClass('error');
+                if (Spree.stripePaymentMethod.is(':visible')) {
+                    params = $.extend({
+                        country: 'US',
+                        currency: 'usd',
+                        account_holder_name: $('.account_holder_name:visible').val(),
+                        account_holder_type: $('.account_holder_type:visible').val(),
+                        routing_number: $('.routing_number:visible').val(),
+                        account_number: $('.account_number:visible').val()
+                    }, Spree.stripeAdditionalInfo);
+                    stripe.createToken('bank_account', params).then(stripeResponseHandler);
+                    return false;
+                }
+            });
+        });
+    });
+</script>
+

data/lib/views/backend/spree/admin/payments/source_forms/_stripe_elements.html.erb

@@ -0,0 +1,79 @@
+<%= render "spree/admin/payments/source_forms/gateway", payment_method: payment_method, previous_cards: payment_method.reusable_sources(@order) %>
+
+<script type="text/javascript" src="https://js.stripe.com/v2/"></script>
+<script type="text/javascript">
+  Stripe.setPublishableKey("<%= payment_method.preferred_publishable_key %>");
+</script>
+
+<script>
+  var mapCC, stripeElementResponseHandler;
+
+  mapCC = function(ccType) {
+    if (ccType === 'MasterCard') {
+      return 'mastercard';
+    } else if (ccType === 'Visa') {
+      return 'visa';
+    } else if (ccType === 'American Express') {
+      return 'amex';
+    } else if (ccType === 'Discover') {
+      return 'discover';
+    } else if (ccType === 'Diners Club') {
+      return 'dinersclub';
+    } else if (ccType === 'JCB') {
+      return 'jcb';
+    }
+  };
+  stripeElementResponseHandler = function(status, response) {
+    var paymentMethodId, token;
+    if (response.error) {
+      $('#stripeError').html(response.error.message);
+      var param_map = {
+        number:    '#card_number',
+        exp_month: '#card_expiry',
+        exp_year:  '#card_expiry',
+        cvc:       '#card_code'
+      }
+      if (response.error.param) {
+        errorField = Spree.stripeElementsPaymentMethod.find(param_map[response.error.param])
+        errorField.addClass('error');
+        errorField.parent().addClass('has-error');
+      }
+      return $('#stripeError').show();
+    } else {
+      Spree.stripeElementsPaymentMethod.find('#card_number<%= payment_method.id %>, #card_expiry<%= payment_method.id %>, #card_code<%= payment_method.id %>').prop("disabled", true);
+      Spree.stripeElementsPaymentMethod.find(".ccType").prop("disabled", false);
+      Spree.stripeElementsPaymentMethod.find(".ccType").val(mapCC(response.card.brand));
+      token = response['id'];
+      paymentMethodId = Spree.stripeElementsPaymentMethod.prop('id').split("_")[2];
+      Spree.stripeElementsPaymentMethod.append("<input type='hidden' class='stripeToken' name='payment_source[" + paymentMethodId + "][gateway_payment_profile_id]' value='" + token + "'/>");
+      Spree.stripeElementsPaymentMethod.append("<input type='hidden' class='stripeToken' name='payment_source[" + paymentMethodId + "][last_digits]' value='" + response.card.last4 + "'/>");
+      Spree.stripeElementsPaymentMethod.append("<input type='hidden' class='stripeToken' name='payment_source[" + paymentMethodId + "][month]' value='" + response.card.exp_month + "'/>");
+      Spree.stripeElementsPaymentMethod.append("<input type='hidden' class='stripeToken' name='payment_source[" + paymentMethodId + "][year]' value='" + response.card.exp_year + "'/>");
+      return Spree.stripeElementsPaymentMethod.parents("form").trigger('submit');
+    }
+  };
+
+  window.addEventListener('DOMContentLoaded', function() {
+    Spree.stripeElementsPaymentMethod = $('#payment_method_' + <%= payment_method.id %>);
+
+    Spree.ready(function() {
+      Spree.stripeElementsPaymentMethod.prepend("<div id='stripeError' class='errorExplanation alert alert-danger' style='display:none'></div>");
+      return $('#new_payment [data-hook=buttons]').click(function() {
+        var expiration, params;
+        $('#stripeError').hide();
+        Spree.stripeElementsPaymentMethod.find('#card_number, #card_expiry, #card_code').removeClass('error');
+        if (Spree.stripeElementsPaymentMethod.is(':visible')) {
+          expiration = $('.cardExpiry:visible').payment('cardExpiryVal');
+          params = $.extend({
+            number: $('.cardNumber:visible').val(),
+            cvc: $('.cardCode:visible').val(),
+            exp_month: expiration.month || 0,
+            exp_year: expiration.year || 0
+          }, Spree.stripeAdditionalInfo);
+          Stripe.card.createToken(params, stripeElementResponseHandler);
+          return false;
+        }
+      });
+    });
+  });
+</script>

data/lib/views/backend/spree/admin/payments/source_views/_stripe_ach.html.erb

@@ -0,0 +1,21 @@
+<fieldset data-hook="bank_transfer">
+  <legend><%= Spree.t(:bank_transfer) %></legend>
+  <table class="table table-condensed table-bordered">
+    <tr>
+      <th width="20%"><%= Spree.t('stripe.ach.account_holder_name') %>:</th>
+      <td><%= payment.source.account_holder_name %></td>
+    </tr>
+    <tr>
+      <th><%= Spree.t('stripe.ach.account_holder_type') %>:</th>
+      <td><%= payment.source.account_holder_type %></td>
+    </tr>
+    <tr>
+      <th><%= Spree.t('stripe.ach.routing_number') %>:</th>
+      <td><%= payment.source.routing_number %></td>
+    </tr>
+    <tr>
+      <th><%= Spree.t('stripe.ach.account_number') %>:</th>
+      <td><%= payment.source.account_number %></td>
+    </tr>
+  </table>
+</fieldset>

data/lib/views/backend/spree/admin/payments/source_views/_stripe_apple_pay.html.erb

@@ -0,0 +1 @@
+<%= render "spree/admin/payments/source_views/gateway", payment: payment %>

data/lib/views/backend/spree/admin/payments/source_views/_stripe_elements.html.erb

@@ -0,0 +1 @@
+<%= render "spree/admin/payments/source_views/gateway", payment: payment %>

data/lib/views/frontend/spree/checkout/payment/_stripe_ach.html.erb

@@ -0,0 +1,81 @@
+<div class="payment-gateway">
+  <% param_prefix = "payment_source[#{payment_method.id}]" %>
+  <div class="payment-gateway-half-fields">
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field">
+      <%= text_field_tag "#{param_prefix}[account_holder_name]", "#{@order.bill_address_firstname} #{@order.bill_address_lastname}", { id: "account_holder_name", class: 'spree-flat-input', placeholder: Spree.t('stripe.ach.account_holder_name')} %>
+    </div>
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field">
+      <%= select_tag "#{param_prefix}[account_holder_type]", options_for_select(%w(Individual Company)), {id: "account_holder_type", class: 'spree-flat-input', placeholder: Spree.t('stripe.ach.account_holder_type')} %>
+    </div>
+
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field" data-hook="account_number">
+      <%= text_field_tag "#{param_prefix}[routing_number]", '', {id: 'routing_number', class: 'spree-flat-input', autocomplete: "off", placeholder: Spree.t('stripe.ach.routing_number'), maxlength: 9} %>
+    </div>
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field" data-hook="account_number">
+      <%= text_field_tag "#{param_prefix}[account_number]", '', {id: 'account_number', class: 'spree-flat-input', autocomplete: "off", placeholder: Spree.t('stripe.ach.account_number')} %>
+    </div>
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field" data-hook="account_number">
+      <%= text_field_tag "#{param_prefix}[verify_account_number]", '', {id: 'verify_account_number', class: 'spree-flat-input', autocomplete: "off", placeholder: Spree.t('stripe.ach.verify_account_number')} %>
+    </div>
+  </div>
+</div>
+
+<script type="text/javascript" src="https://js.stripe.com/v3/"></script>
+<script type="text/javascript">
+    var stripe = Stripe("<%= payment_method.preferred_publishable_key %>");
+</script>
+
+<script>
+    stripeResponseHandler = function(response) {
+        var paymentMethodId, token, bank_acc_status;
+        if (response.error) {
+            $('#stripeError').html(response.error.message);
+            var param_map = {
+                account_holder_name: '#account_holder_name',
+                account_holder_type: '#account_holder_type',
+                account_number: '#account_number',
+                routing_number: '#routing_number'
+            }
+            if (response.error.param){
+                errorField = Spree.stripePaymentMethod.find(param_map[response.error.param])
+                errorField.addClass('error');
+                errorField.parent().addClass('has-error');
+            }
+            return $('#stripeError').show();
+        } else {
+            token = response.token['id'];
+            bank_acc_status = response.token.bank_account['status'];
+            paymentMethodId = Spree.stripePaymentMethod.prop('id').split("_")[2];
+            Spree.stripePaymentMethod.append("<input type='hidden' class='stripeToken' name='payment_source[" + paymentMethodId + "][gateway_payment_profile_id]' value='" + token + "'/>");
+            Spree.stripePaymentMethod.append("<input type='hidden' class='stripeStatus' name='payment_source[" + paymentMethodId + "][status]' value='" + bank_acc_status + "'/>")
+            return Spree.stripePaymentMethod.parents("form").trigger('submit');
+        }
+    };
+
+    window.addEventListener('DOMContentLoaded', function () {
+        Spree.stripePaymentMethod = $('#payment_method_' + <%= payment_method.id %>);
+        Spree.stripePaymentMethod.prepend("<div id='stripeError' class='errorExplanation alert alert-danger' style='display:none'></div>");
+
+        $('#checkout_form_payment [data-hook=buttons]').click(function (e) {
+            var params;
+            $('#stripeError').hide();
+            Spree.stripePaymentMethod.find('#account_holder_name, #account_holder_type, #account_number, #routing_number').removeClass('error');
+            if (Spree.stripePaymentMethod.is(':visible')) {
+                e.preventDefault();
+
+                params = $.extend({
+                    country: 'US',
+                    currency: 'usd',
+                    account_holder_name: $('#account_holder_name:visible').val(),
+                    account_holder_type: $('#account_holder_type:visible').val(),
+                    routing_number: $('#routing_number:visible').val(),
+                    account_number: $('#account_number:visible').val()
+                }, Spree.stripeAdditionalInfo);
+
+                stripe.createToken('bank_account', params).then(stripeResponseHandler);
+
+                return false;
+            }
+        });
+    });
+</script>

data/lib/views/frontend/spree/checkout/payment/_stripe_ach_verify.html.erb

@@ -0,0 +1,16 @@
+<p class="payment-type checkout-content-header">
+  <%= Spree.t('stripe.ach.verify_bank_account').upcase %>
+</p>
+
+<div class="payment-gateway">
+  <div class="payment-gateway-half-fields">
+    <input type="hidden" name="order[payment_id]" value= <%= payment.id %> />
+    <input type='hidden' name='verifyAch' value=true />
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field">
+      <%= number_field_tag "amounts[]", nil, { id: "deposit1", class: 'spree-flat-input', placeholder: Spree.t('stripe.ach.first_deposit') } %>
+    </div>
+    <div class="mb-4 payment-gateway-field checkout-content-inner-field">
+      <%= number_field_tag "amounts[]", nil, { id: "deposit2", class: 'spree-flat-input', placeholder: Spree.t('stripe.ach.second_deposit') } %>
+    </div>
+  </div>
+</div>

data/lib/views/frontend/spree/checkout/payment/_stripe_apple_pay.html.erb

@@ -9,7 +9,6 @@
 <script>
   var stripeApplePay = Stripe("<%= payment_method.preferred_publishable_key %>");
   var elements = stripeApplePay.elements();
-
   var paymentRequest = stripeApplePay.paymentRequest({
     country: '<%= payment_method.preferred_country_code.try(:upcase) %>',
     currency: '<%= @order.currency.downcase %>',
@@ -64,6 +63,15 @@
     form.appendChild(hiddenInput);
   };
 
+  function hideApplePayRadioButtonForNonAppleDevices() {
+    var isSafari = !!navigator.userAgent.match(/Version\/[\d\.]+.*Safari/);
+    var isiOS = /iPad|iPhone|iPod/.test(navigator.userAgent) && !window.MSStream;
+
+    if (!isSafari && !isiOS) {
+      $('input[name$="order[payments_attributes][][payment_method_id]"][value="<%= payment_method.id %>"]').closest('li').hide()
+    }
+  }
+
   paymentRequest.on('token', function(ev) {
     var form = document.getElementById('checkout_form_payment');
     var token = ev.token;
@@ -83,6 +91,7 @@
 
   window.addEventListener('DOMContentLoaded', function() {
     Spree.stripeApplePayPaymentMethod = $('#payment_method_' + <%= payment_method.id %>);
+    hideApplePayRadioButtonForNonAppleDevices();
 
     prButton.on('ready', function () {
       Spree.stripeApplePayPaymentMethod.prepend("<div id='stripeApplePayError' class='errorExplanation alert alert-danger' style='display:none'></div>");