spree_gateway 3.7.4 → 3.9.3

data/spec/features/stripe_checkout_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe "Stripe checkout", type: :feature do
+describe "Stripe checkout", type: :feature, js: true do
   let!(:country) { create(:country, :states_required => true) }
   let!(:state) { create(:state, :country => country) }
   let!(:shipping_method) { create(:shipping_method) }
@@ -42,7 +42,7 @@ describe "Stripe checkout", type: :feature do
   end
 
   # This will pass the CC data to the server and the StripeGateway class handles it
-  it "can process a valid payment (without JS)" do
+  it "can process a valid payment (without JS)", js: false do
     fill_in 'card_number', with: '4242 4242 4242 4242'
     fill_in 'card_code', with: '123'
     fill_in 'card_expiry', with: "01 / #{Time.current.year + 1}"
@@ -56,12 +56,10 @@ describe "Stripe checkout", type: :feature do
 
   # This will fetch a token from Stripe.com and then pass that to the webserver.
   # The server then processes the payment using that token.
-  it "can process a valid payment (with JS)", :js => true do
-    fill_in 'card_number', with: '4242 4242 4242 4242'
-    # Otherwise ccType field does not get updated correctly
-    page.execute_script("$('.cardNumber').trigger('change')")
+  it "can process a valid payment (with JS)" do
+    fill_in_with_force('card_number', with: "4242424242424242")
+    fill_in_with_force('card_expiry', with: "01 / #{Time.current.year + 1}")
     fill_in 'card_code', with: '123'
-    fill_in 'card_expiry', with: "01 / #{Time.current.year + 1}"
     click_button "Save and Continue"
     wait_for_stripe # Wait for Stripe API to return + form to submit
     expect(page).to have_css('#checkout_form_confirm')
@@ -72,18 +70,23 @@ describe "Stripe checkout", type: :feature do
     expect(page).to have_content(order.number)
   end
 
-  it "shows an error with an invalid credit card number", :js => true do
+  it "shows an error with an invalid credit card number" do
     # Card number is NOT valid. Fails Luhn checksum
     fill_in 'card_number', with: '4242 4242 4242 4249'
     click_button "Save and Continue"
     wait_for_stripe
-    expect(page).to have_content("Your card number is incorrect")
-    expect(page).to have_css('.has-error #card_number.error')
+    if Spree.version.to_f >= 3.7 and Spree.version.to_f <= 4.1
+      expect(page).to have_content("The card number is not a valid credit card number")
+    end
+    if Spree.version.to_f >= 4.2
+      expect(page).to have_content("Your card number is incorrect")
+      expect(page).to have_css('.has-error #card_number.error')
+    end
   end
 
-  it "shows an error with invalid security fields", :js => true do
-    fill_in 'card_number', with: '4242 4242 4242 4242'
-    fill_in 'card_expiry', with: "01 / #{Time.current.year + 1}"
+  it "shows an error with invalid security fields" do
+    fill_in_with_force('card_number', with: "4242424242424242")
+    fill_in_with_force('card_expiry', with: "01 / #{Time.current.year + 1}")
     fill_in 'card_code', with: '99'
     click_button "Save and Continue"
     wait_for_stripe
@@ -91,9 +94,12 @@ describe "Stripe checkout", type: :feature do
     expect(page).to have_css('.has-error #card_code.error')
   end
 
-  it "shows an error with invalid expiry month field", :js => true do
-    fill_in 'card_number', with: '4242 4242 4242 4242'
-    fill_in 'card_expiry', :with => "00 / #{Time.now.year + 1}"
+  # this scenario will not occur on Spree 4.2 due to swapping jquery.payment to cleave
+  # see https://github.com/spree/spree/pull/10363
+  it "shows an error with invalid expiry month field" do
+    skip if Spree.version.to_f >= 4.2
+    fill_in_with_force('card_number', with: "4242424242424242")
+    fill_in_with_force('card_expiry', with: "00 / #{Time.current.year + 1}")
     fill_in 'card_code', with: '123'
     click_button "Save and Continue"
     wait_for_stripe
@@ -101,9 +107,9 @@ describe "Stripe checkout", type: :feature do
     expect(page).to have_css('.has-error #card_expiry.error')
   end
 
-  it "shows an error with invalid expiry year field", :js => true do
-    fill_in 'card_number', with: '4242 4242 4242 4242'
-    fill_in 'card_expiry', with: '12 / '
+  it "shows an error with invalid expiry year field" do
+    fill_in_with_force('card_number', with: "4242424242424242")
+    fill_in_with_force('card_expiry', with: "12 / ")
     fill_in 'card_code', with: '123'
     click_button "Save and Continue"
     wait_for_stripe
@@ -111,3 +117,8 @@ describe "Stripe checkout", type: :feature do
     expect(page).to have_css('.has-error #card_expiry.error')
   end
 end
+
+def fill_in_with_force(locator, with:)
+  field_id = find_field(locator)[:id]
+  page.execute_script("document.getElementById('#{field_id}').value = '#{with}';")
+end

data/spec/features/stripe_elements_3ds_checkout_spec.rb

@@ -0,0 +1,224 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Stripe Elements 3ds checkout', type: :feature, js: true do
+  let!(:product) { create(:product, name: 'RoR Mug') }
+  let!(:stripe_payment_method) do
+    Spree::Gateway::StripeElementsGateway.create!(
+        name: 'Stripe',
+        preferred_secret_key: 'sk_test_VCZnDv3GLU15TRvn8i2EsaAN',
+        preferred_publishable_key: 'pk_test_Cuf0PNtiAkkMpTVC2gwYDMIg',
+        preferred_intents: preferred_intents
+    )
+  end
+
+  before do
+    user = create(:user)
+    order = OrderWalkthrough.up_to(:confirm)
+    expect(order).to receive(:confirmation_required?).and_return(true).at_least(:once)
+
+    order.reload
+    order.user = user
+    payment = order.payments.first
+    payment.source = create(:credit_card, number: card_number)
+    payment.save!
+
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(current_order: order)
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(try_spree_current_user: user)
+    allow_any_instance_of(Spree::CheckoutController).to receive_messages(skip_state_validation?: true)
+    allow_any_instance_of(Spree::OrdersController).to receive_messages(try_spree_current_user: user)
+
+    add_to_cart(product)
+
+    if Spree.version.to_f >= 3.7 and Spree.version.to_f < 4.1
+      find("#checkout-link").click
+    else
+      click_link 'checkout'
+      click_button 'Place Order'
+    end
+  end
+
+  describe 'when intents are disabled' do
+    let(:preferred_intents) { false }
+
+    context 'and credit card does not require 3ds authentication' do
+      let(:card_number) { '4242424242424242' }
+
+      if Spree.version.to_f >= 3.7 and Spree.version.to_f < 4.1
+        it 'should place order without 3ds authentication', driver: :selenium_chrome_headless do
+          click_button 'Save and Continue'
+          click_button 'Save and Continue'
+
+          within_frame 0 do
+            fill_in 'cardnumber', with: card_number
+            fill_in 'exp-date', with: "01 / #{Time.current.strftime('%y').to_i + 3}"
+            fill_in 'cvc', with: "222"
+          end
+
+          click_button 'Save and Continue'
+          click_button 'Place Order'
+
+          expect(page).to have_content('Your order has been processed successfully')
+          order = Spree::Order.complete.last
+          expect(page.current_url).to include("/orders/#{order.number}")
+          expect(page).to have_content(order.number)
+        end
+      else
+        it 'should place order without 3ds authentication' do
+          expect(page).to have_content('Order placed successfully')
+          order = Spree::Order.complete.last
+          expect(page.current_url).to include("/orders/#{order.number}")
+          expect(page).to have_content(order.number)
+        end
+      end
+    end
+
+    context 'and credit card does require 3ds authentication' do
+      let(:card_number) { '4000000000003220' }
+
+      if Spree.version.to_f >= 3.7 and Spree.version.to_f < 4.1
+        it 'should not place the order', driver: :selenium_chrome_headless do
+          click_button 'Save and Continue'
+          click_button 'Save and Continue'
+
+          within_frame 0 do
+            fill_in 'cardnumber', with: card_number
+            fill_in 'exp-date', with: "01 / #{Time.current.strftime('%y').to_i + 3}"
+            fill_in 'cvc', with: "222"
+          end
+
+          click_button 'Save and Continue'
+          click_button 'Place Order'
+
+          expect(page).to have_content('Your card was declined. This transaction requires authentication.')
+          expect(Spree::Order.complete.last).to be_nil
+        end
+
+      else
+        it 'should not place the order' do
+          expect(page).to have_content('Your card was declined. This transaction requires authentication.')
+          expect(Spree::Order.complete.last).to be_nil
+        end
+      end
+    end
+  end
+
+  describe 'when intents are enabled' do
+    let(:preferred_intents) { true }
+
+    context 'and credit card does not require 3ds authentication' do
+      let(:card_number) { '4242424242424242' }
+
+      if Spree.version.to_f >= 3.7 and Spree.version.to_f < 4.1
+        it 'should successfully place order without 3ds authentication', driver: :selenium_chrome_headless do
+          click_button 'Save and Continue'
+          click_button 'Save and Continue'
+
+          within_frame 0 do
+            fill_in 'cardnumber', with: card_number
+            fill_in 'exp-date', with: "01 / #{Time.current.strftime('%y').to_i + 3}"
+            fill_in 'cvc', with: "222"
+          end
+
+          click_button 'Save and Continue'
+          click_button 'Place Order'
+
+          expect(page).to have_content('Your order has been processed successfully')
+          order = Spree::Order.complete.last
+          expect(page.current_url).to include("/orders/#{order.number}")
+          expect(page).to have_content(order.number)
+        end
+      else
+        it 'should successfully place order without 3ds authentication' do
+          expect(page).to have_content('Order placed successfully')
+          order = Spree::Order.complete.last
+          expect(page.current_url).to include("/orders/#{order.number}")
+          expect(page).to have_content(order.number)
+        end
+      end
+    end
+
+    context 'when credit card does require 3ds authentication' do
+      let(:card_number) { '4000000000003220' }
+
+      context 'and authentication is successful' do
+        if Spree.version.to_f >= 3.7 and Spree.version.to_f < 4.1
+          it 'should place order after 3ds authentication', driver: :selenium_chrome_headless do
+            click_button 'Save and Continue'
+            click_button 'Save and Continue'
+
+            within_frame 0 do
+              fill_in 'cardnumber', with: card_number
+              fill_in 'exp-date', with: "01 / #{Time.current.strftime('%y').to_i + 3}"
+              fill_in 'cvc', with: "222"
+            end
+
+            click_button 'Save and Continue'
+            click_button 'Place Order'
+
+            within_stripe_3ds_popup do
+              click_button('Complete')
+            end
+
+            expect(page).to have_content('Your order has been processed successfully')
+            order = Spree::Order.complete.last
+            expect(page.current_url).to include("/orders/#{order.number}")
+            expect(page).to have_content(order.number)
+          end
+
+        else
+          it 'should place order after 3ds authentication' do
+            within_stripe_3ds_popup do
+              click_button('Complete')
+            end
+
+            expect(page).to have_content('Order placed successfully')
+            order = Spree::Order.complete.last
+            expect(page.current_url).to include("/orders/#{order.number}")
+            expect(page).to have_content(order.number)
+          end
+        end
+      end
+
+      context 'and authentication is unsuccessful' do
+
+        if Spree.version.to_f >= 3.7 and Spree.version.to_f < 4.1
+          it 'should not place order after 3ds authentication', driver: :selenium_chrome_headless do
+            click_button 'Save and Continue'
+            click_button 'Save and Continue'
+
+            within_frame 0 do
+              fill_in 'cardnumber', with: card_number
+              fill_in 'exp-date', with: "01 / #{Time.current.strftime('%y').to_i + 3}"
+              fill_in 'cvc', with: "222"
+            end
+
+            click_button 'Save and Continue'
+            click_button 'Place Order'
+
+            within_stripe_3ds_popup do
+              click_button('Fail')
+            end
+
+            expect(page).to_not have_content('Order placed successfully')
+            expect(page).to have_content('We are unable to authenticate your payment method.')
+            expect(page).to have_content('Please choose a different payment method and try again.')
+            expect(Spree::Order.complete.last).to be_nil
+          end
+        else
+          it 'should not place order after 3ds authentication' do
+            within_stripe_3ds_popup do
+              click_button('Fail')
+            end
+
+            expect(page).to_not have_content('Order placed successfully')
+            expect(page).to have_content('We are unable to authenticate your payment method.')
+            expect(page).to have_content('Please choose a different payment method and try again.')
+            expect(Spree::Order.complete.last).to be_nil
+          end
+        end
+      end
+    end
+  end
+end

data/spec/models/gateway/stripe_ach_gateway_spec.rb

@@ -0,0 +1,186 @@
+require 'spec_helper'
+
+describe Spree::Gateway::StripeAchGateway do
+  let(:secret_key) { 'key' }
+  let(:email) { 'customer@example.com' }
+  let(:source) { Spree::Check.new }
+  let(:payment) {
+    double('Spree::Payment',
+           source: source,
+           order: double('Spree::Order',
+                         email: email,
+                         bill_address: bill_address,
+                         user: double('Spree::User',
+                                      email: email)
+           )
+    )
+  }
+  let(:provider) do
+    double('provider').tap do |p|
+      p.stub(:purchase)
+      p.stub(:authorize)
+      p.stub(:capture)
+      p.stub(:verify)
+    end
+  end
+
+  before do
+    subject.preferences = { secret_key: secret_key }
+    subject.stub(:options_for_purchase_or_auth).and_return(['money','check','opts'])
+    subject.stub(:provider).and_return provider
+  end
+
+  describe '#create_profile' do
+    before do
+      payment.source.stub(:update!)
+    end
+
+    context 'with an order that has a bill address' do
+      let(:bill_address) {
+        double('Spree::Address',
+               address1: '123 Happy Road',
+               address2: 'Apt 303',
+               city: 'Suzarac',
+               zipcode: '95671',
+               state: double('Spree::State', name: 'Oregon'),
+               country: double('Spree::Country', name: 'United States')
+        )
+      }
+
+      it 'stores the bill address with the provider' do
+        subject.provider.should_receive(:store).with(payment.source, {
+            email: email,
+            login: secret_key,
+
+            address: {
+                address1: '123 Happy Road',
+                address2: 'Apt 303',
+                city: 'Suzarac',
+                zip: '95671',
+                state: 'Oregon',
+                country: 'United States'
+            }
+        }).and_return double.as_null_object
+
+        subject.create_profile payment
+      end
+    end
+
+    context 'with an order that does not have a bill address' do
+      let(:bill_address) { nil }
+
+      it 'does not store a bill address with the provider' do
+        subject.provider.should_receive(:store).with(payment.source, {
+            email: email,
+            login: secret_key
+        }).and_return double.as_null_object
+
+        subject.create_profile payment
+      end
+
+    end
+
+    context 'with a check represents payment_profile' do
+      let(:source) { Spree::Check.new(gateway_payment_profile_id: 'tok_profileid') }
+      let(:bill_address) { nil }
+
+      it 'stores the profile_id as a check' do
+        subject.provider.should_receive(:store).with(source.gateway_payment_profile_id, anything).and_return double.as_null_object
+
+        subject.create_profile payment
+      end
+    end
+  end
+
+  context 'purchasing' do
+    after do
+      subject.purchase(19.99, 'check', {})
+    end
+
+    it 'send the payment to the provider' do
+      provider.should_receive(:purchase).with('money', 'check', 'opts')
+    end
+  end
+
+  context 'authorizing' do
+    after do
+      subject.authorize(19.99, 'check', {})
+    end
+
+    it 'send the authorization to the provider' do
+      provider.should_receive(:authorize).with('money', 'check', 'opts')
+    end
+  end
+
+  context 'verifying' do
+    after do
+      subject.verify(source, {})
+    end
+
+    it 'send the verify to the provider' do
+      provider.should_receive(:verify).with(source, anything)
+    end
+  end
+
+  context 'capturing' do
+
+    after do
+      subject.capture(1234, 'response_code', {})
+    end
+
+    it 'convert the amount to cents' do
+      provider.should_receive(:capture).with(1234, anything, anything)
+    end
+
+    it 'use the response code as the authorization' do
+      provider.should_receive(:capture).with(anything, 'response_code', anything)
+    end
+  end
+
+  context 'capture with payment class' do
+    let(:gateway) do
+      gateway = described_class.new(active: true)
+      gateway.set_preference :secret_key, secret_key
+      gateway.stub(:options_for_purchase_or_auth).and_return(['money', 'check', 'opts'])
+      gateway.stub(:provider).and_return provider
+      gateway.stub source_required: true
+      gateway
+    end
+
+    let(:order) { Spree::Order.create }
+
+    let(:check) do
+      # mock_model(Spree::Check, :gateway_customer_profile_id => 'cus_abcde',
+      # :imported => false)
+      create :check, gateway_customer_profile_id: 'cus_abcde', imported: false
+    end
+
+    let(:payment) do
+      payment = Spree::Payment.new
+      payment.source = check
+      payment.order = order
+      payment.payment_method = gateway
+      payment.amount = 98.55
+      payment.state = 'pending'
+      payment.response_code = '12345'
+      payment
+    end
+
+    after do
+      payment.capture!
+    end
+
+    let!(:success_response) do
+      double('success_response',
+             success?: true,
+             authorization: '123',
+             avs_result: { 'code' => 'avs-code' },
+             cvv_result: { 'code' => 'cvv-code', 'message' => 'CVV Result' },
+             params: {})
+    end
+
+    it 'gets correct amount' do
+      provider.should_receive(:capture).with(9855, '12345', anything).and_return(success_response)
+    end
+  end
+end