start_activemerchant 1.50.0

data/lib/active_merchant/billing/gateways/migs.rb

@@ -0,0 +1,280 @@
+require 'active_merchant/billing/gateways/migs/migs_codes'
+
+require 'digest/md5' # Used in add_secure_hash
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class MigsGateway < Gateway
+      include MigsCodes
+
+      API_VERSION = 1
+
+      class_attribute :server_hosted_url, :merchant_hosted_url
+
+      self.server_hosted_url = 'https://migs.mastercard.com.au/vpcpay'
+      self.merchant_hosted_url = 'https://migs.mastercard.com.au/vpcdps'
+
+      self.live_url = self.server_hosted_url
+
+      # MiGS is supported throughout Asia Pacific, Middle East and Africa
+      # MiGS is used in Australia (AU) by ANZ (eGate), CBA (CommWeb) and more
+      # Source of Country List: http://www.scribd.com/doc/17811923
+      self.supported_countries = %w(AU AE BD BN EG HK ID IN JO KW LB LK MU MV MY NZ OM PH QA SA SG TT VN)
+
+      # The card types supported by the payment gateway
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club, :jcb]
+
+      self.money_format = :cents
+
+      # The homepage URL of the gateway
+      self.homepage_url = 'http://mastercard.com/mastercardsps'
+
+      # The name of the gateway
+      self.display_name = 'MasterCard Internet Gateway Service (MiGS)'
+
+      # Creates a new MigsGateway
+      # The advanced_login/advanced_password fields are needed for
+      # advanced methods such as the capture, refund and status methods
+      #
+      # ==== Options
+      #
+      # * <tt>:login</tt> -- The MiGS Merchant ID (REQUIRED)
+      # * <tt>:password</tt> -- The MiGS Access Code (REQUIRED)
+      # * <tt>:secure_hash</tt> -- The MiGS Secure Hash
+      # (Required for Server Hosted payments)
+      # * <tt>:advanced_login</tt> -- The MiGS AMA User
+      # * <tt>:advanced_password</tt> -- The MiGS AMA User's password
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      # ==== Options
+      #
+      # * <tt>:order_id</tt> -- A reference for tracking the order (REQUIRED)
+      # * <tt>:unique_id</tt> -- A unique id for this request (Max 40 chars).
+      # If not supplied one will be generated.
+      def purchase(money, creditcard, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+
+        add_amount(post, money, options)
+        add_invoice(post, options)
+        add_creditcard(post, creditcard)
+        add_standard_parameters('pay', post, options[:unique_id])
+
+        commit(post)
+      end
+
+      # MiGS works by merchants being either purchase only or authorize/capture
+      # So authorize is the same as purchase when in authorize mode
+      alias_method :authorize, :purchase
+
+      # ==== Options
+      #
+      # * <tt>:unique_id</tt> -- A unique id for this request (Max 40 chars).
+      # If not supplied one will be generated.
+      def capture(money, authorization, options = {})
+        requires!(@options, :advanced_login, :advanced_password)
+
+        post = options.merge(:TransNo => authorization)
+
+        add_amount(post, money, options)
+        add_advanced_user(post)
+        add_standard_parameters('capture', post, options[:unique_id])
+
+        commit(post)
+      end
+
+      # ==== Options
+      #
+      # * <tt>:unique_id</tt> -- A unique id for this request (Max 40 chars).
+      # If not supplied one will be generated.
+      def refund(money, authorization, options = {})
+        requires!(@options, :advanced_login, :advanced_password)
+
+        post = options.merge(:TransNo => authorization)
+
+        add_amount(post, money, options)
+        add_advanced_user(post)
+        add_standard_parameters('refund', post, options[:unique_id])
+
+        commit(post)
+      end
+
+      def credit(money, authorization, options = {})
+        ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
+        refund(money, authorization, options)
+      end
+
+      # Checks the status of a previous transaction
+      # This can be useful when a response is not received due to network issues
+      #
+      # ==== Parameters
+      #
+      # * <tt>unique_id</tt> -- Unique id of transaction to find.
+      #   This is the value of the option supplied in other methods or
+      #   if not supplied is returned with key :MerchTxnRef
+      def status(unique_id)
+        requires!(@options, :advanced_login, :advanced_password)
+
+        post = {}
+        add_advanced_user(post)
+        add_standard_parameters('queryDR', post, unique_id)
+
+        commit(post)
+      end
+
+      # Generates a URL to redirect user to MiGS to process payment
+      # Once user is finished MiGS will redirect back to specified URL
+      # With a response hash which can be turned into a Response object
+      # with purchase_offsite_response
+      #
+      # ==== Options
+      #
+      # * <tt>:order_id</tt> -- A reference for tracking the order (REQUIRED)
+      # * <tt>:locale</tt> -- Change the language of the redirected page
+      #   Values are 2 digit locale, e.g. en, es
+      # * <tt>:return_url</tt> -- the URL to return to once the payment is complete
+      # * <tt>:card_type</tt> -- Providing this skips the card type step.
+      #   Values are ActiveMerchant formats: e.g. master, visa, american_express, diners_club
+      # * <tt>:unique_id</tt> -- Unique id of transaction to find.
+      #   If not supplied one will be generated.
+      def purchase_offsite_url(money, options = {})
+        requires!(options, :order_id, :return_url)
+        requires!(@options, :secure_hash)
+
+        post = {}
+
+        add_amount(post, money, options)
+        add_invoice(post, options)
+        add_creditcard_type(post, options[:card_type]) if options[:card_type]
+
+        post.merge!(
+          :Locale => options[:locale] || 'en',
+          :ReturnURL => options[:return_url]
+        )
+
+        add_standard_parameters('pay', post, options[:unique_id])
+
+        add_secure_hash(post)
+
+        self.server_hosted_url + '?' + post_data(post)
+      end
+
+      # Parses a response from purchase_offsite_url once user is redirected back
+      #
+      # ==== Parameters
+      #
+      # * <tt>data</tt> -- All params when offsite payment returns
+      # e.g. returns to http://company.com/return?a=1&b=2, then input "a=1&b=2"
+      def purchase_offsite_response(data)
+        requires!(@options, :secure_hash)
+
+        response_hash = parse(data)
+
+        expected_secure_hash = calculate_secure_hash(response_hash.reject{|k, v| k == :SecureHash}, @options[:secure_hash])
+        unless response_hash[:SecureHash] == expected_secure_hash
+          raise SecurityError, "Secure Hash mismatch, response may be tampered with"
+        end
+
+        response_object(response_hash)
+      end
+
+      def test?
+        @options[:login].start_with?('TEST')
+      end
+
+      private
+
+      def add_amount(post, money, options)
+        post[:Amount] = amount(money)
+        post[:Currency] = options[:currency] if options[:currency]
+      end
+
+      def add_advanced_user(post)
+        post[:User] = @options[:advanced_login]
+        post[:Password] = @options[:advanced_password]
+      end
+
+      def add_invoice(post, options)
+        post[:OrderInfo] = options[:order_id]
+      end
+
+      def add_creditcard(post, creditcard)
+        post[:CardNum] = creditcard.number
+        post[:CardSecurityCode] = creditcard.verification_value if creditcard.verification_value?
+        post[:CardExp] = format(creditcard.year, :two_digits) + format(creditcard.month, :two_digits)
+      end
+
+      def add_creditcard_type(post, card_type)
+        post[:Gateway]  = 'ssl'
+        post[:card] = CARD_TYPES.detect{|ct| ct.am_code == card_type}.migs_long_code
+      end
+
+      def parse(body)
+        params = CGI::parse(body)
+        hash = {}
+        params.each do |key, value|
+          hash[key.gsub('vpc_', '').to_sym] = value[0]
+        end
+        hash
+      end
+
+      def commit(post)
+        data = ssl_post self.merchant_hosted_url, post_data(post)
+        response_hash = parse(data)
+        response_object(response_hash)
+      end
+
+      def response_object(response)
+        avs_response_code = response[:AVSResultCode]
+        avs_response_code = 'S' if avs_response_code == "Unsupported"
+
+        cvv_result_code = response[:CSCResultCode]
+        cvv_result_code = 'P' if cvv_result_code == "Unsupported"
+
+        Response.new(success?(response), response[:Message], response,
+          :test => test?,
+          :authorization => response[:TransactionNo],
+          :fraud_review => fraud_review?(response),
+          :avs_result => { :code => avs_response_code },
+          :cvv_result => cvv_result_code
+        )
+      end
+
+      def success?(response)
+        response[:TxnResponseCode] == '0'
+      end
+
+      def fraud_review?(response)
+        ISSUER_RESPONSE_CODES[response[:AcqResponseCode]] == 'Suspected Fraud'
+      end
+
+      def add_standard_parameters(action, post, unique_id = nil)
+        post.merge!(
+          :Version     => API_VERSION,
+          :Merchant    => @options[:login],
+          :AccessCode  => @options[:password],
+          :Command     => action,
+          :MerchTxnRef => unique_id || generate_unique_id.slice(0, 40)
+        )
+      end
+
+      def post_data(post)
+        post.collect { |key, value| "vpc_#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+      end
+
+      def add_secure_hash(post)
+        post[:SecureHash] = calculate_secure_hash(post, @options[:secure_hash])
+      end
+
+      def calculate_secure_hash(post, secure_hash)
+        sorted_values = post.sort_by(&:to_s).map(&:last)
+        input = secure_hash + sorted_values.join
+        Digest::MD5.hexdigest(input).upcase
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/migs/migs_codes.rb

@@ -0,0 +1,100 @@
+module ActiveMerchant
+  module Billing
+    module MigsCodes
+      TXN_RESPONSE_CODES = {
+        '?' => 'Response Unknown',
+        '0' => 'Transaction Successful',
+        '1' => 'Transaction Declined - Bank Error',
+        '2' => 'Bank Declined Transaction',
+        '3' => 'Transaction Declined - No Reply from Bank',
+        '4' => 'Transaction Declined - Expired Card',
+        '5' => 'Transaction Declined - Insufficient funds',
+        '6' => 'Transaction Declined - Error Communicating with Bank',
+        '7' => 'Payment Server Processing Error - Typically caused by invalid input data such as an invalid credit card number. Processing errors can also occur',
+        '8' => 'Transaction Declined - Transaction Type Not Supported',
+        '9' => 'Bank Declined Transaction (Do not contact Bank)',
+        'A' => 'Transaction Aborted',
+        'C' => 'Transaction Cancelled',
+        'D' => 'Deferred Transaction',
+        'E' => 'Issuer Returned a Referral Response',
+        'F' => '3D Secure Authentication Failed',
+        'I' => 'Card Security Code Failed',
+        'L' => 'Shopping Transaction Locked (This indicates that there is another transaction taking place using the same shopping transaction number)',
+        'N' => 'Cardholder is not enrolled in 3D Secure (Authentication Only)',
+        'P' => 'Transaction is Pending',
+        'R' => 'Retry Limits Exceeded, Transaction Not Processed',
+        'S' => 'Duplicate OrderInfo used. (This is only relevant for Payment Servers that enforce the uniqueness of this field)',
+        'U' => 'Card Security Code Failed'
+      }
+
+      ISSUER_RESPONSE_CODES = {
+        '00' => 'Approved',
+        '01' => 'Refer to Card Issuer',
+        '02' => 'Refer to Card Issuer',
+        '03' => 'Invalid Merchant',
+        '04' => 'Pick Up Card',
+        '05' => 'Do Not Honor',
+        '07' => 'Pick Up Card',
+        '12' => 'Invalid Transaction',
+        '14' => 'Invalid Card Number (No such Number)',
+        '15' => 'No Such Issuer',
+        '33' => 'Expired Card',
+        '34' => 'Suspected Fraud',
+        '36' => 'Restricted Card',
+        '39' => 'No Credit Account',
+        '41' => 'Card Reported Lost',
+        '43' => 'Stolen Card',
+        '51' => 'Insufficient Funds',
+        '54' => 'Expired Card',
+        '57' => 'Transaction Not Permitted',
+        '59' => 'Suspected Fraud',
+        '62' => 'Restricted Card',
+        '65' => 'Exceeds withdrawal frequency limit',
+        '91' => 'Cannot Contact Issuer'
+      }
+
+      VERIFIED_3D_CODES = {
+        'Y' => 'The cardholder was successfully authenticated.',
+        'E' => 'The cardholder is not enrolled.',
+        'N' => 'The cardholder was not verified.',
+        'U' => 'The cardholder\'s Issuer was unable to authenticate due to a system error at the Issuer.',
+        'F' => 'An error exists in the format of the request from the merchant. For example, the request did not contain all required fields, or the format of some fields was invalid.',
+        'A' => 'Authentication of your Merchant ID and Password to the Directory Server Failed (see "What does a Payment Authentication Status of "A" mean?" on page 85).',
+        'D' => 'Error communicating with the Directory Server, for example, the Payment Server could not connect to the directory server or there was a versioning mismatch.',
+        'C' => 'The card type is not supported for authentication.',
+        'M' => 'This indicates that attempts processing was used. Verification is marked with status M - ACS attempts processing used. Payment is performed with authentication. Attempts is when a cardholder has successfully passed the directory server but decides not to continue with the authentication process and cancels.',
+        'S' => 'The signature on the response received from the Issuer could not be validated. This should be considered a failure.',
+        'T' => 'ACS timed out. The Issuer\'s ACS did not respond to the Authentication request within the time out period.',
+        'P' => 'Error parsing input from Issuer.',
+        'I' => 'Internal Payment Server system error. This could be caused by a temporary DB failure or an error in the security module or by some error in an internal system.'
+      }
+
+      class CreditCardType
+        attr_accessor :am_code, :migs_code, :migs_long_code, :name
+        def initialize(am_code, migs_code, migs_long_code, name)
+          @am_code        = am_code
+          @migs_code      = migs_code
+          @migs_long_code = migs_long_code
+          @name           = name
+        end
+      end
+
+      CARD_TYPES = [
+        # The following are 4 different representations of credit card types
+        # am_code: The active merchant code
+        # migs_code: Used in response for purchase/authorize/status
+        # migs_long_code: Used to pre-select card for server_purchase_url
+        # name: The nice display name
+        %w(american_express AE Amex             American\ Express),
+        %w(diners_club      DC Dinersclub       Diners\ Club),
+        %w(jcb              JC JCB              JCB\ Card),
+        %w(maestro          MS Maestro          Maestro\ Card),
+        %w(master           MC Mastercard       MasterCard),
+        %w(na               PL PrivateLabelCard Private\ Label\ Card),
+        %w(visa             VC Visa             Visa\ Card')
+      ].map do |am_code, migs_code, migs_long_code, name|
+        CreditCardType.new(am_code, migs_code, migs_long_code, name)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/modern_payments.rb

@@ -0,0 +1,37 @@
+require 'active_merchant/billing/gateways/modern_payments_cim'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class ModernPaymentsGateway < Gateway
+      self.supported_countries = ModernPaymentsCimGateway.supported_countries
+      self.supported_cardtypes = ModernPaymentsCimGateway.supported_cardtypes
+      self.homepage_url = ModernPaymentsCimGateway.homepage_url
+      self.display_name = ModernPaymentsCimGateway.display_name
+
+      self.abstract_class = true
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      def purchase(money, credit_card, options = {})
+        customer_response = cim.create_customer(options)
+        return customer_response unless customer_response.success?
+
+        customer_id = customer_response.params["create_customer_result"]
+
+        card_response = cim.modify_customer_credit_card(customer_id, credit_card)
+        return card_response unless card_response.success?
+
+        cim.authorize_credit_card_payment(customer_id, money)
+      end
+
+      private
+      def cim
+        @cim ||= ModernPaymentsCimGateway.new(@options)
+      end
+    end
+  end
+end
+

data/lib/active_merchant/billing/gateways/modern_payments_cim.rb

@@ -0,0 +1,219 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class ModernPaymentsCimGateway < Gateway #:nodoc:
+      self.test_url = "https://secure.modpay.com/netservices/test/ModpayTest.asmx"
+      self.live_url = 'https://secure.modpay.com/ws/modpay.asmx'
+
+      LIVE_XMLNS = "https://secure.modpay.com/ws/"
+      TEST_XMLNS = "https://secure.modpay.com/netservices/test/"
+
+      self.supported_countries = ['US']
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+      self.homepage_url = 'http://www.modpay.com'
+      self.display_name = 'Modern Payments'
+
+      SUCCESS_MESSAGE = "Transaction accepted"
+      FAILURE_MESSAGE = "Transaction failed"
+      ERROR_MESSAGE   = "Transaction error"
+
+      PAYMENT_METHOD = {
+        :check => 1,
+        :credit_card => 2
+      }
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      def create_customer(options = {})
+        post = {}
+        add_customer_data(post, options)
+        add_address(post, options)
+
+        commit('CreateCustomer', post)
+      end
+
+      def modify_customer_credit_card(customer_id, credit_card)
+        raise ArgumentError, "The customer_id cannot be blank" if customer_id.blank?
+
+        post = {}
+        add_customer_id(post, customer_id)
+        add_credit_card(post, credit_card)
+
+        commit('ModifyCustomerCreditCard', post)
+      end
+
+      def authorize_credit_card_payment(customer_id, amount)
+        raise ArgumentError, "The customer_id cannot be blank" if customer_id.blank?
+
+        post = {}
+        add_customer_id(post, customer_id)
+        add_amount(post, amount)
+
+        commit('AuthorizeCreditCardPayment', post)
+      end
+
+      def create_payment(customer_id, amount, options = {})
+        raise ArgumentError, "The customer_id cannot be blank" if customer_id.blank?
+
+        post = {}
+        add_customer_id(post, customer_id)
+        add_amount(post, amount)
+        add_payment_details(post, options)
+
+        commit('CreatePayment', post)
+      end
+
+      private
+      def add_payment_details(post, options)
+        post[:pmtDate] = (options[:payment_date] || Time.now.utc).strftime("%Y-%m-%dT%H:%M:%SZ")
+        post[:pmtType] = PAYMENT_METHOD[options[:payment_method] || :credit_card]
+      end
+
+      def add_amount(post, money)
+        post[:pmtAmount] = amount(money)
+      end
+
+      def add_customer_id(post, customer_id)
+        post[:custId] = customer_id
+      end
+
+      def add_customer_data(post, options)
+        post[:acctNum]   = options[:customer]
+      end
+
+      def add_address(post, options)
+        address = options[:billing_address] || options[:address] || {}
+
+        if name = address[:name]
+          segments = name.split(' ')
+          post[:lastName] = segments.pop
+          post[:firstName] = segments.join(' ')
+        else
+          post[:firstName] = address[:first_name]
+          post[:lastName]  = address[:last_name]
+        end
+
+        post[:address]   = address[:address1]
+        post[:city]      = address[:city]
+        post[:state]     = address[:state]
+        post[:zip]       = address[:zip]
+        post[:phone]     = address[:phone]
+        post[:fax]       = address[:fax]
+        post[:email]     = options[:email]
+      end
+
+      def add_credit_card(post, credit_card)
+        post[:ccName] = credit_card.name
+        post[:ccNum]  = credit_card.number
+        post[:expMonth] = credit_card.month
+        post[:expYear]  = credit_card.year
+      end
+
+      def build_request(action, params)
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.instruct!
+        xml.tag! 'env:Envelope',
+          { 'xmlns:xsd' => 'http://www.w3.org/2001/XMLSchema',
+            'xmlns:env' => 'http://schemas.xmlsoap.org/soap/envelope/',
+            'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance' } do
+
+          xml.tag! 'env:Body' do
+            xml.tag! action, { "xmlns" => xmlns(action) } do
+              xml.tag! "clientId", @options[:login]
+              xml.tag! "clientCode", @options[:password]
+              params.each {|key, value| xml.tag! key, value }
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def xmlns(action)
+        if test? && action == 'AuthorizeCreditCardPayment'
+          TEST_XMLNS
+        else
+          LIVE_XMLNS
+        end
+      end
+
+      def url(action)
+        if test? && action == 'AuthorizeCreditCardPayment'
+          self.test_url
+        else
+          self.live_url
+        end
+      end
+
+      def commit(action, params)
+        data = ssl_post(url(action), build_request(action, params),
+                 { 'Content-Type' =>'text/xml; charset=utf-8',
+                   'SOAPAction' => "#{xmlns(action)}#{action}" }
+                )
+
+        response = parse(action, data)
+        Response.new(successful?(action, response), message_from(action, response), response,
+          :test => test?,
+          :authorization => authorization_from(action, response),
+          :avs_result => { :code => response[:avs_code] }
+        )
+      end
+
+      def authorization_from(action, response)
+        response[authorization_key(action)]
+      end
+
+      def authorization_key(action)
+        action == "AuthorizeCreditCardPayment" ? :trans_id : "#{action.underscore}_result".to_sym
+      end
+
+      def successful?(action, response)
+        key = authorization_key(action)
+
+        if key == :trans_id
+          response[:approved] == "true"
+        else
+          response[key].to_i > 0
+        end
+      end
+
+      def message_from(action, response)
+        if response[:faultcode]
+          ERROR_MESSAGE
+        elsif successful?(action, response)
+          SUCCESS_MESSAGE
+        else
+          FAILURE_MESSAGE
+        end
+      end
+
+      def parse(action, xml)
+        response = {}
+        response[:action] = action
+
+        xml = REXML::Document.new(xml)
+        if root = REXML::XPath.first(xml, "//#{action}Response")
+          root.elements.to_a.each do |node|
+            parse_element(response, node)
+          end
+        elsif root = REXML::XPath.first(xml, "//soap:Fault")
+          root.elements.to_a.each do |node|
+            response[node.name.underscore.to_sym] = node.text
+          end
+        end
+
+        response
+      end
+
+      def parse_element(response, node)
+        if node.has_elements?
+          node.elements.each{|e| parse_element(response, e) }
+        else
+          response[node.name.underscore.to_sym] = node.text.to_s.strip
+        end
+      end
+    end
+  end
+end
+