start_activemerchant 1.50.0

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -0,0 +1,308 @@
+require 'active_merchant/billing/gateways/payflow/payflow_common_api'
+require 'active_merchant/billing/gateways/payflow/payflow_response'
+require 'active_merchant/billing/gateways/payflow_express'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PayflowGateway < Gateway
+      include PayflowCommonAPI
+
+      RECURRING_ACTIONS = Set.new([:add, :modify, :cancel, :inquiry, :reactivate, :payment])
+
+      self.supported_cardtypes = [:visa, :master, :american_express, :jcb, :discover, :diners_club]
+      self.homepage_url = 'https://www.paypal.com/cgi-bin/webscr?cmd=_payflow-pro-overview-outside'
+      self.display_name = 'PayPal Payflow Pro'
+
+      def authorize(money, credit_card_or_reference, options = {})
+        request = build_sale_or_authorization_request(:authorization, money, credit_card_or_reference, options)
+
+        commit(request, options)
+      end
+
+      def purchase(money, funding_source, options = {})
+        request = build_sale_or_authorization_request(:purchase, money, funding_source, options)
+
+        commit(request, options)
+      end
+
+      def credit(money, funding_source, options = {})
+        if funding_source.is_a?(String)
+          ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
+          # Perform referenced credit
+          refund(money, funding_source, options)
+        elsif card_brand(funding_source) == 'check'
+          # Perform non-referenced credit
+          request = build_check_request(:credit, money, funding_source, options)
+          commit(request, options)
+        else
+          request = build_credit_card_request(:credit, money, funding_source, options)
+          commit(request, options)
+        end
+      end
+
+      def refund(money, reference, options = {})
+        commit(build_reference_request(:credit, money, reference, options), options)
+      end
+
+      def verify(payment, options={})
+        authorize(0, payment, options)
+      end
+
+      # Adds or modifies a recurring Payflow profile.  See the Payflow Pro Recurring Billing Guide for more details:
+      # https://www.paypal.com/en_US/pdf/PayflowPro_RecurringBilling_Guide.pdf
+      #
+      # Several options are available to customize the recurring profile:
+      #
+      # * <tt>profile_id</tt> - is only required for editing a recurring profile
+      # * <tt>starting_at</tt> - takes a Date, Time, or string in mmddyyyy format. The date must be in the future.
+      # * <tt>name</tt> - The name of the customer to be billed.  If not specified, the name from the credit card is used.
+      # * <tt>periodicity</tt> - The frequency that the recurring payments will occur at.  Can be one of
+      # :bimonthly, :monthly, :biweekly, :weekly, :yearly, :daily, :semimonthly, :quadweekly, :quarterly, :semiyearly
+      # * <tt>payments</tt> - The term, or number of payments that will be made
+      # * <tt>comment</tt> - A comment associated with the profile
+      def recurring(money, credit_card, options = {})
+        ActiveMerchant.deprecated RECURRING_DEPRECATION_MESSAGE
+
+        options[:name] = credit_card.name if options[:name].blank? && credit_card
+        request = build_recurring_request(options[:profile_id] ? :modify : :add, money, options) do |xml|
+          add_credit_card(xml, credit_card) if credit_card
+        end
+        commit(request, options.merge(:request_type => :recurring))
+      end
+
+      def cancel_recurring(profile_id)
+        ActiveMerchant.deprecated RECURRING_DEPRECATION_MESSAGE
+
+        request = build_recurring_request(:cancel, 0, :profile_id => profile_id)
+        commit(request, options.merge(:request_type => :recurring))
+      end
+
+      def recurring_inquiry(profile_id, options = {})
+        ActiveMerchant.deprecated RECURRING_DEPRECATION_MESSAGE
+
+        request = build_recurring_request(:inquiry, nil, options.update( :profile_id => profile_id ))
+        commit(request, options.merge(:request_type => :recurring))
+      end
+
+      def express
+        @express ||= PayflowExpressGateway.new(@options)
+      end
+
+      private
+      def build_sale_or_authorization_request(action, money, funding_source, options)
+        if funding_source.is_a?(String)
+          build_reference_sale_or_authorization_request(action, money, funding_source, options)
+        elsif card_brand(funding_source) == 'check'
+          build_check_request(action, money, funding_source, options)
+        else
+          build_credit_card_request(action, money, funding_source, options)
+        end
+      end
+
+      def build_reference_sale_or_authorization_request(action, money, reference, options)
+        xml = Builder::XmlMarkup.new
+        xml.tag! TRANSACTIONS[action] do
+          xml.tag! 'PayData' do
+            xml.tag! 'Invoice' do
+              # Fields accepted by PayFlow and recommended to be provided even for Reference Transaction, per Payflow docs.
+              xml.tag! 'CustIP', options[:ip] unless options[:ip].blank?
+              xml.tag! 'InvNum', options[:order_id].to_s.gsub(/[^\w.]/, '') unless options[:order_id].blank?
+              xml.tag! 'Description', options[:description] unless options[:description].blank?
+              xml.tag! 'Comment', options[:comment] unless options[:comment].blank?
+              xml.tag!('ExtData', 'Name'=> 'COMMENT2', 'Value'=> options[:comment2]) unless options[:comment2].blank?
+              xml.tag! 'TaxAmt', options[:taxamt] unless options[:taxamt].blank?
+              xml.tag! 'FreightAmt', options[:freightamt] unless options[:freightamt].blank?
+              xml.tag! 'DutyAmt', options[:dutyamt] unless options[:dutyamt].blank?
+              xml.tag! 'DiscountAmt', options[:discountamt] unless options[:discountamt].blank?
+
+              billing_address = options[:billing_address] || options[:address]
+              add_address(xml, 'BillTo', billing_address, options) if billing_address
+              add_address(xml, 'ShipTo', options[:shipping_address],options) if options[:shipping_address]
+
+              xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
+            end
+            xml.tag! 'Tender' do
+              xml.tag! 'Card' do
+                xml.tag! 'ExtData', 'Name' => 'ORIGID', 'Value' =>  reference
+              end
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def build_credit_card_request(action, money, credit_card, options)
+        xml = Builder::XmlMarkup.new
+        xml.tag! TRANSACTIONS[action] do
+          xml.tag! 'PayData' do
+            xml.tag! 'Invoice' do
+              xml.tag! 'CustIP', options[:ip] unless options[:ip].blank?
+              xml.tag! 'InvNum', options[:order_id].to_s.gsub(/[^\w.]/, '') unless options[:order_id].blank?
+              xml.tag! 'Description', options[:description] unless options[:description].blank?
+              # Comment and Comment2 will show up in manager.paypal.com as Comment1 and Comment2
+              xml.tag! 'Comment', options[:comment] unless options[:comment].blank?
+              xml.tag!('ExtData', 'Name'=> 'COMMENT2', 'Value'=> options[:comment2]) unless options[:comment2].blank?
+              xml.tag! 'TaxAmt', options[:taxamt] unless options[:taxamt].blank?
+              xml.tag! 'FreightAmt', options[:freightamt] unless options[:freightamt].blank?
+              xml.tag! 'DutyAmt', options[:dutyamt] unless options[:dutyamt].blank?
+              xml.tag! 'DiscountAmt', options[:discountamt] unless options[:discountamt].blank?
+
+              billing_address = options[:billing_address] || options[:address]
+              add_address(xml, 'BillTo', billing_address, options) if billing_address
+              add_address(xml, 'ShipTo', options[:shipping_address], options) if options[:shipping_address]
+
+              xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
+            end
+
+            xml.tag! 'Tender' do
+              add_credit_card(xml, credit_card)
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def build_check_request(action, money, check, options)
+        xml = Builder::XmlMarkup.new
+        xml.tag! TRANSACTIONS[action] do
+          xml.tag! 'PayData' do
+            xml.tag! 'Invoice' do
+              xml.tag! 'CustIP', options[:ip] unless options[:ip].blank?
+              xml.tag! 'InvNum', options[:order_id].to_s.gsub(/[^\w.]/, '') unless options[:order_id].blank?
+              xml.tag! 'Description', options[:description] unless options[:description].blank?
+              xml.tag! 'BillTo' do
+                xml.tag! 'Name', check.name
+              end
+              xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
+            end
+            xml.tag! 'Tender' do
+              xml.tag! 'ACH' do
+                xml.tag! 'AcctType', check.account_type == 'checking' ? 'C' : 'S'
+                xml.tag! 'AcctNum', check.account_number
+                xml.tag! 'ABA', check.routing_number
+              end
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def add_credit_card(xml, credit_card)
+        xml.tag! 'Card' do
+          xml.tag! 'CardType', credit_card_type(credit_card)
+          xml.tag! 'CardNum', credit_card.number
+          xml.tag! 'ExpDate', expdate(credit_card)
+          xml.tag! 'NameOnCard', credit_card.first_name
+          xml.tag! 'CVNum', credit_card.verification_value if credit_card.verification_value?
+
+          if requires_start_date_or_issue_number?(credit_card)
+            xml.tag!('ExtData', 'Name' => 'CardStart', 'Value' => startdate(credit_card)) unless credit_card.start_month.blank? || credit_card.start_year.blank?
+            xml.tag!('ExtData', 'Name' => 'CardIssue', 'Value' => format(credit_card.issue_number, :two_digits)) unless credit_card.issue_number.blank?
+          end
+          xml.tag! 'ExtData', 'Name' => 'LASTNAME', 'Value' =>  credit_card.last_name
+        end
+      end
+
+      def credit_card_type(credit_card)
+        return '' if card_brand(credit_card).blank?
+
+        CARD_MAPPING[card_brand(credit_card).to_sym]
+      end
+
+      def expdate(creditcard)
+        year  = sprintf("%.4i", creditcard.year.to_s.sub(/^0+/, ''))
+        month = sprintf("%.2i", creditcard.month.to_s.sub(/^0+/, ''))
+
+        "#{year}#{month}"
+      end
+
+      def startdate(creditcard)
+        year  = format(creditcard.start_year, :two_digits)
+        month = format(creditcard.start_month, :two_digits)
+
+        "#{month}#{year}"
+      end
+
+      def build_recurring_request(action, money, options)
+        unless RECURRING_ACTIONS.include?(action)
+          raise StandardError, "Invalid Recurring Profile Action: #{action}"
+        end
+
+        xml = Builder::XmlMarkup.new
+        xml.tag! 'RecurringProfiles' do
+          xml.tag! 'RecurringProfile' do
+            xml.tag! action.to_s.capitalize do
+              unless [:cancel, :inquiry].include?(action)
+                xml.tag! 'RPData' do
+                  xml.tag! 'Name', options[:name] unless options[:name].nil?
+                  xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
+                  xml.tag! 'PayPeriod', get_pay_period(options)
+                  xml.tag! 'Term', options[:payments] unless options[:payments].nil?
+                  xml.tag! 'Comment', options[:comment] unless options[:comment].nil?
+                  xml.tag! 'RetryNumDays', options[:retry_num_days] unless options[:retry_num_days].nil?
+                  xml.tag! 'MaxFailPayments', options[:max_fail_payments] unless options[:max_fail_payments].nil?
+
+                  if initial_tx = options[:initial_transaction]
+                    requires!(initial_tx, [:type, :authorization, :purchase])
+                    requires!(initial_tx, :amount) if initial_tx[:type] == :purchase
+
+                    xml.tag! 'OptionalTrans', TRANSACTIONS[initial_tx[:type]]
+                    xml.tag! 'OptionalTransAmt', amount(initial_tx[:amount]) unless initial_tx[:amount].blank?
+                  end
+
+                  if action == :add
+                    xml.tag! 'Start', format_rp_date(options[:starting_at] || Date.today + 1 )
+                  else
+                    xml.tag! 'Start', format_rp_date(options[:starting_at]) unless options[:starting_at].nil?
+                  end
+
+                  xml.tag! 'EMail', options[:email] unless options[:email].nil?
+
+                  billing_address = options[:billing_address] || options[:address]
+                  add_address(xml, 'BillTo', billing_address, options) if billing_address
+                  add_address(xml, 'ShipTo', options[:shipping_address], options) if options[:shipping_address]
+                end
+                xml.tag! 'Tender' do
+                  yield xml
+                end
+              end
+              if action != :add
+                xml.tag! "ProfileID", options[:profile_id]
+              end
+              if action == :inquiry
+                xml.tag! "PaymentHistory", ( options[:history] ? 'Y' : 'N' )
+              end
+            end
+          end
+        end
+      end
+
+      def get_pay_period(options)
+        requires!(options, [:periodicity, :bimonthly, :monthly, :biweekly, :weekly, :yearly, :daily, :semimonthly, :quadweekly, :quarterly, :semiyearly])
+        case options[:periodicity]
+          when :weekly then 'Weekly'
+          when :biweekly then 'Bi-weekly'
+          when :semimonthly then 'Semi-monthly'
+          when :quadweekly then 'Every four weeks'
+          when :monthly then 'Monthly'
+          when :quarterly then 'Quarterly'
+          when :semiyearly then 'Semi-yearly'
+          when :yearly then 'Yearly'
+        end
+      end
+
+      def format_rp_date(time)
+        case time
+          when Time, Date then time.strftime("%m%d%Y")
+        else
+          time.to_s
+        end
+      end
+
+      def build_response(success, message, response, options = {})
+        PayflowResponse.new(success, message, response, options)
+      end
+    end
+  end
+end
+

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -0,0 +1,220 @@
+require 'nokogiri'
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module PayflowCommonAPI
+      def self.included(base)
+        base.default_currency = 'USD'
+
+        base.class_attribute :partner
+
+        # Set the default partner to PayPal
+        base.partner = 'PayPal'
+
+        base.supported_countries = ['US', 'CA', 'SG', 'AU']
+
+        base.class_attribute :timeout
+        base.timeout = 60
+
+        base.test_url = 'https://pilot-payflowpro.paypal.com'
+        base.live_url = 'https://payflowpro.paypal.com'
+
+        # Enable safe retry of failed connections
+        # Payflow is safe to retry because retried transactions use the same
+        # X-VPS-Request-ID header. If a transaction is detected as a duplicate
+        # only the original transaction data will be used by Payflow, and the
+        # subsequent Responses will have a :duplicate parameter set in the params
+        # hash.
+        base.retry_safe = true
+      end
+
+      XMLNS = 'http://www.paypal.com/XMLPay'
+
+      CARD_MAPPING = {
+        :visa => 'Visa',
+        :master => 'MasterCard',
+        :discover => 'Discover',
+        :american_express => 'Amex',
+        :jcb => 'JCB',
+        :diners_club => 'DinersClub',
+        :switch => 'Switch',
+        :solo => 'Solo'
+      }
+
+      TRANSACTIONS = {
+        :purchase       => "Sale",
+        :authorization  => "Authorization",
+        :capture        => "Capture",
+        :void           => "Void",
+        :credit         => "Credit"
+      }
+
+      CVV_CODE = {
+        'Match' => 'M',
+        'No Match' => 'N',
+        'Service Not Available' => 'U',
+        'Service not Requested' => 'P'
+      }
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+
+        options[:partner] = partner if options[:partner].blank?
+        super
+      end
+
+      def capture(money, authorization, options = {})
+        request = build_reference_request(:capture, money, authorization, options)
+        commit(request, options)
+      end
+
+      def void(authorization, options = {})
+        request = build_reference_request(:void, nil, authorization, options)
+        commit(request, options)
+      end
+
+      private
+      def build_request(body, options = {})
+        xml = Builder::XmlMarkup.new
+        xml.instruct!
+        xml.tag! 'XMLPayRequest', 'Timeout' => timeout.to_s, 'version' => "2.1", "xmlns" => XMLNS do
+          xml.tag! 'RequestData' do
+            xml.tag! 'Vendor', @options[:login]
+            xml.tag! 'Partner', @options[:partner]
+            if options[:request_type] == :recurring
+              xml << body
+            else
+              xml.tag! 'Transactions' do
+                xml.tag! 'Transaction', 'CustRef' => options[:customer] do
+                  xml.tag! 'Verbosity', @options[:verbosity] || 'MEDIUM'
+                  xml << body
+                end
+              end
+            end
+          end
+          xml.tag! 'RequestAuth' do
+            xml.tag! 'UserPass' do
+              xml.tag! 'User', !@options[:user].blank? ? @options[:user] : @options[:login]
+              xml.tag! 'Password', @options[:password]
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def build_reference_request(action, money, authorization, options)
+        xml = Builder::XmlMarkup.new
+        xml.tag! TRANSACTIONS[action] do
+          xml.tag! 'PNRef', authorization
+
+          unless money.nil?
+            xml.tag! 'Invoice' do
+              xml.tag!('TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money))
+              xml.tag!('Description', options[:description]) unless options[:description].blank?
+              xml.tag!('Comment', options[:comment]) unless options[:comment].blank?
+              xml.tag!('ExtData', 'Name'=> 'COMMENT2', 'Value'=> options[:comment2]) unless options[:comment2].blank?
+            end
+          end
+        end
+
+        xml.target!
+      end
+
+      def add_address(xml, tag, address, options)
+        return if address.nil?
+        xml.tag! tag do
+          xml.tag! 'Name', address[:name] unless address[:name].blank?
+          xml.tag! 'EMail', options[:email] unless options[:email].blank?
+          xml.tag! 'Phone', address[:phone] unless address[:phone].blank?
+          xml.tag! 'CustCode', options[:customer] if !options[:customer].blank? && tag == 'BillTo'
+          xml.tag! 'PONum', options[:po_number] if !options[:po_number].blank? && tag == 'BillTo'
+
+          xml.tag! 'Address' do
+            xml.tag! 'Street', address[:address1] unless address[:address1].blank?
+            xml.tag! 'City', address[:city] unless address[:city].blank?
+            xml.tag! 'State', address[:state].blank? ? "N/A" : address[:state]
+            xml.tag! 'Country', address[:country] unless address[:country].blank?
+            xml.tag! 'Zip', address[:zip] unless address[:zip].blank?
+          end
+        end
+      end
+
+      def parse(data)
+        response = {}
+        xml = Nokogiri::XML(data)
+        xml.remove_namespaces!
+        root = xml.xpath("//ResponseData")
+
+        # REXML::XPath in Ruby 1.8.6 is now unable to match nodes based on their attributes
+        tx_result = root.xpath(".//TransactionResult").first
+
+        if tx_result && tx_result.attributes['Duplicate'].to_s == "true"
+          response[:duplicate] = true
+        end
+
+        root.xpath(".//*").each do |node|
+          parse_element(response, node)
+        end
+
+        response
+      end
+
+      def parse_element(response, node)
+        node_name = node.name.underscore.to_sym
+        case
+        when node_name == :rp_payment_result
+          # Since we'll have multiple history items, we can't just flatten everything
+          # down as we do everywhere else. RPPaymentResult elements are not contained
+          # in an RPPaymentResults element so we'll come here multiple times
+          response[node_name] ||= []
+          response[node_name] << ( payment_result_response = {} )
+          node.xpath(".//*").each{ |e| parse_element(payment_result_response, e) }
+        when node.xpath(".//*").to_a.any?
+          node.xpath(".//*").each{|e| parse_element(response, e) }
+        when node_name.to_s =~ /amt$/
+          # *Amt elements don't put the value in the #text - instead they use a Currency attribute
+          response[node_name] = node.attributes['Currency'].to_s
+        when node_name == :ext_data
+          response[node.attributes['Name'].to_s.underscore.to_sym] = node.attributes['Value'].to_s
+        else
+          response[node_name] = node.text
+        end
+      end
+
+      def build_headers(content_length)
+        {
+          "Content-Type" => "text/xml",
+          "Content-Length" => content_length.to_s,
+          "X-VPS-Client-Timeout" => timeout.to_s,
+          "X-VPS-VIT-Integration-Product" => "ActiveMerchant",
+          "X-VPS-VIT-Runtime-Version" => RUBY_VERSION,
+          "X-VPS-Request-ID" => SecureRandom.hex(16)
+        }
+      end
+
+      def commit(request_body, options  = {})
+        request = build_request(request_body, options)
+        headers = build_headers(request.size)
+
+        response = parse(ssl_post(test? ? self.test_url : self.live_url, request, headers))
+
+        build_response(
+          success_for(response),
+          response[:message], response,
+          test: test?,
+          authorization: response[:pn_ref] || response[:rp_ref],
+          cvv_result: CVV_CODE[response[:cv_result]],
+          avs_result: { code: response[:avs_result] },
+          fraud_review: under_fraud_review?(response)
+        )
+      end
+
+      def success_for(response)
+        %w(0 126).include?(response[:result])
+      end
+
+      def under_fraud_review?(response)
+        (response[:result] == "126")
+      end
+    end
+  end
+end