start_activemerchant 1.50.0

data/lib/active_merchant/billing/gateways/paypal_express_common.rb

@@ -0,0 +1,30 @@
+module ActiveMerchant
+  module Billing
+    module PaypalExpressCommon
+      def self.included(base)
+        if base.respond_to?(:class_attribute)
+          base.class_attribute :test_redirect_url
+          base.class_attribute :live_redirect_url
+        else
+          base.class_inheritable_accessor :test_redirect_url
+          base.class_inheritable_accessor :live_redirect_url
+        end
+        base.live_redirect_url = 'https://www.paypal.com/cgi-bin/webscr'
+      end
+      
+      def redirect_url
+        test? ? test_redirect_url : live_redirect_url
+      end
+      
+      def redirect_url_for(token, options = {})
+        options = {:review => true, :mobile => false}.update(options)
+
+        cmd  = options[:mobile] ? '_express-checkout-mobile' : '_express-checkout'
+        url  = "#{redirect_url}?cmd=#{cmd}&token=#{token}"
+        url += '&useraction=commit' unless options[:review]
+
+        url
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/payscout.rb

@@ -0,0 +1,162 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PayscoutGateway < Gateway
+      self.live_url = self.test_url = 'https://secure.payscout.com/api/transact.php'
+
+      self.supported_countries = ['US']
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+      self.default_currency = 'USD'
+      self.homepage_url = 'http://www.payscout.com/'
+      self.display_name = 'Payscout'
+
+      def initialize(options = {})
+        requires!(options, :username, :password)
+        super
+      end
+
+      def authorize(money, creditcard, options = {})
+        post = {}
+        add_invoice(post, options)
+        add_creditcard(post, creditcard)
+        add_currency(post, money, options)
+        add_address(post, options)
+
+        commit('auth', money, post)
+      end
+
+      def purchase(money, creditcard, options = {})
+        post = {}
+        add_invoice(post, options)
+        add_creditcard(post, creditcard)
+        add_currency(post, money, options)
+        add_address(post, options)
+
+        commit('sale', money, post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        post[:transactionid] = authorization
+
+        commit('capture', money, post)
+      end
+
+
+      def refund(money, authorization, options = {})
+        post = {}
+        post[:transactionid] = authorization
+
+        commit('refund', money, post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        post[:transactionid] = authorization
+
+        commit('void', nil, post)
+      end
+
+      private
+
+      def add_address(post, options)
+        if address = options[:billing_address] || options[:address]
+          post[:address1] = address[:address1].to_s
+          post[:address2] = address[:address2].to_s
+          post[:city]     = address[:city].to_s
+          post[:state]    = (address[:state].blank?  ? 'n/a' : address[:state])
+          post[:zip]      = address[:zip].to_s
+          post[:country]  = address[:country].to_s
+          post[:phone]    = address[:phone].to_s
+          post[:fax]      = address[:fax].to_s
+          post[:email]    = address[:email].to_s
+        end
+
+        if address = options[:shipping_address]
+          post[:shipping_firstname] = address[:first_name].to_s
+          post[:shipping_lastname]  = address[:last_name].to_s
+          post[:shipping_company]   = address[:company].to_s
+          post[:shipping_address1]  = address[:address1].to_s
+          post[:shipping_address2]  = address[:address2].to_s
+          post[:shipping_city]      = address[:city].to_s
+          post[:shipping_country]   = address[:country].to_s
+          post[:shipping_state]     = (address[:state].blank?  ? 'n/a' : address[:state])
+          post[:shipping_zip]       = address[:zip].to_s
+          post[:shipping_email]     = address[:email].to_s
+        end
+      end
+
+      def add_currency(post, money, options)
+        post[:currency] = options[:currency] || currency(money)
+      end
+
+      def add_invoice(post, options)
+        post[:orderdescription] = options[:description]
+        post[:orderid]          = options[:order_id]
+      end
+
+      def add_creditcard(post, creditcard)
+        post[:ccnumber]  = creditcard.number
+        post[:cvv]       = creditcard.verification_value if creditcard.verification_value?
+        post[:ccexp]     = expdate(creditcard)
+        post[:firstname] = creditcard.first_name
+        post[:lastname]  = creditcard.last_name
+      end
+
+      def parse(body)
+        Hash[body.split('&').map{|x|x.split('=')}]
+      end
+
+      def commit(action, money, parameters)
+        parameters[:amount] = amount(money) unless action == 'void'
+        url = (test? ? self.test_url : self.live_url)
+        data = ssl_post(url, post_data(action, parameters))
+
+        response          = parse(data)
+        response[:action] = action
+
+        message = message_from(response)
+        test_mode = (test? || message =~ /TESTMODE/)
+        Response.new(success?(response), message, response,
+          :test => test_mode,
+          :authorization => response['transactionid'],
+          :fraud_review => fraud_review?(response),
+          :avs_result => { :code => response['avsresponse'] },
+          :cvv_result => response['cvvresponse']
+        )
+      end
+
+      def message_from(response)
+        case response['response']
+        when '1'
+          'The transaction has been approved'
+        when '2'
+          'The transaction has been declined'
+        when '3'
+          response['responsetext']
+        else
+          'There was an error processing the transaction'
+        end
+      end
+
+      def fraud_review?(response)
+        false
+      end
+
+      def success?(response)
+        (response['response'] == '1')
+      end
+
+      def post_data(action, parameters = {})
+        post = {}
+
+        post[:username]       = @options[:username]
+        post[:password]       = @options[:password]
+        post[:type]           = action
+
+        request = post.merge(parameters).collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+        request
+      end
+    end
+  end
+end
+

data/lib/active_merchant/billing/gateways/paystation.rb

@@ -0,0 +1,199 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PaystationGateway < Gateway
+
+      self.live_url = self.test_url = "https://www.paystation.co.nz/direct/paystation.dll"
+
+      # an "error code" of "0" means "No error - transaction successful"
+      SUCCESSFUL_RESPONSE_CODE = '0'
+
+      # an "error code" of "34" means "Future Payment Stored OK"
+      SUCCESSFUL_FUTURE_PAYMENT = '34'
+
+      # TODO: check this with paystation
+      self.supported_countries = ['NZ']
+
+      # TODO: check this with paystation (amex and diners need to be enabled)
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club ]
+
+      self.homepage_url        = 'http://paystation.co.nz'
+      self.display_name        = 'Paystation'
+
+      self.default_currency    = 'NZD'
+      self.money_format        = :cents
+
+      def initialize(options = {})
+        requires!(options, :paystation_id, :gateway_id)
+        super
+      end
+
+      def authorize(money, credit_card, options = {})
+        post = new_request
+
+        add_invoice(post, options)
+        add_amount(post, money, options)
+
+        add_credit_card(post, credit_card)
+
+        add_authorize_flag(post, options)
+
+        commit(post)
+      end
+
+      def capture(money, authorization_token, options = {})
+        post = new_request
+
+        add_invoice(post, options)
+        add_amount(post, money, options)
+
+        add_authorization_token(post, authorization_token, options[:credit_card_verification])
+
+        commit(post)
+      end
+
+      def purchase(money, payment_source, options = {})
+        post = new_request
+
+        add_invoice(post, options)
+        add_amount(post, money, options)
+
+        if payment_source.is_a?(String)
+          add_token(post, payment_source)
+        else
+          add_credit_card(post, payment_source)
+        end
+
+        add_customer_data(post, options) if options.has_key?(:customer)
+
+        commit(post)
+      end
+
+      def store(credit_card, options = {})
+        post = new_request
+
+        add_invoice(post, options)
+        add_credit_card(post, credit_card)
+        store_credit_card(post, options)
+
+        commit(post)
+      end
+
+      private
+
+        def new_request
+          {
+            :pi    => @options[:paystation_id], # paystation account id
+            :gi    => @options[:gateway_id],    # paystation gateway id
+            "2p"   => "t",                      # two-party transaction type
+            :nr    => "t",                      # -- redirect??
+            :df    => "yymm"                    # date format: optional sometimes, required others
+          }
+        end
+
+        def add_customer_data(post, options)
+          post[:mc] = options[:customer]
+        end
+
+        def add_invoice(post, options)
+          requires!(options, :order_id)
+
+          post[:ms] = options[:order_id]     # "Merchant Session", must be unique per request
+          post[:mo] = options[:invoice]      # "Order Details", displayed in Paystation Admin
+          post[:mr] = options[:description]  # "Merchant Reference Code", seen from Paystation Admin
+        end
+
+        def add_credit_card(post, credit_card)
+
+          post[:cn] = credit_card.number
+          post[:ct] = credit_card.brand
+          post[:ex] = format_date(credit_card.month, credit_card.year)
+          post[:cc] = credit_card.verification_value if credit_card.verification_value?
+
+        end
+
+        # bill a token (stored via "store") rather than a Credit Card
+        def add_token(post, token)
+          post[:fp] = "t"    # turn on "future payments" - what paystation calls Token Billing
+          post[:ft] = token
+        end
+
+        def store_credit_card(post, options)
+
+          post[:fp] = "t"                                # turn on "future payments" - what paystation calls Token Billing
+          post[:fs] = "t"                                # tells paystation to store right now, not bill
+          post[:ft] = options[:token] if options[:token] # specify a token to use that, or let Paystation generate one
+
+        end
+
+        def add_authorize_flag(post, options)
+          post[:pa] = "t" # tells Paystation that this is a pre-auth authorisation payment (account must be in pre-auth mode)
+        end
+
+        def add_authorization_token(post, auth_token, verification_value = nil)
+          post[:cp] = "t" # Capture Payment flag – tells Paystation this transaction should be treated as a capture payment
+          post[:cx] = auth_token
+          post[:cc] = verification_value
+        end
+
+        def add_amount(post, money, options)
+
+          post[:am] = amount(money)
+          post[:cu] = options[:currency] || currency(money)
+
+        end
+
+        def parse(xml_response)
+          response = {}
+
+          xml = REXML::Document.new(xml_response)
+
+          # for normal payments, the root node is <Response>
+          # for "future payments", it's <PaystationFuturePaymentResponse>
+          xml.elements.each("#{xml.root.name}/*") do |element|
+            response[element.name.underscore.to_sym] = element.text
+          end
+
+          response
+        end
+
+        def commit(post)
+
+          post[:tm] = "T" if test? # test mode
+
+          pstn_prefix_params = post.collect { |key, value| "pstn_#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+
+          # need include paystation param as "initiator flag for payment engine"
+          data     = ssl_post(self.live_url, "#{pstn_prefix_params}&paystation=_empty")
+          response = parse(data)
+          message  = message_from(response)
+
+          PaystationResponse.new(success?(response), message, response,
+              :test          => (response[:tm] && response[:tm].downcase == "t"),
+              :authorization => response[:paystation_transaction_id]
+          )
+        end
+
+        def success?(response)
+          (response[:ec] == SUCCESSFUL_RESPONSE_CODE) || (response[:ec] == SUCCESSFUL_FUTURE_PAYMENT)
+        end
+
+        def message_from(response)
+          response[:em]
+        end
+
+        def format_date(month, year)
+          "#{format(year, :two_digits)}#{format(month, :two_digits)}"
+        end
+
+    end
+
+    class PaystationResponse < Response
+      # add a method to response so we can easily get the token
+      # for Validate transactions
+      def token
+        @params["future_payment_token"]
+      end
+    end
+  end
+end
+

data/lib/active_merchant/billing/gateways/payu_in.rb

@@ -0,0 +1,247 @@
+# encoding: utf-8
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PayuInGateway < Gateway
+      self.test_url = "https://test.payu.in/_payment"
+      self.live_url = "https://secure.payu.in/_payment"
+
+      TEST_INFO_URL = "https://test.payu.in/merchant/postservice.php?form=2"
+      LIVE_INFO_URL = "https://info.payu.in/merchant/postservice.php?form=2"
+
+      self.supported_countries = ['IN']
+      self.default_currency = 'INR'
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club]
+
+      self.homepage_url = 'https://www.payu.in/'
+      self.display_name = 'PayU India'
+
+      def initialize(options={})
+        requires!(options, :key, :salt)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        requires!(options, :order_id)
+
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_addresses(post, options)
+        add_customer_data(post, options)
+        add_auth(post)
+
+        MultiResponse.run do |r|
+          r.process{commit(url("purchase"), post)}
+          if(r.params["enrolled"].to_s == "0")
+            r.process{commit(r.params["post_uri"], r.params["form_post_vars"])}
+          else
+            r.process{handle_3dsecure(r)}
+          end
+        end
+      end
+
+      def refund(money, authorization, options={})
+        raise ArgumentError, "Amount is required" unless money
+
+        post = {}
+
+        post[:command] = "cancel_refund_transaction"
+        post[:var1] = authorization
+        post[:var2] = generate_unique_id
+        post[:var3] = amount(money)
+
+        add_auth(post, :command, :var1)
+
+        commit(url("refund"), post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(/(ccnum=)[^&\n"]*(&|\n|"|$)/, '\1[FILTERED]\2').
+          gsub(/(ccvv=)[^&\n"]*(&|\n|"|$)/, '\1[FILTERED]\2').
+          gsub(/(card_hash=)[^&\n"]*(&|\n|"|$)/, '\1[FILTERED]\2').
+          gsub(/(ccnum":")[^"]*(")/, '\1[FILTERED]\2').
+          gsub(/(ccvv":")[^"]*(")/, '\1[FILTERED]\2')
+      end
+
+      private
+
+      PAYMENT_DIGEST_KEYS = %w(
+        txnid amount productinfo firstname email
+        udf1 udf2 udf3 udf4 udf5
+        bogus bogus bogus bogus bogus
+      )
+      def add_auth(post, *digest_keys)
+        post[:key] = @options[:key]
+        post[:txn_s2s_flow] = 1
+
+        digest_keys = PAYMENT_DIGEST_KEYS if digest_keys.empty?
+        digest = Digest::SHA2.new(512)
+        digest << @options[:key] << "|"
+        digest_keys.each do |key|
+          digest << (post[key.to_sym] || "") << "|"
+        end
+        digest << @options[:salt]
+        post[:hash] = digest.hexdigest
+      end
+
+      def add_customer_data(post, options)
+        post[:email] = clean(options[:email] || "unknown@example.com", nil, 50)
+        post[:phone] = clean((options[:billing_address] && options[:billing_address][:phone]) || "11111111111", :numeric, 50)
+      end
+
+      def add_addresses(post, options)
+        if options[:billing_address]
+          post[:address1] = clean(options[:billing_address][:address1], :text, 100)
+          post[:address2] = clean(options[:billing_address][:address2], :text, 100)
+          post[:city] = clean(options[:billing_address][:city], :text, 50)
+          post[:state] = clean(options[:billing_address][:state], :text, 50)
+          post[:country] = clean(options[:billing_address][:country], :text, 50)
+          post[:zipcode] = clean(options[:billing_address][:zip], :numeric, 20)
+        end
+
+        if options[:shipping_address]
+          if options[:shipping_address][:name]
+            first, *rest = options[:shipping_address][:name].split(/\s+/)
+            post[:shipping_firstname] = clean(first, :name, 60)
+            post[:shipping_lastname] = clean(rest.join(" "), :name, 20)
+          end
+          post[:shipping_address1] = clean(options[:shipping_address][:address1], :text, 100)
+          post[:shipping_address2] = clean(options[:shipping_address][:address2], :text, 100)
+          post[:shipping_city] = clean(options[:shipping_address][:city], :text, 50)
+          post[:shipping_state] = clean(options[:shipping_address][:state], :text, 50)
+          post[:shipping_country] = clean(options[:shipping_address][:country], :text, 50)
+          post[:shipping_zipcode] = clean(options[:shipping_address][:zip], :numeric, 20)
+          post[:shipping_phone] = clean(options[:shipping_address][:phone], :numeric, 50)
+        end
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money)
+
+        post[:txnid] = clean(options[:order_id], :alphanumeric, 25)
+        post[:productinfo] = clean(options[:description] || "Purchase", nil, 100)
+
+        post[:surl] = "http://example.com"
+        post[:furl] = "http://example.com"
+      end
+
+      BRAND_MAP = {
+        visa: "VISA",
+        master: "MAST",
+        american_express: "AMEX",
+        diners_club: "DINR"
+      }
+
+      def add_payment(post, payment)
+        post[:pg] = "CC"
+        post[:firstname] = clean(payment.first_name, :name, 60)
+        post[:lastname] = clean(payment.last_name, :name, 20)
+
+        post[:bankcode] = BRAND_MAP[payment.brand.to_sym]
+        post[:ccnum] = payment.number
+        post[:ccvv] = payment.verification_value
+        post[:ccname] = payment.name
+        post[:ccexpmon] = format(payment.month, :two_digits)
+        post[:ccexpyr] = format(payment.year, :four_digits)
+      end
+
+      def clean(value, format, maxlength)
+        value ||= ""
+        value = case format
+        when :alphanumeric
+          value.gsub(/[^A-Za-z0-9]/, "")
+        when :name
+          value.gsub(/[^A-Za-z ]/, "")
+        when :numeric
+          value.gsub(/[^0-9]/, "")
+        when :text
+          value.gsub(/[^A-Za-z0-9@\-_\/\. ]/, "")
+        when nil
+          value
+        else
+          raise "Unknown format #{format} for #{value}"
+        end
+        value[0...maxlength]
+      end
+
+      def parse(body)
+        top = JSON.parse(body)
+
+        if result = top.delete("result")
+          result.split("&").inject({}) do |hash, string|
+            key, value = string.split("=")
+            hash[CGI.unescape(key).downcase] = CGI.unescape(value || "")
+            hash
+          end.each do |key, value|
+            if top[key]
+              top["result_#{key}"] = value
+            else
+              top[key] = value
+            end
+          end
+        end
+
+        if response = top.delete("response")
+          top.merge!(response)
+        end
+
+        top
+      rescue JSON::ParserError
+        {
+          "error" => "Invalid response received from the PayU API. (The raw response was `#{body}`)."
+        }
+      end
+
+      def commit(url, parameters)
+        response = parse(ssl_post(url, post_data(parameters), "Accept-Encoding" => "identity"))
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          test: test?
+        )
+      end
+
+      def url(action)
+        case action
+        when "purchase"
+          (test? ? test_url : live_url)
+        else
+          (test? ? TEST_INFO_URL : LIVE_INFO_URL)
+        end
+      end
+
+      def success_from(response)
+        if response["result_status"]
+          (response["status"] == "success" && response["result_status"] == "success")
+        else
+          (response["status"] == "success" || response["status"].to_s == "1")
+        end
+      end
+
+      def message_from(response)
+        (response["error_message"] || response["error"] || response["msg"])
+      end
+
+      def authorization_from(response)
+        response["mihpayid"]
+      end
+
+      def post_data(parameters = {})
+        PostData.new.merge!(parameters).to_post_data
+      end
+
+      def handle_3dsecure(response)
+        Response.new(false, "3D-secure enrolled cards are not supported.")
+      end
+    end
+  end
+end