swiss-activemerchant 1.0.1

data/lib/active_merchant/billing/gateways/secure_net.rb

@@ -0,0 +1,260 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class SecureNetGateway < Gateway
+      API_VERSION = '4.0'
+
+      TRANSACTIONS = {
+        auth_only:            '0000',
+        auth_capture:         '0100',
+        prior_auth_capture:   '0200',
+        void:                 '0400',
+        credit:               '0500'
+      }
+
+      XML_ATTRIBUTES = {
+        'xmlns' => 'http://gateway.securenet.com/API/Contracts',
+        'xmlns:i' => 'http://www.w3.org/2001/XMLSchema-instance'
+      }
+      NIL_ATTRIBUTE = { 'i:nil' => 'true' }
+
+      self.supported_countries = ['US']
+      self.supported_cardtypes = %i[visa master american_express discover]
+      self.homepage_url = 'http://www.securenet.com/'
+      self.display_name = 'SecureNet'
+
+      self.test_url = 'https://certify.securenet.com/API/gateway.svc/webHttp/ProcessTransaction'
+      self.live_url = 'https://gateway.securenet.com/api/Gateway.svc/webHttp/ProcessTransaction'
+
+      APPROVED, DECLINED = 1, 2
+
+      CARD_CODE_ERRORS = %w(N S)
+      AVS_ERRORS = %w(A E N R W Z)
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      def authorize(money, creditcard, options = {})
+        commit(build_sale_or_authorization(creditcard, options, :auth_only, money))
+      end
+
+      def purchase(money, creditcard, options = {})
+        commit(build_sale_or_authorization(creditcard, options, :auth_capture, money))
+      end
+
+      def capture(money, authorization, options = {})
+        commit(build_capture_refund_void(authorization, options, :prior_auth_capture, money))
+      end
+
+      def void(authorization, options = {})
+        commit(build_capture_refund_void(authorization, options, :void))
+      end
+
+      def refund(money, authorization, options = {})
+        commit(build_capture_refund_void(authorization, options, :credit, money))
+      end
+
+      def credit(money, authorization, options = {})
+        ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
+        refund(money, authorization, options)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<CARDNUMBER>)\d+(</CARDNUMBER>))i, '\1[FILTERED]\2').
+          gsub(%r((<CARDCODE>)\d+(</CARDCODE>))i, '\1[FILTERED]\2').
+          gsub(%r((<SECUREKEY>).+(</SECUREKEY>))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def commit(request)
+        xml = build_request(request)
+        url = test? ? self.test_url : self.live_url
+        data = ssl_post(url, xml, 'Content-Type' => 'text/xml')
+        response = parse(data)
+
+        Response.new(success?(response), message_from(response), response,
+          test: test?,
+          authorization: build_authorization(response),
+          avs_result: { code: response[:avs_result_code] },
+          cvv_result: response[:card_code_response_code])
+      end
+
+      def build_request(request)
+        xml = Builder::XmlMarkup.new
+
+        xml.instruct!
+        xml.tag!('TRANSACTION', XML_ATTRIBUTES) do
+          xml << request
+        end
+
+        xml.target!
+      end
+
+      def build_sale_or_authorization(creditcard, options, action, money)
+        xml = Builder::XmlMarkup.new
+
+        xml.tag! 'AMOUNT', amount(money)
+        add_credit_card(xml, creditcard)
+        add_params_in_required_order(xml, action, creditcard, options)
+        add_more_required_params(xml, options)
+
+        xml.target!
+      end
+
+      def build_capture_refund_void(authorization, options, action, money = nil)
+        xml = Builder::XmlMarkup.new
+
+        transaction_id, amount_in_ref, last_four = split_authorization(authorization)
+
+        xml.tag! 'AMOUNT', amount(money) || amount_in_ref
+        xml.tag!('CARD') do
+          xml.tag! 'CARDNUMBER', last_four
+        end
+
+        add_params_in_required_order(xml, action, nil, options)
+        xml.tag! 'REF_TRANSID', transaction_id
+        add_more_required_params(xml, options)
+
+        xml.target!
+      end
+
+      def add_credit_card(xml, creditcard)
+        xml.tag!('CARD') do
+          xml.tag! 'CARDCODE', creditcard.verification_value if creditcard.verification_value?
+          xml.tag! 'CARDNUMBER', creditcard.number
+          xml.tag! 'EXPDATE', expdate(creditcard)
+        end
+      end
+
+      def add_customer_data(xml, options)
+        xml.tag! 'CUSTOMERID', options[:customer] if options.has_key? :customer
+
+        xml.tag! 'CUSTOMERIP', options[:ip] if options.has_key? :ip
+      end
+
+      def add_address(xml, creditcard, options)
+        return unless creditcard
+
+        if address = options[:billing_address] || options[:address]
+          xml.tag!('CUSTOMER_BILL') do
+            xml.tag! 'ADDRESS', address[:address1].to_s
+            xml.tag! 'CITY', address[:city].to_s
+            xml.tag! 'COMPANY', address[:company].to_s
+            xml.tag! 'COUNTRY', address[:country].to_s
+            if options.has_key? :email
+              xml.tag! 'EMAIL', options[:email]
+              xml.tag! 'EMAILRECEIPT', 'FALSE'
+            end
+            xml.tag! 'FIRSTNAME', creditcard.first_name
+            xml.tag! 'LASTNAME', creditcard.last_name
+            xml.tag! 'PHONE', address[:phone].to_s
+            xml.tag! 'STATE', address[:state].blank? ? 'n/a' : address[:state]
+            xml.tag! 'ZIP', address[:zip].to_s
+          end
+        end
+
+        if address = options[:shipping_address]
+          xml.tag!('CUSTOMER_SHIP') do
+            xml.tag! 'ADDRESS', address[:address1].to_s
+            xml.tag! 'CITY', address[:city].to_s
+            xml.tag! 'COMPANY', address[:company].to_s
+            xml.tag! 'COUNTRY', address[:country].to_s
+
+            if address[:name]
+              first_name, last_name = split_names(address[:name])
+              xml.tag! 'FIRSTNAME', first_name
+              xml.tag! 'LASTNAME', last_name
+            else
+              xml.tag! 'FIRSTNAME', address[:first_name].to_s
+              xml.tag! 'LASTNAME', address[:last_name].to_s
+            end
+
+            xml.tag! 'STATE', address[:state].blank? ? 'n/a' : address[:state]
+            xml.tag! 'ZIP', address[:zip].to_s
+          end
+        else
+          xml.tag!('CUSTOMER_SHIP', NIL_ATTRIBUTE) do
+          end
+        end
+      end
+
+      def add_merchant_key(xml, options)
+        xml.tag!('MERCHANT_KEY') do
+          xml.tag! 'GROUPID', 0
+          xml.tag! 'SECUREKEY', @options[:password]
+          xml.tag! 'SECURENETID', @options[:login]
+        end
+      end
+
+      # SecureNet requires some of the xml params to be in a certain order.  http://cl.ly/image/3K260E0p0a0n/content.png
+      def add_params_in_required_order(xml, action, creditcard, options)
+        xml.tag! 'CODE', TRANSACTIONS[action]
+        add_customer_data(xml, options)
+        add_address(xml, creditcard, options)
+        xml.tag! 'DCI', 0 # No duplicate checking will be done, except for ORDERID
+        xml.tag! 'INSTALLMENT_SEQUENCENUM', 1
+        xml.tag! 'INVOICEDESC', options[:invoice_description] if options[:invoice_description]
+        xml.tag! 'INVOICENUM', options[:invoice_number] if options[:invoice_number]
+        add_merchant_key(xml, options)
+        xml.tag! 'METHOD', 'CC'
+        xml.tag! 'NOTE', options[:description] if options[:description]
+        xml.tag! 'ORDERID', truncate(options[:order_id], 25)
+        xml.tag! 'OVERRIDE_FROM', 0 # Docs say not required, but doesn't work without it
+      end
+
+      def add_more_required_params(xml, options)
+        test_mode = options[:test_mode].nil? ? test? : options[:test_mode]
+        xml.tag! 'RETAIL_LANENUM', '0'
+        xml.tag! 'TEST', test_mode ? 'TRUE' : 'FALSE'
+        xml.tag! 'TOTAL_INSTALLMENTCOUNT', 0
+        xml.tag! 'TRANSACTION_SERVICE', 0
+        xml.tag! 'DEVELOPERID', options[:developer_id] if options[:developer_id]
+      end
+
+      def success?(response)
+        response[:response_code].to_i == APPROVED
+      end
+
+      def message_from(response)
+        return response[:response_reason_text].nil? ? '' : response[:response_reason_text][0..-1]
+      end
+
+      def parse(xml)
+        response = {}
+        xml = REXML::Document.new(xml)
+        root = REXML::XPath.first(xml, '//GATEWAYRESPONSE')
+        if root
+          root.elements.to_a.each do |node|
+            recurring_parse_element(response, node)
+          end
+        end
+
+        response
+      end
+
+      def recurring_parse_element(response, node)
+        if node.has_elements?
+          node.elements.each { |e| recurring_parse_element(response, e) }
+        else
+          response[node.name.underscore.to_sym] = node.text
+        end
+      end
+
+      def split_authorization(authorization)
+        transaction_id, amount, last_four = authorization.split('|')
+        [transaction_id, amount, last_four]
+      end
+
+      def build_authorization(response)
+        [response[:transactionid], response[:transactionamount], response[:last4_digits]].join('|')
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/secure_pay.rb

@@ -0,0 +1,191 @@
+require 'active_merchant/billing/gateways/authorize_net'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class SecurePayGateway < Gateway
+      API_VERSION = '3.1'
+
+      self.live_url = self.test_url = 'https://www.securepay.com/AuthSpayAdapter/process.aspx'
+
+      class_attribute :duplicate_window
+
+      APPROVED, DECLINED, ERROR, FRAUD_REVIEW = 1, 2, 3, 4
+
+      RESPONSE_CODE, RESPONSE_REASON_CODE, RESPONSE_REASON_TEXT, AUTHORIZATION_CODE = 0, 2, 3, 4
+      AVS_RESULT_CODE, TRANSACTION_ID, CARD_CODE_RESPONSE_CODE, CARDHOLDER_AUTH_CODE = 5, 6, 38, 39
+
+      self.default_currency = 'USD'
+
+      self.supported_countries = %w(US CA GB AU)
+      self.supported_cardtypes = %i[visa master american_express discover diners_club jcb]
+      self.homepage_url = 'http://www.securepay.com/'
+      self.display_name = 'SecurePay'
+
+      CARD_CODE_ERRORS = %w(N S)
+      AVS_ERRORS = %w(A E N R W Z)
+      AVS_REASON_CODES = %w(27 45)
+      TRANSACTION_ALREADY_ACTIONED = %w(310 311)
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      def purchase(money, paysource, options = {})
+        post = {}
+        add_currency_code(post, money, options)
+        add_invoice(post, options)
+        add_payment_source(post, paysource, options)
+        add_address(post, options)
+        add_customer_data(post, options)
+        add_duplicate_window(post)
+
+        commit('AUTH_CAPTURE', money, post)
+      end
+
+      private
+
+      def commit(action, money, parameters)
+        parameters[:amount] = amount(money) unless action == 'VOID'
+
+        url = (test? ? self.test_url : self.live_url)
+        data = ssl_post(url, post_data(action, parameters))
+
+        response          = parse(data)
+        response[:action] = action
+
+        message = message_from(response)
+
+        Response.new(success?(response), message, response,
+          test: test?,
+          authorization: response[:transaction_id],
+          fraud_review: fraud_review?(response),
+          avs_result: { code: response[:avs_result_code] },
+          cvv_result: response[:card_code])
+      end
+
+      def success?(response)
+        response[:response_code] == APPROVED && TRANSACTION_ALREADY_ACTIONED.exclude?(response[:response_reason_code])
+      end
+
+      def fraud_review?(response)
+        response[:response_code] == FRAUD_REVIEW
+      end
+
+      def parse(body)
+        fields = split(body)
+
+        results = {
+          response_code: fields[RESPONSE_CODE].to_i,
+          response_reason_code: fields[RESPONSE_REASON_CODE],
+          response_reason_text: fields[RESPONSE_REASON_TEXT],
+          avs_result_code: fields[AVS_RESULT_CODE],
+          transaction_id: fields[TRANSACTION_ID],
+          card_code: fields[CARD_CODE_RESPONSE_CODE],
+          authorization_code: fields[AUTHORIZATION_CODE],
+          cardholder_authentication_code: fields[CARDHOLDER_AUTH_CODE]
+        }
+        results
+      end
+
+      def post_data(action, parameters = {})
+        post = {}
+
+        post[:version]        = API_VERSION
+        post[:login]          = @options[:login]
+        post[:tran_key]       = @options[:password]
+        post[:relay_response] = 'FALSE'
+        post[:type]           = action
+        post[:delim_data]     = 'TRUE'
+        post[:delim_char]     = ','
+        post[:encap_char]     = '$'
+        post[:solution_ID]    = application_id if application_id
+
+        request = post.merge(parameters).collect { |key, value| "x_#{key}=#{CGI.escape(value.to_s)}" }.join('&')
+        request
+      end
+
+      def add_currency_code(post, money, options)
+        post[:currency_code] = options[:currency] || currency(money)
+      end
+
+      def add_invoice(post, options)
+        post[:invoice_num] = options[:order_id]
+        post[:description] = options[:description]
+      end
+
+      def add_creditcard(post, creditcard, options = {})
+        post[:card_num]   = creditcard.number
+        post[:card_code]  = creditcard.verification_value if creditcard.verification_value?
+        post[:exp_date]   = expdate(creditcard)
+        post[:first_name] = creditcard.first_name
+        post[:last_name]  = creditcard.last_name
+      end
+
+      def add_payment_source(params, source, options = {})
+        add_creditcard(params, source, options)
+      end
+
+      def add_customer_data(post, options)
+        if options.has_key? :email
+          post[:email] = options[:email]
+          post[:email_customer] = false
+        end
+
+        if options.has_key? :customer
+          post[:cust_id] = options[:customer] if Float(options[:customer]) rescue nil
+        end
+
+        post[:customer_ip] = options[:ip] if options.has_key? :ip
+
+        post[:cardholder_authentication_value] = options[:cardholder_authentication_value] if options.has_key? :cardholder_authentication_value
+
+        post[:authentication_indicator] = options[:authentication_indicator] if options.has_key? :authentication_indicator
+      end
+
+      # x_duplicate_window won't be sent by default, because sending it changes the response.
+      # "If this field is present in the request with or without a value, an enhanced duplicate transaction response will be sent."
+      # (as of 2008-12-30) http://www.authorize.net/support/AIM_guide_SCC.pdf
+      def add_duplicate_window(post)
+        post[:duplicate_window] = duplicate_window if duplicate_window
+      end
+
+      def add_address(post, options)
+        if address = options[:billing_address] || options[:address]
+          post[:address] = address[:address1].to_s
+          post[:company] = address[:company].to_s
+          post[:phone]   = address[:phone].to_s
+          post[:zip]     = address[:zip].to_s
+          post[:city]    = address[:city].to_s
+          post[:country] = address[:country].to_s
+          post[:state]   = address[:state].blank? ? 'n/a' : address[:state]
+        end
+
+        if address = options[:shipping_address]
+          post[:ship_to_first_name] = address[:first_name].to_s
+          post[:ship_to_last_name] = address[:last_name].to_s
+          post[:ship_to_address] = address[:address1].to_s
+          post[:ship_to_company] = address[:company].to_s
+          post[:ship_to_phone]   = address[:phone].to_s
+          post[:ship_to_zip]     = address[:zip].to_s
+          post[:ship_to_city]    = address[:city].to_s
+          post[:ship_to_country] = address[:country].to_s
+          post[:ship_to_state]   = address[:state].blank? ? 'n/a' : address[:state]
+        end
+      end
+
+      def message_from(results)
+        if results[:response_code] == DECLINED
+          return CVVResult.messages[results[:card_code]] if CARD_CODE_ERRORS.include?(results[:card_code])
+          return AVSResult.messages[results[:avs_result_code]] if AVS_REASON_CODES.include?(results[:response_reason_code]) && AVS_ERRORS.include?(results[:avs_result_code])
+        end
+
+        (results[:response_reason_text] ? results[:response_reason_text].chomp('.') : '')
+      end
+
+      def split(response)
+        response.split(',')
+      end
+    end
+  end
+end