swiss-activemerchant 1.0.1

data/lib/active_merchant/billing/gateways/vpos.rb

@@ -0,0 +1,223 @@
+require 'digest'
+require 'jwe'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class VposGateway < Gateway
+      self.test_url = 'https://vpos.infonet.com.py:8888'
+      self.live_url = 'https://vpos.infonet.com.py'
+
+      self.supported_countries = ['PY']
+      self.default_currency = 'PYG'
+      self.supported_cardtypes = %i[visa master]
+
+      self.homepage_url = 'https://comercios.bancard.com.py'
+      self.display_name = 'vPOS'
+
+      self.money_format = :dollars
+
+      ENDPOINTS = {
+        pci_encryption_key: '/vpos/api/0.3/application/encryption-key',
+        pay_pci_buy_encrypted: '/vpos/api/0.3/pci/encrypted',
+        pci_buy_rollback: '/vpos/api/0.3/pci_buy/rollback',
+        refund: '/vpos/api/0.3/refunds'
+      }
+
+      def initialize(options = {})
+        requires!(options, :private_key, :public_key)
+        @private_key = options[:private_key]
+        @public_key = options[:public_key]
+        @encryption_key = OpenSSL::PKey::RSA.new(options[:encryption_key]) if options[:encryption_key]
+        @shop_process_id = options[:shop_process_id] || SecureRandom.random_number(10**15)
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        commerce = options[:commerce] || @options[:commerce]
+        commerce_branch = options[:commerce_branch] || @options[:commerce_branch]
+        shop_process_id = options[:shop_process_id] || @shop_process_id
+
+        token = generate_token(shop_process_id, 'pay_pci', commerce, commerce_branch, amount(money), currency(money))
+
+        post = {}
+        post[:token] = token
+        post[:commerce] = commerce.to_s
+        post[:commerce_branch] = commerce_branch.to_s
+        post[:shop_process_id] = shop_process_id
+        post[:number_of_payments] = options[:number_of_payments] || 1
+        post[:recursive] = options[:recursive] || false
+
+        add_invoice(post, money, options)
+        add_card_data(post, payment)
+        add_customer_data(post, options)
+
+        commit(:pay_pci_buy_encrypted, post)
+      end
+
+      def void(authorization, options = {})
+        _, shop_process_id = authorization.to_s.split('#')
+        token = generate_token(shop_process_id, 'rollback', '0.00')
+        post = {
+          token: token,
+          shop_process_id: shop_process_id
+        }
+        commit(:pci_buy_rollback, post)
+      end
+
+      def credit(money, payment, options = {})
+        # Not permitted for foreign cards.
+        commerce = options[:commerce] || @options[:commerce]
+        commerce_branch = options[:commerce_branch] || @options[:commerce_branch]
+
+        token = generate_token(@shop_process_id, 'refund', commerce, commerce_branch, amount(money), currency(money))
+        post = {}
+        post[:token] = token
+        post[:commerce] = commerce.to_i
+        post[:commerce_branch] = commerce_branch.to_i
+        post[:shop_process_id] = @shop_process_id
+        add_invoice(post, money, options)
+        add_card_data(post, payment)
+        add_customer_data(post, options)
+        post[:origin_shop_process_id] = options[:original_shop_process_id] if options[:original_shop_process_id]
+        commit(:refund, post)
+      end
+
+      def refund(money, authorization, options = {})
+        commerce = options[:commerce] || @options[:commerce]
+        commerce_branch = options[:commerce_branch] || @options[:commerce_branch]
+        shop_process_id = options[:shop_process_id] || @shop_process_id
+        _, original_shop_process_id = authorization.to_s.split('#')
+
+        token = generate_token(shop_process_id, 'refund', commerce, commerce_branch, amount(money), currency(money))
+        post = {}
+        post[:token] = token
+        post[:commerce] = commerce.to_i
+        post[:commerce_branch] = commerce_branch.to_i
+        post[:shop_process_id] = shop_process_id
+        add_invoice(post, money, options)
+        add_customer_data(post, options)
+        post[:origin_shop_process_id] = original_shop_process_id || options[:original_shop_process_id]
+        commit(:refund, post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        clean_transcript = remove_invalid_utf_8_byte_sequences(transcript)
+        clean_transcript.
+          gsub(/(token\\":\\")[.\-\w]+/, '\1[FILTERED]').
+          gsub(/(card_encrypted_data\\":\\")[.\-\w]+/, '\1[FILTERED]')
+      end
+
+      def remove_invalid_utf_8_byte_sequences(transcript)
+        transcript.encode('UTF-8', 'binary', undef: :replace, replace: '')
+      end
+
+      # Required to encrypt PAN data.
+      def one_time_public_key
+        token = generate_token('get_encription_public_key', @public_key)
+        response = commit(:pci_encryption_key, token: token)
+        response.params['encryption_key']
+      end
+
+      private
+
+      def generate_token(*elements)
+        Digest::MD5.hexdigest(@private_key + elements.join)
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money)
+        post[:currency] = options[:currency] || currency(money)
+      end
+
+      def add_card_data(post, payment)
+        card_number = payment.number
+        cvv = payment.verification_value
+
+        payload = { card_number: card_number, 'cvv': cvv }.to_json
+
+        encryption_key = @encryption_key || OpenSSL::PKey::RSA.new(one_time_public_key)
+
+        post[:card_encrypted_data] = JWE.encrypt(payload, encryption_key)
+        post[:card_month_expiration] = format(payment.month, :two_digits)
+        post[:card_year_expiration] = format(payment.year, :two_digits)
+      end
+
+      def add_customer_data(post, options)
+        post[:additional_data] = options[:additional_data] || '' # must be passed even if empty
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def commit(action, parameters)
+        url = build_request_url(action)
+        begin
+          response = parse(ssl_post(url, post_data(parameters)))
+        rescue ResponseError => response
+          # Errors are returned with helpful data,
+          # but get filtered out by `ssl_post` because of their HTTP status.
+          response = parse(response.response.body)
+        end
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          avs_result: nil,
+          cvv_result: nil,
+          test: test?,
+          error_code: error_code_from(response)
+        )
+      end
+
+      def success_from(response)
+        if code = response.dig('confirmation', 'response_code')
+          code == '00'
+        else
+          response['status'] == 'success'
+        end
+      end
+
+      def message_from(response)
+        %w(confirmation refund).each do |m|
+          message =
+            response.dig(m, 'extended_response_description') ||
+            response.dig(m, 'response_description') ||
+            response.dig(m, 'response_details')
+          return message if message
+        end
+        [response.dig('messages', 0, 'key'), response.dig('messages', 0, 'dsc')].join(':')
+      end
+
+      def authorization_from(response)
+        response_body = response.dig('confirmation') || response.dig('refund')
+        return unless response_body
+
+        authorization_number = response_body.dig('authorization_number') || response_body.dig('authorization_code')
+        shop_process_id = response_body.dig('shop_process_id')
+
+        "#{authorization_number}##{shop_process_id}"
+      end
+
+      def error_code_from(response)
+        response.dig('confirmation', 'response_code') unless success_from(response)
+      end
+
+      def build_request_url(action)
+        base_url = (test? ? test_url : live_url)
+        base_url + ENDPOINTS[action]
+      end
+
+      def post_data(data)
+        { public_key: @public_key,
+          operation: data }.compact.to_json
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/webpay.rb

@@ -0,0 +1,97 @@
+require 'json'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class WebpayGateway < StripeGateway
+      self.live_url = 'https://api.webpay.jp/v1/'
+
+      self.supported_countries = ['JP']
+      self.default_currency = 'JPY'
+      self.money_format = :cents
+      self.supported_cardtypes = %i[visa master american_express jcb diners_club]
+
+      self.homepage_url = 'https://webpay.jp/'
+      self.display_name = 'WebPay'
+
+      def capture(money, authorization, options = {})
+        post = {}
+        add_amount(post, money, options)
+        add_application_fee(post, options)
+        commit(:post, "charges/#{CGI.escape(authorization)}/capture", post)
+      end
+
+      def refund(money, identification, options = {})
+        post = {}
+        add_amount(post, money, options)
+        MultiResponse.run do |r|
+          r.process { commit(:post, "charges/#{CGI.escape(identification)}/refund", post, options) }
+
+          return r unless options[:refund_fee_amount]
+
+          r.process { fetch_application_fees(identification, options) }
+          r.process { refund_application_fee(options[:refund_fee_amount], application_fee_from_response(r), options) }
+        end
+      end
+
+      def refund_fee(identification, options, meta)
+        raise NotImplementedError.new
+      end
+
+      def add_customer(post, creditcard, options)
+        post[:customer] = options[:customer] if options[:customer] && !creditcard.respond_to?(:number)
+      end
+
+      def store(creditcard, options = {})
+        post = {}
+        add_creditcard(post, creditcard, options)
+        post[:description] = options[:description]
+        post[:email] = options[:email]
+
+        if options[:customer]
+          MultiResponse.run(:first) do |r|
+            r.process { commit(:post, "customers/#{CGI.escape(options[:customer])}/", post, options) }
+
+            return r unless options[:set_default] && r.success? && !r.params['id'].blank?
+
+            r.process { update_customer(options[:customer], default_card: r.params['id']) }
+          end
+        else
+          commit(:post, 'customers', post, options)
+        end
+      end
+
+      def update(customer_id, creditcard, options = {})
+        post = {}
+        add_creditcard(post, creditcard, options)
+        commit(:post, "customers/#{CGI.escape(customer_id)}", post, options)
+      end
+
+      private
+
+      def create_post_for_auth_or_purchase(money, creditcard, options)
+        stripe_post = super
+        stripe_post[:description] ||= stripe_post.delete(:metadata).try(:[], :email)
+        stripe_post
+      end
+
+      def json_error(raw_response)
+        msg = 'Invalid response received from the WebPay API.  Please contact support@webpay.jp if you continue to receive this message.'
+        msg += "  (The raw response returned by the API was #{raw_response.inspect})"
+        {
+          'error' => {
+            'message' => msg
+          }
+        }
+      end
+
+      def headers(options = {})
+        {
+          'Authorization' => 'Basic ' + Base64.encode64(@api_key.to_s + ':').strip,
+          'User-Agent' => "Webpay/v1 ActiveMerchantBindings/#{ActiveMerchant::VERSION}",
+          'X-Webpay-Client-User-Agent' => user_agent,
+          'X-Webpay-Client-User-Metadata' => { ip: options[:ip] }.to_json
+        }
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/wepay.rb

@@ -0,0 +1,235 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class WepayGateway < Gateway
+      self.test_url = 'https://stage.wepayapi.com/v2'
+      self.live_url = 'https://wepayapi.com/v2'
+
+      self.supported_countries = %w[US CA]
+      self.supported_cardtypes = %i[visa master american_express discover]
+      self.homepage_url = 'https://www.wepay.com/'
+      self.default_currency = 'USD'
+      self.display_name = 'WePay'
+
+      def initialize(options = {})
+        requires!(options, :client_id, :account_id, :access_token)
+        super(options)
+      end
+
+      def purchase(money, payment_method, options = {})
+        post = {}
+        if payment_method.is_a?(String)
+          MultiResponse.run do |r|
+            r.process { authorize_with_token(post, money, payment_method, options) }
+            r.process { capture(money, r.authorization, options) }
+          end
+        else
+          MultiResponse.run do |r|
+            r.process { store(payment_method, options) }
+            r.process { authorize_with_token(post, money, r.authorization, options) }
+            r.process { capture(money, r.authorization, options) }
+          end
+        end
+      end
+
+      def authorize(money, payment_method, options = {})
+        post = {}
+        if payment_method.is_a?(String)
+          authorize_with_token(post, money, payment_method, options)
+        else
+          MultiResponse.run do |r|
+            r.process { store(payment_method, options) }
+            r.process { authorize_with_token(post, money, r.authorization, options) }
+          end
+        end
+      end
+
+      def capture(money, identifier, options = {})
+        checkout_id, original_amount = split_authorization(identifier)
+
+        post = {}
+        post[:checkout_id] = checkout_id
+        post[:amount] = amount(money) if money && (original_amount != amount(money))
+        commit('/checkout/capture', post, options)
+      end
+
+      def void(identifier, options = {})
+        post = {}
+        post[:checkout_id] = split_authorization(identifier).first
+        post[:cancel_reason] = (options[:description] || 'Void')
+        commit('/checkout/cancel', post, options)
+      end
+
+      def refund(money, identifier, options = {})
+        checkout_id, original_amount = split_authorization(identifier)
+
+        post = {}
+        post[:checkout_id] = checkout_id
+        post[:amount] = amount(money) if money && (original_amount != amount(money))
+        post[:refund_reason] = (options[:description] || 'Refund')
+        post[:payer_email_message] = options[:payer_email_message] if options[:payer_email_message]
+        post[:payee_email_message] = options[:payee_email_message] if options[:payee_email_message]
+        commit('/checkout/refund', post, options)
+      end
+
+      def store(creditcard, options = {})
+        post = {}
+        post[:client_id] = @options[:client_id]
+        post[:user_name] = "#{creditcard.first_name} #{creditcard.last_name}"
+        post[:email] = options[:email] || 'unspecified@example.com'
+        post[:cc_number] = creditcard.number
+        post[:cvv] = creditcard.verification_value unless options[:recurring]
+        post[:expiration_month] = creditcard.month
+        post[:expiration_year] = creditcard.year
+
+        if (billing_address = (options[:billing_address] || options[:address]))
+          post[:address] = {}
+          post[:address]['address1'] = billing_address[:address1] if billing_address[:address1]
+          post[:address]['city']     = billing_address[:city] if billing_address[:city]
+          post[:address]['country']  = billing_address[:country]  if billing_address[:country]
+          post[:address]['region']   = billing_address[:state] if billing_address[:state]
+          post[:address]['postal_code'] = billing_address[:zip]
+        end
+
+        if options[:recurring] == true
+          post[:client_secret] = @options[:client_secret]
+          commit('/credit_card/transfer', post, options)
+        else
+          post[:original_device] = options[:device_fingerprint] if options[:device_fingerprint]
+          post[:original_ip] = options[:ip] if options[:ip]
+          commit('/credit_card/create', post, options)
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((\\?"cc_number\\?":\\?")[^\\"]+(\\?"))i, '\1[FILTERED]\2').
+          gsub(%r((\\?"cvv\\?":\\?")[^\\"]+(\\?"))i, '\1[FILTERED]\2').
+          gsub(%r((Authorization: Bearer )\w+)i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def authorize_with_token(post, money, token, options)
+        add_token(post, token)
+        add_product_data(post, money, options)
+        commit('/checkout/create', post, options)
+      end
+
+      def add_product_data(post, money, options)
+        post[:account_id] = @options[:account_id]
+        post[:amount] = amount(money)
+        post[:short_description] = (options[:description] || 'Purchase')
+        post[:type] = (options[:type] || 'goods')
+        post[:currency] = (options[:currency] || currency(money))
+        post[:long_description] = options[:long_description] if options[:long_description]
+        post[:payer_email_message] = options[:payer_email_message] if options[:payer_email_message]
+        post[:payee_email_message] = options[:payee_email_message] if options[:payee_email_message]
+        post[:reference_id] = options[:order_id] if options[:order_id]
+        post[:unique_id] = options[:unique_id] if options[:unique_id]
+        post[:redirect_uri] = options[:redirect_uri] if options[:redirect_uri]
+        post[:callback_uri] = options[:callback_uri] if options[:callback_uri]
+        post[:fallback_uri] = options[:fallback_uri] if options[:fallback_uri]
+        post[:require_shipping] = options[:require_shipping] if options[:require_shipping]
+        post[:shipping_fee] = options[:shipping_fee] if options[:shipping_fee]
+        post[:charge_tax] = options[:charge_tax] if options[:charge_tax]
+        post[:mode] = options[:mode] if options[:mode]
+        post[:preapproval_id] = options[:preapproval_id] if options[:preapproval_id]
+        post[:prefill_info] = options[:prefill_info] if options[:prefill_info]
+        post[:funding_sources] = options[:funding_sources] if options[:funding_sources]
+        post[:payer_rbits] = options[:payer_rbits] if options[:payer_rbits]
+        post[:transaction_rbits] = options[:transaction_rbits] if options[:transaction_rbits]
+        add_fee(post, options)
+      end
+
+      def add_token(post, token)
+        payment_method = {}
+        payment_method[:type] = 'credit_card'
+        payment_method[:credit_card] = {
+          id: token,
+          auto_capture: false
+        }
+
+        post[:payment_method] = payment_method
+      end
+
+      def add_fee(post, options)
+        if options[:application_fee] || options[:fee_payer]
+          post[:fee] = {}
+          post[:fee][:app_fee] = options[:application_fee] if options[:application_fee]
+          post[:fee][:fee_payer] = options[:fee_payer] if options[:fee_payer]
+        end
+      end
+
+      def parse(response)
+        JSON.parse(response)
+      end
+
+      def commit(action, params, options = {})
+        begin
+          response = parse(
+            ssl_post(
+              ((test? ? test_url : live_url) + action),
+              params.to_json,
+              headers(options)
+            )
+          )
+        rescue ResponseError => e
+          response = parse(e.response.body)
+        end
+
+        return Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response, params),
+          test: test?
+        )
+      rescue JSON::ParserError
+        return unparsable_response(response)
+      end
+
+      def success_from(response)
+        (!response['error'])
+      end
+
+      def message_from(response)
+        (response['error'] ? response['error_description'] : 'Success')
+      end
+
+      def authorization_from(response, params)
+        return response['credit_card_id'].to_s if response['credit_card_id']
+
+        original_amount = response['amount'].nil? ? nil : sprintf('%0.02f', response['amount'])
+        [response['checkout_id'], original_amount].join('|')
+      end
+
+      def split_authorization(authorization)
+        auth, original_amount = authorization.to_s.split('|')
+        [auth, original_amount]
+      end
+
+      def unparsable_response(raw_response)
+        message = 'Invalid JSON response received from WePay. Please contact WePay support if you continue to receive this message.'
+        message += " (The raw response returned by the API was #{raw_response.inspect})"
+        return Response.new(false, message)
+      end
+
+      def headers(options)
+        headers = {
+          'Content-Type'      => 'application/json',
+          'User-Agent'        => "ActiveMerchantBindings/#{ActiveMerchant::VERSION}",
+          'Authorization'     => "Bearer #{@options[:access_token]}"
+        }
+        headers['Api-Version'] = options[:version] if options[:version]
+        headers['Client-IP'] = options[:ip] if options[:ip]
+        headers['WePay-Risk-Token'] = options[:risk_token] if options[:risk_token]
+
+        headers
+      end
+    end
+  end
+end