swiss-activemerchant 1.0.1

data/lib/active_merchant/billing/gateways/iveri.rb

@@ -0,0 +1,290 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class IveriGateway < Gateway
+      class_attribute :iveri_url
+
+      self.live_url = self.test_url = 'https://portal.nedsecure.co.za/iVeriWebService/Service.asmx'
+      self.iveri_url = 'https://portal.host.iveri.com/iVeriWebService/Service.asmx'
+
+      self.supported_countries = %w[US ZA GB]
+      self.default_currency = 'ZAR'
+      self.money_format = :cents
+      self.supported_cardtypes = %i[visa master american_express]
+
+      self.homepage_url = 'http://www.iveri.com'
+      self.display_name = 'iVeri'
+
+      def initialize(options = {})
+        requires!(options, :app_id, :cert_id)
+        super
+      end
+
+      def purchase(money, payment_method, options = {})
+        post = build_vxml_request('Debit', options) do |xml|
+          add_auth_purchase_params(xml, money, payment_method, options)
+        end
+
+        commit(post)
+      end
+
+      def authorize(money, payment_method, options = {})
+        post = build_vxml_request('Authorisation', options) do |xml|
+          add_auth_purchase_params(xml, money, payment_method, options)
+        end
+
+        commit(post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = build_vxml_request('Debit', options) do |xml|
+          add_authorization(xml, authorization, options)
+        end
+
+        commit(post)
+      end
+
+      def refund(money, authorization, options = {})
+        post = build_vxml_request('Credit', options) do |xml|
+          add_amount(xml, money, options)
+          add_authorization(xml, authorization, options)
+        end
+
+        commit(post)
+      end
+
+      def void(authorization, options = {})
+        post = build_vxml_request('Void', options) do |xml|
+          add_authorization(xml, authorization, options)
+        end
+
+        commit(post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def verify_credentials
+        void = void('', options)
+        return true if void.message == 'Missing OriginalMerchantTrace'
+
+        false
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((CertificateID=\\\")[^\\]*), '\1[FILTERED]').
+          gsub(%r((&lt;PAN&gt;)[^&]*), '\1[FILTERED]').
+          gsub(%r((&lt;CardSecurityCode&gt;)[^&]*), '\1[FILTERED]')
+      end
+
+      private
+
+      def build_xml_envelope(vxml)
+        builder = Nokogiri::XML::Builder.new(encoding: 'UTF-8') do |xml|
+          xml[:soap].Envelope 'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance', 'xmlns:xsd' => 'http://www.w3.org/2001/XMLSchema', 'xmlns:soap' => 'http://schemas.xmlsoap.org/soap/envelope/' do
+            xml[:soap].Body do
+              xml.Execute 'xmlns' => 'http://iveri.com/' do
+                xml.validateRequest('false')
+                xml.protocol 'V_XML'
+                xml.protocolVersion '2.0'
+                xml.request vxml
+              end
+            end
+          end
+        end
+
+        builder.to_xml
+      end
+
+      def build_vxml_request(action, options)
+        builder = Nokogiri::XML::Builder.new do |xml|
+          xml.V_XML('Version' => '2.0', 'CertificateID' => @options[:cert_id], 'Direction' => 'Request') do
+            xml.Transaction('ApplicationID' => @options[:app_id], 'Command' => action, 'Mode' => mode) do
+              yield(xml)
+            end
+          end
+        end
+
+        builder.doc.root.to_xml
+      end
+
+      def add_auth_purchase_params(post, money, payment_method, options)
+        add_card_holder_authentication(post, options)
+        add_amount(post, money, options)
+        add_electronic_commerce_indicator(post, options) unless options[:three_d_secure]
+        add_payment_method(post, payment_method, options)
+        add_three_ds(post, options)
+      end
+
+      def add_amount(post, money, options)
+        post.Amount(amount(money))
+        post.Currency(options[:currency] || default_currency)
+      end
+
+      def add_electronic_commerce_indicator(post, options)
+        post.ElectronicCommerceIndicator(options[:eci]) if options[:eci]
+      end
+
+      def add_authorization(post, authorization, options)
+        post.MerchantReference(split_auth(authorization)[2])
+        post.TransactionIndex(split_auth(authorization)[1])
+        post.OriginalRequestID(split_auth(authorization)[0])
+      end
+
+      def add_payment_method(post, payment_method, options)
+        post.ExpiryDate("#{format(payment_method.month, :two_digits)}#{payment_method.year}")
+        add_new_reference(post, options)
+        post.CardSecurityCode(payment_method.verification_value)
+        post.PAN(payment_method.number)
+      end
+
+      def add_new_reference(post, options)
+        post.MerchantReference(options[:order_id] || generate_unique_id)
+      end
+
+      def add_card_holder_authentication(post, options)
+        post.CardHolderAuthenticationID(options[:xid]) if options[:xid]
+        post.CardHolderAuthenticationData(options[:cavv]) if options[:cavv]
+      end
+
+      def commit(post)
+        raw_response =
+          begin
+            ssl_post(url, build_xml_envelope(post), headers(post))
+          rescue ActiveMerchant::ResponseError => e
+            e.response.body
+          end
+
+        parsed = parse(raw_response)
+        succeeded = success_from(parsed)
+
+        Response.new(
+          succeeded,
+          message_from(parsed, succeeded),
+          parsed,
+          authorization: authorization_from(parsed),
+          error_code: error_code_from(parsed, succeeded),
+          test: test?
+        )
+      end
+
+      def mode
+        test? ? 'Test' : 'Live'
+      end
+
+      def url
+        @options[:url_override].to_s == 'iveri' ? iveri_url : live_url
+      end
+
+      def headers(post)
+        {
+          'Content-Type' => 'text/xml; charset=utf-8',
+          'Content-Length' => post.size.to_s,
+          'SOAPAction' => 'http://iveri.com/Execute'
+        }
+      end
+
+      def parse(body)
+        parsed = {}
+
+        vxml = Nokogiri::XML(body).remove_namespaces!.xpath('//Envelope/Body/ExecuteResponse/ExecuteResult').inner_text
+        doc = Nokogiri::XML(vxml)
+        doc.xpath('*').each do |node|
+          if node.elements.empty?
+            parsed[underscore(node.name)] = node.text
+          else
+            node.elements.each do |childnode|
+              parse_element(parsed, childnode)
+            end
+          end
+        end
+        parsed
+      end
+
+      def parse_element(parsed, node)
+        if !node.attributes.empty?
+          node.attributes.each do |a|
+            parsed[underscore(node.name) + '_' + underscore(a[1].name)] = a[1].value
+          end
+        end
+
+        if !node.elements.empty?
+          node.elements.each { |e| parse_element(parsed, e) }
+        else
+          parsed[underscore(node.name)] = node.text
+        end
+      end
+
+      def success_from(response)
+        response['result_status'] == '0'
+      end
+
+      def message_from(response, succeeded)
+        if succeeded
+          'Succeeded'
+        else
+          response['result_description'] || response['result_acquirer_description']
+        end
+      end
+
+      def authorization_from(response)
+        "#{response['transaction_request_id']}|#{response['transaction_index']}|#{response['merchant_reference']}"
+      end
+
+      def split_auth(authorization)
+        request_id, transaction_index, merchant_reference = authorization.to_s.split('|')
+        [request_id, transaction_index, merchant_reference]
+      end
+
+      def error_code_from(response, succeeded)
+        response['result_code'] unless succeeded
+      end
+
+      def underscore(camel_cased_word)
+        camel_cased_word.to_s.gsub(/::/, '/').
+          gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2').
+          gsub(/([a-z\d])([A-Z])/, '\1_\2').
+          tr('-', '_').
+          downcase
+      end
+
+      def add_three_ds(post, options)
+        return unless three_d_secure = options[:three_d_secure]
+
+        post.ElectronicCommerceIndicator(formatted_three_ds_eci(three_d_secure[:eci])) if three_d_secure[:eci]
+        post.CardHolderAuthenticationID(three_d_secure[:xid]) if three_d_secure[:xid]
+        post.CardHolderAuthenticationData(three_d_secure[:cavv]) if three_d_secure[:cavv]
+        post.ThreeDSecure_ProtocolVersion(three_d_secure[:version]) if three_d_secure[:version]
+        post.ThreeDSecure_DSTransID(three_d_secure[:ds_transaction_id]) if three_d_secure[:ds_transaction_id]
+        post.ThreeDSecure_VEResEnrolled(formatted_enrollment(three_d_secure[:enrolled])) if three_d_secure[:enrolled]
+      end
+
+      def formatted_enrollment(val)
+        case val
+        when 'Y', 'N', 'U' then val
+        when true, 'true' then 'Y'
+        when false, 'false' then 'N'
+        end
+      end
+
+      def formatted_three_ds_eci(val)
+        case val
+        when '05', '02' then 'ThreeDSecure'
+        when '06', '01' then 'ThreeDSecureAttempted'
+        when '07' then 'SecureChannel'
+        else val
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/ixopay.rb

@@ -0,0 +1,320 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class IxopayGateway < Gateway
+      self.test_url = 'https://secure.ixopay.com/transaction'
+      self.live_url = 'https://secure.ixopay.com/transaction'
+
+      self.supported_countries = %w(AO AQ AR AS AT AU AW AX AZ BA BB BD BE BF BG BH BI BJ BL BM BN BO BQ BQ BR BS BT BV BW BY BZ CA CC CD CF CG CH CI CK CL CM CN CO CR CU CV CW CX CY CZ DE DJ DK DM DO DZ EC EE EG EH ER ES ET FI FJ FK FM FO FR GA GB GD GE GF GG GH GI GL GM GN GP GQ GR GS GT GU GW GY HK HM HN HR HT HU ID IE IL IM IN IO IQ IR IS IT JE JM JO JP KE KG KH KI KM KN KP KR KW KY KZ LA LB LC LI LK LR LS LT LU LV LY MA MC MD ME MF MG MH MK ML MM MN MO MP MQ MR MS MT MU MV MW MX MY MZ NA NC NE NF NG NI NL NO NP NR NU NZ OM PA PE PF PG PH PK PL PM PN PR PS PT PW PY QA RE RO RS RU RW SA SB SC SD SE SG SH SI SJ SK SL SM SN SO SR SS ST SV SX SY SZ TC TD TF TG TH TJ TK TL TM TN TO TR TT TV TW TZ UA UG UM US UY UZ VA VC VE VG VI VN VU WF WS YE YT ZA ZM ZW)
+      self.default_currency = 'EUR'
+      self.currencies_with_three_decimal_places = %w(BHD IQD JOD KWD LWD OMR TND)
+      self.supported_cardtypes = %i[visa master american_express discover diners_club jcb maestro]
+
+      self.homepage_url = 'https://www.ixopay.com'
+      self.display_name = 'Ixopay'
+
+      def initialize(options = {})
+        requires!(options, :username, :password, :secret, :api_key)
+        @secret = options[:secret]
+        super
+      end
+
+      def purchase(money, payment_method, options = {})
+        request = build_xml_request do |xml|
+          add_card_data(xml, payment_method)
+          add_debit(xml, money, options)
+        end
+
+        commit(request)
+      end
+
+      def authorize(money, payment_method, options = {})
+        request = build_xml_request do |xml|
+          add_card_data(xml, payment_method)
+          add_preauth(xml, money, options)
+        end
+
+        commit(request)
+      end
+
+      def capture(money, authorization, options = {})
+        request = build_xml_request do |xml|
+          add_capture(xml, money, authorization, options)
+        end
+
+        commit(request)
+      end
+
+      def refund(money, authorization, options = {})
+        request = build_xml_request do |xml|
+          add_refund(xml, money, authorization, options)
+        end
+
+        commit(request)
+      end
+
+      def void(authorization, options = {})
+        request = build_xml_request do |xml|
+          add_void(xml, authorization)
+        end
+
+        commit(request)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        clean_transcript = remove_invalid_utf_8_byte_sequences(transcript)
+
+        clean_transcript.
+          gsub(%r((Authorization: Gateway )(.*)(:)), '\1[FILTERED]\3').
+          gsub(%r((<password>)(.*)(</password>)), '\1[FILTERED]\3').
+          gsub(%r((<pan>)(.*)(</pan>)), '\1[FILTERED]\3').
+          gsub(%r((<cvv>)\d+(</cvv>)), '\1[FILTERED]\2')
+      end
+
+      private
+
+      def remove_invalid_utf_8_byte_sequences(text)
+        text.encode('UTF-8', 'binary', invalid: :replace, undef: :replace, replace: '')
+      end
+
+      def headers(xml)
+        timestamp = Time.now.httpdate
+        signature = generate_signature('POST', xml, timestamp)
+
+        {
+          'Authorization' => "Gateway #{options[:api_key]}:#{signature}",
+          'Date' => timestamp,
+          'Content-Type' => 'text/xml; charset=utf-8'
+        }
+      end
+
+      def generate_signature(http_method, xml, timestamp)
+        content_type = 'text/xml; charset=utf-8'
+        message = "#{http_method}\n#{Digest::MD5.hexdigest(xml)}\n#{content_type}\n#{timestamp}\n\n/transaction"
+        digest = OpenSSL::Digest.new('sha512')
+        hmac = OpenSSL::HMAC.digest(digest, @secret, message)
+
+        Base64.encode64(hmac).delete("\n")
+      end
+
+      def parse(body)
+        xml = Nokogiri::XML(body)
+        response = Hash.from_xml(xml.to_s)['result']
+
+        response.deep_transform_keys(&:underscore).transform_keys(&:to_sym)
+      end
+
+      def build_xml_request
+        builder = Nokogiri::XML::Builder.new(encoding: 'UTF-8') do |xml|
+          xml.transactionWithCard 'xmlns' => 'http://secure.ixopay.com/Schema/V2/TransactionWithCard' do
+            xml.username @options[:username]
+            xml.password Digest::SHA1.hexdigest(@options[:password])
+            yield(xml)
+          end
+        end
+
+        builder.to_xml
+      end
+
+      def add_card_data(xml, payment_method)
+        xml.cardData do
+          xml.cardHolder      payment_method.name
+          xml.pan             payment_method.number
+          xml.cvv             payment_method.verification_value
+          xml.expirationMonth format(payment_method.month, :two_digits)
+          xml.expirationYear  format(payment_method.year, :four_digits)
+        end
+      end
+
+      def add_debit(xml, money, options)
+        currency    = options[:currency] || currency(money)
+        description = options[:description].blank? ? 'Purchase' : options[:description]
+
+        xml.debit do
+          xml.transactionId new_transaction_id
+
+          add_customer_data(xml, options)
+          add_extra_data(xml, options[:extra_data]) if options[:extra_data]
+
+          xml.amount      localized_amount(money, currency)
+          xml.currency    currency
+          xml.description description
+          xml.callbackUrl(options[:callback_url])
+          add_stored_credentials(xml, options)
+        end
+      end
+
+      def add_preauth(xml, money, options)
+        description  = options[:description].blank? ? 'Preauthorize' : options[:description]
+        currency     = options[:currency] || currency(money)
+        callback_url = options[:callback_url]
+
+        xml.preauthorize do
+          xml.transactionId new_transaction_id
+
+          add_customer_data(xml, options)
+          add_extra_data(xml, options[:extra_data]) if options[:extra_data]
+
+          xml.amount      localized_amount(money, currency)
+          xml.currency    currency
+          xml.description description
+          xml.callbackUrl callback_url
+          add_stored_credentials(xml, options)
+        end
+      end
+
+      def add_refund(xml, money, authorization, options)
+        currency = options[:currency] || currency(money)
+
+        xml.refund do
+          xml.transactionId new_transaction_id
+          add_extra_data(xml, options[:extra_data]) if options[:extra_data]
+          xml.referenceTransactionId authorization&.split('|')&.first
+          xml.amount                 localized_amount(money, currency)
+          xml.currency               currency
+        end
+      end
+
+      def add_void(xml, authorization)
+        xml.void do
+          xml.transactionId new_transaction_id
+          add_extra_data(xml, options[:extra_data]) if options[:extra_data]
+          xml.referenceTransactionId authorization&.split('|')&.first
+        end
+      end
+
+      def add_capture(xml, money, authorization, options)
+        currency = options[:currency] || currency(money)
+
+        xml.capture_ do
+          xml.transactionId new_transaction_id
+          add_extra_data(xml, options[:extra_data]) if options[:extra_data]
+          xml.referenceTransactionId authorization&.split('|')&.first
+          xml.amount                 localized_amount(money, currency)
+          xml.currency               currency
+        end
+      end
+
+      def add_customer_data(xml, options)
+        # Ixopay returns an error if the elements are not added in the order used here.
+        xml.customer do
+          add_billing_address(xml,  options[:billing_address])  if options[:billing_address]
+          add_shipping_address(xml, options[:shipping_address]) if options[:shipping_address]
+
+          xml.company options[:billing_address][:company] if options.dig(:billing_address, :company)
+          xml.email options[:email]
+          xml.ipAddress(options[:ip] || '127.0.0.1')
+        end
+      end
+
+      def add_billing_address(xml, address)
+        if address[:name]
+          xml.firstName split_names(address[:name])[0]
+          xml.lastName  split_names(address[:name])[1]
+        end
+
+        xml.billingAddress1 address[:address1]
+        xml.billingAddress2 address[:address2]
+        xml.billingCity     address[:city]
+        xml.billingPostcode address[:zip]
+        xml.billingState    address[:state]
+        xml.billingCountry  address[:country]
+        xml.billingPhone    address[:phone]
+      end
+
+      def add_shipping_address(xml, address)
+        if address[:name]
+          xml.shippingFirstName split_names(address[:name])[0]
+          xml.shippingLastName  split_names(address[:name])[1]
+        end
+
+        xml.shippingCompany   address[:company]
+        xml.shippingAddress1  address[:address1]
+        xml.shippingAddress2  address[:address2]
+        xml.shippingCity      address[:city]
+        xml.shippingPostcode  address[:zip]
+        xml.shippingState     address[:state]
+        xml.shippingCountry   address[:country]
+        xml.shippingPhone     address[:phone]
+      end
+
+      def new_transaction_id
+        SecureRandom.uuid
+      end
+
+      # Ixopay does not pass any parameters for cardholder/merchant initiated.
+      # Ixopay also doesn't support installment transactions, only recurring
+      # ("RECURRING") and unscheduled ("CARDONFILE").
+      #
+      # Furthermore, Ixopay is slightly unusual in its application of stored
+      # credentials in that the gateway does not return a true
+      # network_transaction_id that can be sent on subsequent transactions.
+      def add_stored_credentials(xml, options)
+        return unless stored_credential = options[:stored_credential]
+
+        if stored_credential[:initial_transaction]
+          xml.transactionIndicator 'INITIAL'
+        elsif stored_credential[:reason_type] == 'recurring'
+          xml.transactionIndicator 'RECURRING'
+        elsif stored_credential[:reason_type] == 'unscheduled'
+          xml.transactionIndicator 'CARDONFILE'
+        end
+      end
+
+      def add_extra_data(xml, extra_data)
+        extra_data.each do |k, v|
+          xml.extraData(v, key: k)
+        end
+      end
+
+      def commit(request)
+        url = (test? ? test_url : live_url)
+
+        # ssl_post raises an exception for any non-2xx HTTP status from the gateway
+        response =
+          begin
+            parse(ssl_post(url, request, headers(request)))
+          rescue StandardError => error
+            parse(error.response.body)
+          end
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          test: test?,
+          error_code: error_code_from(response)
+        )
+      end
+
+      def success_from(response)
+        response[:success] == 'true'
+      end
+
+      def message_from(response)
+        response.dig(:errors, 'error', 'message') || response[:return_type]
+      end
+
+      def authorization_from(response)
+        response[:reference_id] ? "#{response[:reference_id]}|#{response[:purchase_id]}" : nil
+      end
+
+      def error_code_from(response)
+        response.dig(:errors, 'error', 'code') unless success_from(response)
+      end
+    end
+  end
+end