tbk 0.9.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.travis.yml

@@ -0,0 +1,8 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 1.8.7
+  - jruby-18mode # JRuby in 1.8 mode
+  - jruby-19mode # JRuby in 1.9 mode
+  - rbx-18mode
+  - rbx-19mode

data/.yardopts

@@ -0,0 +1,5 @@
+--no-private
+--hide-void-return
+
+--markup=markdown
+--markup-provider=redcarpet

data/Gemfile

@@ -0,0 +1,8 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in tbk.gemspec
+gemspec
+
+platforms :jruby do
+  gem "jruby-openssl"
+end

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2013 Seba Gamboa
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,101 @@
+Pure Ruby implementation of Transbank's Webpay KCC 6.0 protocol
+
+### Disclaimer
+
+This library is not developed, supported nor endorsed in any way by Transbank S.A.
+and is the result of reverse engineering Transbank's Integration Kit (aka. KCC)
+for interoperability purposes as allowed by
+[Chilean Law 20.435 Article 71 Ñ Section b](http://www.leychile.cl/Navegar?idNorma=1012827)
+
+### Usage
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'tbk'
+```
+
+To start a payment from your application
+
+```ruby
+class WebpayController < ApplicationController
+
+  # ...
+
+  # Start a payment
+  def pay
+    # Initialyze you commerce
+    @commerce = TBK::Commerce.new({
+      id: YOUR_COMMERCE_ID,
+      key: YOUR_RSA_KEY
+    })
+
+    # Setup the payment
+    @payment = TBK::Webpay::Payment.new({
+      commerce: @commerce,
+      amount: ORDER_AMOUNT,
+      order_id: ORDER_ID,
+      success_url: webpay_success_url,
+      # Webpay can only access the HTTP protocol to a direct IP address (keep that in mind)
+      confirmation_url: webpay_confirmation_url(host: SERVER_IP_ADDRESS, protocol: 'http'),
+
+      # Optionaly supply:
+      session_id: SOME_SESSION_VALUE,
+      failure_url: webpay_failure_url # success_url is used by default
+    })
+
+    # Redirect the user to Webpay
+    redirect_to @payment.redirect_url
+  end
+
+  # ...
+end
+```
+
+And to process a payment
+
+```ruby
+class WebpayController < ApplicationController
+
+  # ...
+
+  # Confirmation callback executed from Webpay servers
+  def confirmation
+    # Initialyze you commerce
+    @commerce = TBK::Commerce.new({
+      id: YOUR_COMMERCE_ID,
+      key: YOUR_RSA_KEY
+    })
+
+    # Read the confirmation data from the request
+    @confirmation = TBK::Webpay::Confirmation.new({
+      commerce: @commerce,
+      post: request.raw_post
+    })
+
+    if # confirmation is invalid for some reason (wrong order_id or amount, double payment, etc...)
+      render text: @confirmation.reject
+      return # reject and stop execution
+    end
+
+    if @confirmation.success?
+      # EXITO!
+      # perform everything you have to do here.
+    end
+
+    # Acknowledge payment
+    render text: @confirmation.acknowledge
+  end
+
+  # ...
+
+end
+```
+
+### Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/lib/tbk/commerce.rb

@@ -0,0 +1,53 @@
+
+module TBK
+  # Represents a commerce registered with Transbank
+  class Commerce
+
+    # The registered commerce id
+    attr_accessor :id
+
+    # The commerce secret RSA key
+    attr_accessor :key
+
+    # Initialyzes a new commerce
+    # @param [Hash] attributes The commerce attributes
+    # @option attributes [Integer] :id The commerce ID
+    # @option attributes [String|OpenSSL::PKey::RSA] :key The commerce RSA private key
+    # @option attributes [Boolean] :test flag to set commerce in test mode
+    def initialize(attributes)
+      @test = attributes[:test]
+
+      self.id = attributes[:id]
+      raise TBK::CommerceError, "Missing commerce id" if self.id.nil?
+
+      self.key = case attributes[:key]
+      when String
+        OpenSSL::PKey::RSA.new(attributes[:key])
+      when OpenSSL::PKey::RSA.new
+        attributes[:key]
+      when nil
+        TEST_COMMERCE_KEY if self.test?
+      end
+
+      raise TBK::CommerceError, "Missing commerce key" if self.key.nil?
+      raise TBK::CommerceError, "Commerce key must be a RSA private key" unless self.key.private?
+    end
+
+    # @return [Boolean] wether or not the commerce is in test mode
+    def test?
+      @test || false
+    end
+
+    # @return [Boolean] wether or not the commerce is in production mode
+    def production?
+      !self.test?
+    end
+
+    # @return [Integer] RSA key bytes
+    def key_bytes
+      self.key.n.num_bytes
+    end
+
+    TEST_COMMERCE_KEY = TBK.parse_key('test_commerce')
+  end
+end

data/lib/tbk/errors.rb

@@ -0,0 +1,16 @@
+module TBK
+  class Error < StandardError
+    attr_reader :origin
+    def initialize(msg, origin=nil)
+      super(msg)
+      @origin = origin
+    end
+  end
+
+  class CommerceError < Error; end
+
+  module Webpay
+    class PaymentError < Error; end
+    class EncryptionError < Error; end
+  end
+end

data/lib/tbk/keys/test_commerce.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAn3HzPC1ZBzCO3edUCf/XJiwj3bzJpjjTi/zBO9O+DDzZCaMp
+14aspxQryvJhv8644E19Q+NHfxtz1cxd2wnSYKvay1gJx30ZlTOAkzUj4QMimR16
+vomLlQ3T2MAz1znt/PVPVU7T/JOG9R+EbiHNVKa/hUjwJEFVXLQNME97nHoLjb3v
+V5yV2aVhmox7b54n6F3UVPHvCsHKbJpXpE+vnLpVmdETbNpFVrDygXyG+mnEvyiO
+BLIwEY3XTMrgXvS069groLi5Gg8C5LDaYOWjE9084T4fiWGrHhn2781R1rykunTu
+77wiWPuQHMS0+YC7mhnsk8Z/ilD+aWz/vhsgHwIDAQABAoIBAQCM+Nrt4cpNKQmn
++Ne8348CGRS9ACXp6WRg6OCQXO4zM7lRZAminVgZgSQXE6aJR+T9rIWMeG7GWydX
+aJGzEEQJZOjV0MkUr+7mk9qiTOGkGHmGlyHnRQU8jDU59vXe3UEl3l5+NmwHbQht
+waf9F7XLmoLK/WoVJA6tICRpCl1oQrpziqN+gjdmMpz9i8I1sMFE7+Y7xf+7S2u7
+c1MRPUWqgdS9yViQVh3vZi25m5CyKRVnOB0hpNuZ7nrJymtADYSWt9wV2W1fX+MX
+UUoYfxyQQvWryHhGdedU7GGAnoEdblUcDkBuAaFmsm1P8K4HQZLWP4v6pYlW2JLa
+Zoaerb3BAoGBANCRevl0CLB0HBU7sCs0eN9fTkIEsh3OVIxPSBqDnKsynJrIWovK
+cs37Vb6phzdQO3ADoFJvR9ck8+v6Cv0KR8IOFl9wfC4ZoxkKBBeq94ZLN+YhE2PW
+KiRFybqcgCtzxKS3MyWgpIcT9xFtHVjlorZ8Jk51fgLZbGzamtLhderVAoGBAMO0
+mIiiV4l2vXzu4tFfkpu/GOx/D9/vAic3X9FOky09BNCyuMXMQgI8e3wWsGEZghls
+Vg9KDV5EPxAmpumcdPFK2IMACaH41ac7vys3ZD8kMK0INQkuDAcG4YsxMaTwEPo0
+p1i3zwwEWwknw1yJkOyozz0EcIzS9NrZZEjnBHEjAoGAQ81XdeqzvHEyg/CQd6sq
+NCtubGXMZYYi1C4d2Yi5kKn2YRcK4HDi23V+TWodK+0oNWToZIQKjbVUmn0Bv3rt
+EvezbDlMFUx+SfCIng0VRJIFTQmpnQYNUxdg2gpwXC/ZWFa6CNxtQABMjFy1cqXM
+PJild1IYseJurgBu3mkvBTUCgYBqA/T1X2woLUis2wPIBAv5juXDh3lkB6eU8uxX
+CEe2I+3t2EM781B2wajrKadWkmjluMhN9AGV5UZ8S1P0DStUYwUywdx1/8RNmZIP
+qSwHAGXV9jI0zNr7G4Em0/leriWkRM26w6fHjLx8EyxDfsohSbkqBrOptcWqoEUx
+MOQ5HQKBgAS4sbddOas2MapuhKU2surEb3Kz3RCIpta4bXgTQMt9wawcZSSpvnfT
+zs5sehYvBFszL3MV98Uc50HXMf7gykRCmPRmB9S+f+kiVRvQDHfc9nRNg2XgcotU
+KAE16PQM8GihQ0C+EcXHouyud5CRJGfyurokRlH/jY3BiRAG5c+6
+-----END RSA PRIVATE KEY-----

data/lib/tbk/keys/webpay.101.pem

@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxKKjroxE7X44TQovh9A9
+ZpntP7LrdoyFsnJbDKjOOCoiid92FydN5qemyQCeXhsc7QHUXwGdth22fB8xJr3a
+MZBEUJ+BKFrL+W6yE5V+F5Bj0Uq3lL0QMAIftGhLpgqw0ZMtU89kyd9Q4Rclq4r8
+p2m/ZD7Pn5EmTOFSeyoWTMZQDl7OEoCKh/cZH5NJdWL08lCI+sGLOghRmFzkve4h
+F9JCwKA7NYG7j3BWh39Oj2NIXEY/TO1Y3Y2WfNv9nvTpr46SpFlyp0KOhSiqgvXX
+DgeXlebyqS82ch2DzOV9fjDAw7t71WXJBAev8Gd6HXwIXE/JP6AnLCa2Y+b6Wv8K
+GWBCMIBXWL0m7WHeCaJ9Hx2yXZmHJh8FgeKffFKCwn3X90JiMocOSGsOE+Sfo85S
+h/39Vc7vZS3i7kJDDoz9ab9/vFy30RuJf4p8Erh7kWtERVoG6/EhR+j4N3mgIOBZ
+SHfzDAoOnqP5l7t2RXYcEbRLVN6o+XgUtalX33EJxJRsXoz9a6PxYlesIwPbKteD
+BZ/xyJDwTc2gU2YzSH8G9anKrcvITBDULSAuxQUkYOiLbkb7vSKWDYKe0do6ibO3
+RY/KXI63Q7bGKYaI2aa/8GnqVJ2G1U2s59NpqX0aaWjn59gsA8trA0YKOZP4xJIh
+CvLM94G4V7lxe2IHKPqLscMCAwEAAQ==
+-----END PUBLIC KEY-----

data/lib/tbk/keys/webpay_test.101.pem

@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtKe3HHWwRcizAfkbS92V
+fQr8cUb94TRjQPzNTqBduvvj65AD5J98Cn1htE3NzOz+PjPRcnfVe53V4f3+YlIb
+6nnxyeuYLByiwoPkCmpOFBxNp04/Yh3dxN4xgOANXA37rNbDeO4WIEMG6zbdQMNJ
+7RqQUlJSmui8gt3YxtqWBhBVW79qDCYVzxFrv3SH7pRuYEr+cxDvzRylxnJgr6ee
+N7gmjoSMqF16f9aGdQ12obzV0A35BqpN6pRFoS/NvICbEeedS9g5gyUHf54a+juB
+OV2HH5VJsCCgcb7I7Sio/xXTyP+QjIGJfpukkE8F+ohwRiChZ9jMXofPtuZYZiFQ
+/gX08s5Qdpaph65UINP7crYbzpVJdrT2J0etyMcZbEanEkoX8YakLEBpPhyyR7mC
+73fWd9sTuBEkG6kzCuG2JAyo6V8eyISnlKDEVd+/6G/Zpb5cUdBCERTYz5gvNoZN
+zkuq4isiXh5MOLGs91H8ermuhdQe/lqvXf8Op/EYrAuxcdrZK0orI4LbPdUrC0Jc
+Fl02qgXRrSpXo72anOlFc9P0blD4CMevW2+1wvIPA0DaJPsTnwBWOUqcfa7GAFH5
+KGs3zCiZ5YTLDlnaps8koSssTVRi7LVT8HhiC5mjBklxmZjBv6ckgQeFWgp18kuU
+ve5Elj5HSV7x2PCz8RKB4XcCAwEAAQ==
+-----END PUBLIC KEY-----

data/lib/tbk/keys.rb

@@ -0,0 +1,5 @@
+module TBK
+  def self.parse_key(name)
+    OpenSSL::PKey::RSA.new( File.read(File.expand_path("../keys/#{name}.pem",__FILE__)) )
+  end
+end

data/lib/tbk/version.rb

@@ -0,0 +1,7 @@
+module TBK
+  module VERSION
+    GEM = "0.9.0"
+    KCC = "6.0"
+    WEBSITE = "http://sagmor.com/tbk/"
+  end
+end

data/lib/tbk/webpay/confirmation.rb

@@ -0,0 +1,111 @@
+# encoding: UTF-8
+module TBK
+  module Webpay
+    class Confirmation
+      RESPONSE_CODES = {
+        '0' => 'Transacción aprobada.',
+        '-1' => 'Rechazo de tx. en B24, No autorizada',
+        '-2' => 'Transacción debe reintentarse.',
+        '-3' => 'Error en tx.',
+        '-4' => 'Rechazo de tx. En B24, No autorizada',
+        '-5' => 'Rechazo por error de tasa.',
+        '-6' => 'Excede cupo máximo mensual.',
+        '-7' => 'Excede límite diario por transacción.',
+        '-8' => 'Rubro no autorizado.'
+      }
+
+      attr_accessor :commerce
+      attr_reader :raw
+      attr_reader :params
+
+      def initialize(options)
+        self.commerce = options[:commerce]
+        self.parse(options[:post])
+      end
+
+      def acknowledge
+        self.commerce.webpay_encrypt('ACK')
+      end
+
+      def reject
+        self.commerce.webpay_encrypt('ERR')
+      end
+
+      def success?
+        self.params["TBK_RESPUESTA"] == "0"
+      end
+
+      def order_id
+        self.params["TBK_ORDEN_COMPRA"]
+      end
+
+      def session_id
+        self.params["TBK_ID_SESION"]
+      end
+
+      def transaction_id
+        self.params["TBK_ID_TRANSACCION"]
+      end
+
+      def amount
+        self.params["TBK_MONTO"].to_f/100
+      end
+
+      def authorization
+        self.params["TBK_CODIGO_AUTORIZACION"]
+      end
+
+      def card_display_number
+        "XXXX-XXXX-XXXX-#{ card_last_numbers }"
+      end
+
+      def card_last_numbers
+        self.params["TBK_FINAL_NUMERO_TARJETA"]
+      end
+
+      def message
+        RESPONSE_CODES[self.params["TBK_RESPUESTA"]]
+      end
+
+      def paid_at
+        @paid_at ||= begin
+          year = Time.now.year
+          month = self.params["TBK_FECHA_TRANSACCION"][0...2].to_i
+          day = self.params["TBK_FECHA_TRANSACCION"][2...4].to_i
+          hour = self.params["TBK_HORA_TRANSACCION"][0...2].to_i
+          minutes = self.params["TBK_HORA_TRANSACCION"][2...4].to_i
+          seconds = self.params["TBK_HORA_TRANSACCION"][4...6].to_i
+
+          offset = if defined? TZInfo::Timezone
+            # Use tzinfo gem if available
+            TZInfo::Timezone.get('America/Santiago').period_for_utc(DateTime.new(year,month,day,hour,minutes,0)).utc_offset
+          else
+            -14400
+          end
+
+          Time.new(year, month, day, hour, minutes, seconds, offset)
+        end
+      end
+
+
+      protected
+        def parse(post)
+          @raw = post.to_s
+          @raw_params = {}
+          for line in @raw.split('&')
+            key, value = *line.scan( %r{^([A-Za-z0-9_.]+)\=(.*)$} ).flatten
+            @raw_params[key] = CGI.unescape(value)
+          end
+
+          puts @raw_params.inspect
+
+          @params = {}
+          decrypted_params = self.commerce.webpay_decrypt(@raw_params['TBK_PARAM'])
+          for line in decrypted_params.split('#')
+            key, value = *line.scan( %r{^([A-Za-z0-9_.]+)\=(.*)$} ).flatten
+            @params[key] = CGI.unescape(value)
+          end
+        end
+    end
+  end
+end

data/lib/tbk/webpay/encryption.rb

@@ -0,0 +1,71 @@
+module TBK
+  module Webpay
+    module Encryption
+      # Constants
+      KEY_ID = 101
+      KEY = TBK.parse_key('webpay.101')
+      TEST_KEY = TBK.parse_key('webpay_test.101')
+      IV_PADDING = "\x10\xBB\xFF\xBF\x00\x00\x00\x00\x00\x00\x00\x00\xF4\xBF"
+
+      def webpay_key_id
+        KEY_ID
+      end
+
+      def webpay_key
+        self.production? ? KEY : TEST_KEY
+      end
+
+      def webpay_key_length
+        webpay_key.n.num_bytes
+      end
+
+      def webpay_encrypt(text)
+        signature = self.key.sign(OpenSSL::Digest::SHA512.new, text)
+
+        key = SecureRandom.random_bytes(32)
+        encripted_key = webpay_key.public_encrypt(key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+
+        iv = SecureRandom.random_bytes(16)
+
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.encrypt
+        cipher.key = key
+        cipher.iv = iv + IV_PADDING
+        encripted_text = cipher.update(signature + text) + cipher.final
+
+        Base64.encode64( iv + encripted_key + encripted_text).strip
+      rescue RuntimeError => error
+        raise TBK::Webpay::EncryptionError.new("Encryption failed",error)
+      end
+
+      def webpay_decrypt(encripted_text)
+        data = Base64.decode64(encripted_text)
+
+        iv = data[0...16]
+        encripted_key = data[16...(16 + self.key_bytes)]
+        key = self.key.private_decrypt(encripted_key, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = key
+        cipher.iv = iv + IV_PADDING
+        decrypted_text = cipher.update(data[(16 + self.key_bytes)..-1]) + cipher.final
+        signature = decrypted_text[0...(webpay_key_length)]
+        text = decrypted_text[(webpay_key_length)..-1]
+
+        unless webpay_key.verify(OpenSSL::Digest::SHA512.new, signature, text)
+          raise TBK::Webpay::EncryptionError, "Invalid message signature"
+        end
+
+        text
+      rescue TBK::Error
+        raise
+      rescue => error
+        raise TBK::Webpay::EncryptionError.new("Decryption failed",error)
+      end
+
+    end
+  end
+
+  Commerce.send :include, Webpay::Encryption
+end

data/lib/tbk/webpay/payment.rb

@@ -0,0 +1,159 @@
+module TBK
+  module Webpay
+    class Payment
+      attr_accessor :commerce
+      attr_accessor :amount
+      attr_accessor :order_id
+      attr_accessor :session_id
+      attr_accessor :confirmation_url
+      attr_accessor :success_url
+      attr_accessor :failure_url
+
+      def initialize(options = {})
+        self.commerce = options[:commerce]
+        self.amount = options[:amount]
+        self.order_id = options[:order_id]
+        self.session_id = options[:session_id]
+        self.confirmation_url = options[:confirmation_url]
+        self.success_url = options[:success_url]
+        self.failure_url = options[:failure_url]
+      end
+
+      # Transaction ids are generated randombly on the client side
+      def transaction_id
+        @transaction_id ||= (rand * 10000000000).to_i
+      end
+
+      def redirect_url
+        "#{ self.process_url }?TBK_VERSION_KCC=#{ TBK::VERSION::KCC }&TBK_TOKEN=#{ self.token }"
+      end
+
+      def to_html_form(options = {}, &block)
+        form = <<-EOF
+          <form method="POST"
+            class="#{ options[:class] || 'tbk_payment_form'}"
+            id="#{ options[:id] }"
+            action="#{ self.process_url }">
+            <input type="hidden" name="TBK_PARAM" value="#{ self.param }">
+            <input type="hidden" name="TBK_VERSION_KCC" value="#{ TBK::VERSION::KCC }">
+            <input type="hidden" name="TBK_CODIGO_COMERCIO" value="#{ self.commerce.id }">
+            <input type="hidden" name="TBK_KEY_ID" value="#{ self.commerce.webpay_key_id }">
+            #{ yield if block_given? }
+          </form>
+        EOF
+
+        form = form.html_safe if form.respond_to? :html_safe
+
+        form
+      end
+
+      protected
+        def process_url
+          if self.commerce.test?
+            "https://certificacion.webpay.cl:6443/filtroUnificado/bp_revision.cgi"
+          else
+            "https://webpay.transbank.cl:443/cgi-bin/bp_revision.cgi"
+          end
+        end
+
+        def validation_url
+          if self.commerce.test?
+            "https://certificacion.webpay.cl:6443/filtroUnificado/bp_validacion.cgi"
+          else
+            "https://webpay.transbank.cl:443/cgi-bin/bp_validacion.cgi"
+          end
+        end
+
+        def token
+          @token ||= begin
+            uri = URI.parse( self.validation_url )
+
+            response = nil
+            until response && response['location'].nil?
+              uri = URI.parse( response.nil? ? self.validation_url : response['location'] )
+
+              response = Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
+                post = Net::HTTP::Post.new uri.path
+                post["user-agent"] = "TBK/#{ TBK::VERSION::GEM } (Ruby/#{ RUBY_VERSION }; +#{ TBK::VERSION::WEBSITE })"
+                post.set_form_data({
+                  'TBK_VERSION_KCC' => TBK::VERSION::KCC,
+                  'TBK_CODIGO_COMERCIO' => self.commerce.id,
+                  'TBK_KEY_ID' => self.commerce.webpay_key_id,
+                  'TBK_PARAM' => self.param
+                })
+
+                # http.read_timeout = Webpay::Config.timeout
+                http.request post
+              end
+            end
+
+            unless response.code == "200"
+              raise TBK::Webpay::PaymentError, "Payment token generation failed"
+            end
+
+            response = self.commerce.webpay_decrypt(response.body)
+
+            unless /ERROR=([a-zA-Z0-9]+)/.match(response)[1] == "0"
+              raise TBK::Webpay::PaymentError, "Payment token generation failed"
+            end
+
+            /TOKEN=([a-zA-Z0-9]+)/.match(response)[1]
+          end
+        end
+
+        def param
+          @param ||= begin
+            self.verify!
+            self.commerce.webpay_encrypt(raw_params)
+          end
+        end
+
+        def verify!
+          raise TBK::Webpay::PaymentError, "Commerce required" if self.commerce.nil?
+          raise TBK::Webpay::PaymentError, "Invalid amount (#{self.amount.inspect})" unless self.amount && self.amount > 0
+          raise TBK::Webpay::PaymentError, "Order ID required" if self.order_id.nil?
+          raise TBK::Webpay::PaymentError, "Success URL required" if self.success_url.nil?
+          raise TBK::Webpay::PaymentError, "Confirmation URL required" if self.confirmation_url.nil?
+          confirmation_uri = URI.parse(self.confirmation_url)
+          raise TBK::Webpay::PaymentError, "Confirmation URL host MUST be an IP address" unless /(\d{1,3}\.){3}\d{1,3}/.match(confirmation_uri.host)
+          raise TBK::Webpay::PaymentError, "Confirmation URL port MUST be 80 or 8080" unless [80, 8080].include?(confirmation_uri.port)
+        end
+
+        def raw_params(splitter="#", include_pseudomac=true)
+          params = []
+
+          params << "TBK_ORDEN_COMPRA=#{ self.order_id }"
+          params << "TBK_CODIGO_COMERCIO=#{ self.commerce.id }"
+          params << "TBK_ID_TRANSACCION=#{ self.transaction_id }"
+
+          uri = URI.parse(self.confirmation_url)
+
+          params << "TBK_URL_CGI_COMERCIO=#{ uri.path }"
+          params << "TBK_SERVIDOR_COMERCIO=#{ uri.host }"
+          params << "TBK_PUERTO_COMERCIO=#{ uri.port }"
+
+          params << "TBK_VERSION_KCC=#{ TBK::VERSION::KCC }"
+          params << "TBK_KEY_ID=#{ self.commerce.webpay_key_id }"
+          params << "PARAMVERIFCOM=1"
+
+          if include_pseudomac
+            # An old pseudo mac generation carried from an old implementation
+            digest = OpenSSL::Digest::MD5.new
+            digest << self.raw_params('&',false) << self.commerce.id.to_s << "webpay"
+            mac = digest.to_s
+
+            params << "TBK_MAC=#{ mac }"
+          end
+
+
+          params << "TBK_MONTO=#{ (self.amount * 100).to_i }"
+          params << "TBK_ID_SESION=#{ self.session_id }" if self.session_id
+          params << "TBK_URL_EXITO=#{ self.success_url }"
+          params << "TBK_URL_FRACASO=#{ self.failure_url || self.success_url }"
+          params << "TBK_TIPO_TRANSACCION=TR_NORMAL"
+
+          params.join(splitter)
+        end
+    end
+  end
+end

data/lib/tbk/webpay.rb

@@ -0,0 +1,3 @@
+require 'tbk/webpay/encryption'
+require 'tbk/webpay/payment'
+require 'tbk/webpay/confirmation'

data/lib/tbk.rb

@@ -0,0 +1,11 @@
+require "base64"
+require "openssl"
+require "securerandom"
+require "net/https"
+require "cgi"
+
+require "tbk/version"
+require "tbk/errors"
+require "tbk/keys"
+require "tbk/commerce"
+require "tbk/webpay"

data/spec/spec_helper.rb

@@ -0,0 +1,3 @@
+require 'bundler/setup'
+require 'tbk'
+Dir["spec/support/**/*.rb"].each { |f| require File.expand_path(f) }

data/spec/support/syntax.rb

@@ -0,0 +1,5 @@
+RSpec.configure do |config|
+  config.expect_with :rspec do |expect|
+    expect.syntax = :expect
+  end
+end

data/spec/support/test_commerce.rb

@@ -0,0 +1,12 @@
+module TestCommerce
+  def test_commerce
+    @test_commerce ||= TBK::Commerce.new({
+      :id => 597026007976,
+      :test => true
+    })
+  end
+end
+
+RSpec.configure do |config|
+  config.include TestCommerce
+end

data/spec/webpay/confirmation_spec.rb

@@ -0,0 +1,4 @@
+require 'spec_helper'
+
+describe TBK::Webpay::Confirmation do
+end

data/spec/webpay/encryption_spec.rb

@@ -0,0 +1,4 @@
+require 'spec_helper'
+
+describe TBK::Webpay::Encryption do
+end

data/spec/webpay/payment_spec.rb

@@ -0,0 +1 @@
+require 'spec_helper'

data/tbk.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'tbk/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "tbk"
+  gem.version       = TBK::VERSION::GEM
+  gem.authors       = ["Seba Gamboa"]
+  gem.email         = ["me@sagmor.com"]
+  gem.description   = %q{Ruby implementation of Transbank's Webpay protocol}
+  gem.summary       = "Pure Ruby implementation of Transbank's Webpay KCC #{TBK::VERSION::KCC}"
+  gem.homepage      = TBK::VERSION::WEBSITE
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_development_dependency "tzinfo"
+  gem.add_development_dependency "rake"
+  gem.add_development_dependency "rspec"
+  gem.add_development_dependency "yard"
+  gem.add_development_dependency "redcarpet"
+end

metadata

@@ -0,0 +1,164 @@
+--- !ruby/object:Gem::Specification
+name: tbk
+version: !ruby/object:Gem::Version
+  version: 0.9.0
+  prerelease: 
+platform: ruby
+authors:
+- Seba Gamboa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-01-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: tzinfo
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Ruby implementation of Transbank's Webpay protocol
+email:
+- me@sagmor.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .travis.yml
+- .yardopts
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/tbk.rb
+- lib/tbk/commerce.rb
+- lib/tbk/errors.rb
+- lib/tbk/keys.rb
+- lib/tbk/keys/test_commerce.pem
+- lib/tbk/keys/webpay.101.pem
+- lib/tbk/keys/webpay_test.101.pem
+- lib/tbk/version.rb
+- lib/tbk/webpay.rb
+- lib/tbk/webpay/confirmation.rb
+- lib/tbk/webpay/encryption.rb
+- lib/tbk/webpay/payment.rb
+- spec/spec_helper.rb
+- spec/support/syntax.rb
+- spec/support/test_commerce.rb
+- spec/webpay/confirmation_spec.rb
+- spec/webpay/encryption_spec.rb
+- spec/webpay/payment_spec.rb
+- tbk.gemspec
+homepage: http://sagmor.com/tbk/
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -1481680372280631458
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -1481680372280631458
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Pure Ruby implementation of Transbank's Webpay KCC 6.0
+test_files:
+- spec/spec_helper.rb
+- spec/support/syntax.rb
+- spec/support/test_commerce.rb
+- spec/webpay/confirmation_spec.rb
+- spec/webpay/encryption_spec.rb
+- spec/webpay/payment_spec.rb
+has_rdoc: