tomriley-active_merchant 1.4.2.3 → 1.4.2.4

data/lib/active_merchant/billing/gateways/ogone.rb

@@ -0,0 +1,259 @@
+require 'rexml/document'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # = Ogone DirectLink Gateway
+    #
+    # DirectLink is the API version of the Ogone Payment Platform. It allows server to server
+    # communication between Ogone systems and your e-commerce website.
+    #
+    # This implementation follows the specification provided in the DirectLink integration
+    # guide version 2.4 (December 2008), available here:
+    # https://secure.ogone.com/ncol/Ogone_DirectLink_EN.pdf
+    #
+    # It also features aliases, which allow to store/unstore credit cards, as specified in
+    # the Alias Manager Option guide version 2.2 available here:
+    # https://secure.ogone.com/ncol/Ogone_Alias_EN.pdf
+    #
+    # It was last tested on Release 04.79 of Ogone e-Commerce (dated 11/02/2009).
+    #
+    # For any questions or comments, please contact Nicolas Jacobeus (nj@belighted.com).
+    #
+    # == Example use:
+    #
+    #   gateway = ActiveMerchant::Billing::OgoneGateway.new(
+    #               :login     => "my_ogone_psp_id",
+    #               :user      => "my_ogone_user_id",
+    #               :password  => "my_ogone_pswd",
+    #               :signature => "my_ogone_sha1_signature" # extra security, only if you configured your Ogone environment so
+    #            )
+    #
+    #   # set up credit card obj as in main ActiveMerchant example
+    #   creditcard = ActiveMerchant::Billing::CreditCard.new(
+    #     :type       => 'visa',
+    #     :number     => '4242424242424242',
+    #     :month      => 8,
+    #     :year       => 2009,
+    #     :first_name => 'Bob',
+    #     :last_name  => 'Bobsen'
+    #   )
+    #
+    #   # run request
+    #   response = gateway.purchase(1000, creditcard, :order_id => "1") # charge 10 EUR
+    #
+    #   If you don't provide an :order_id, the gateway will generate a random one for you.
+    #
+    #   puts response.success?      # Check whether the transaction was successful
+    #   puts response.message       # Retrieve the message returned by Ogone
+    #   puts response.authorization # Retrieve the unique transaction ID returned by Ogone
+    #
+    #   To use the alias feature, simply add :alias in the options hash:
+    #
+    #   gateway.purchase(1000, creditcard, :order_id => "1", :alias => "myawesomecustomer") # associates the alias to that creditcard
+    #   gateway.purchase(2000, nil,        :order_id => "2", :alias => "myawesomecustomer") # don't need to know the creditcard for subsequent orders
+    #
+    class OgoneGateway < Gateway
+
+      URLS = {
+        :test =>       { :order => 'https://secure.ogone.com/ncol/test/orderdirect.asp',
+                         :maintenance => 'https://secure.ogone.com/ncol/test/maintenancedirect.asp' },
+        :production => { :order => 'https://secure.ogone.com/ncol/prod/orderdirect.asp',
+                         :maintenance => 'https://secure.ogone.com/ncol/prod/maintenancedirect.asp' }
+      }
+
+      CVV_MAPPING = { 'OK' => 'M',
+                      'KO' => 'N',
+                      'NO' => 'P' }
+
+      AVS_MAPPING = { 'OK' => 'M',
+                      'KO' => 'N',
+                      'NO' => 'R' }
+      SUCCESS_MESSAGE = "The transaction was successful"
+
+      self.supported_countries = ['BE', 'DE', 'FR', 'NL', 'AT', 'CH']
+      # also supports Airplus and UATP
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club, :discover, :jcb, :maestro]
+      self.homepage_url = 'http://www.ogone.com/'
+      self.display_name = 'Ogone'
+      self.default_currency = 'EUR'
+      self.money_format = :cents
+
+      def initialize(options = {})
+        requires!(options, :login, :user, :password)
+        @options = options
+        super
+      end
+
+      # Verify and reserve the specified amount on the account, without actually doing the transaction.
+      def authorize(money, payment_source, options = {})
+        post = {}
+        add_invoice(post, options)
+        add_payment_source(post, payment_source, options)
+        add_address(post, payment_source, options)
+        add_customer_data(post, options)
+        add_money(post, money, options)
+        commit('RES', post)
+      end
+
+      # Verify and transfer the specified amount.
+      def purchase(money, payment_source, options = {})
+        post = {}
+        add_invoice(post, options)
+        add_payment_source(post, payment_source, options)
+        add_address(post, payment_source, options)
+        add_customer_data(post, options)
+        add_money(post, money, options)
+        commit('SAL', post)
+      end
+
+      # Complete a previously authorized transaction.
+      def capture(money, authorization, options = {})
+        post = {}        
+        add_authorization(post, reference_from(authorization))
+        add_invoice(post, options)
+        add_customer_data(post, options)
+        add_money(post, money, options)
+        commit('SAL', post)
+      end
+
+      # Cancels a previously authorized transaction.
+      def void(identification, options = {})
+        post = {}
+        add_authorization(post, reference_from(identification))
+        commit('DES', post)
+      end
+
+      # Credit the specified account by a specific amount.
+      def credit(money, identification_or_credit_card, options = {})        
+        if reference_transaction?(identification_or_credit_card)
+          # Referenced credit: refund of a settled transaction
+          perform_reference_credit(money, identification_or_credit_card, options)
+        else # must be a credit card or card reference
+          perform_non_referenced_credit(money, identification_or_credit_card, options)
+        end
+      end
+
+      private
+      def reference_from(authorization)
+        authorization.split(";").first
+      end
+      
+      def reference_transaction?(identifier)
+        return false unless identifier.is_a?(String) 
+        reference, action = identifier.split(";")
+        !action.nil?
+      end
+      
+      def perform_reference_credit(money, payment_target, options = {})
+        post = {}
+        add_authorization(post, reference_from(payment_target))
+        add_money(post, money, options)
+        commit('RFD', post)        
+      end
+      
+      def perform_non_referenced_credit(money, payment_target, options = {})
+        # Non-referenced credit: acts like a reverse purchase
+        post = {}
+        add_invoice(post, options)
+        add_payment_source(post, payment_target, options)
+        add_address(post, payment_target, options)
+        add_customer_data(post, options)
+        add_money(post, money, options)
+        commit('RFD', post)
+      end
+      
+      def add_payment_source(post, payment_source, options)
+        if payment_source.is_a?(String)
+          add_alias(post, payment_source)
+          add_eci(post, '9')
+        else
+          add_alias(post, options[:store])
+          add_creditcard(post, payment_source)
+        end
+      end  
+      
+      def add_eci(post, eci)
+        add_pair post, 'ECI', eci
+      end
+      
+      def add_alias(post, _alias)
+        add_pair post, 'ALIAS',   _alias
+      end
+
+      def add_authorization(post, authorization)
+        add_pair post, 'PAYID',   authorization
+      end
+
+      def add_money(post, money, options)
+        add_pair post, 'currency', options[:currency] || currency(money)
+        add_pair post, 'amount',   amount(money)
+      end
+
+      def add_customer_data(post, options)
+        add_pair post, 'EMAIL',       options[:email]
+        add_pair post, 'REMOTE_ADDR', options[:ip]
+      end
+
+      def add_address(post, creditcard, options)
+        return unless options[:billing_address]
+        add_pair post, 'Owneraddress', options[:billing_address][:address1]
+        add_pair post, 'OwnerZip',     options[:billing_address][:zip]
+        add_pair post, 'ownertown',    options[:billing_address][:city]
+        add_pair post, 'ownercty',     options[:billing_address][:country]
+        add_pair post, 'ownertelno',   options[:billing_address][:phone]
+      end
+
+      def add_invoice(post, options)
+        add_pair post, 'orderID', options[:order_id] || generate_unique_id[0...30]
+        add_pair post, 'COM',     options[:description]
+      end
+
+      def add_creditcard(post, creditcard)
+        add_pair post, 'CN',     creditcard.name
+        add_pair post, 'CARDNO', creditcard.number
+        add_pair post, 'ED',     "%02d%02s" % [creditcard.month, creditcard.year.to_s[-2..-1]]
+        add_pair post, 'CVC',    creditcard.verification_value
+      end
+
+      def parse(body)
+        xml = REXML::Document.new(body)
+        xml.root.attributes
+      end
+
+      def commit(action, parameters)
+        add_pair parameters, 'PSPID',      @options[:login]
+        add_pair parameters, 'USERID',     @options[:user]
+        add_pair parameters, 'PSWD',       @options[:password]
+        url = URLS[test? ? :test : :production][parameters['PAYID'] ? :maintenance : :order ]
+        response = parse(ssl_post(url, post_data(action, parameters)))
+        options = { :authorization => [response["PAYID"], action].join(";"),
+                    :test => test?,
+                    :avs_result => { :code => AVS_MAPPING[response["AAVCheck"]] },
+                    :cvv_result => CVV_MAPPING[response["CVCCheck"]] }
+        Response.new(successful?(response), message_from(response), response, options)
+      end
+      
+      def successful?(response)
+        response["NCERROR"] == "0"
+      end
+
+      def message_from(response)
+        successful?(response) ? SUCCESS_MESSAGE : response["NCERRORPLUS"].to_s.strip.gsub("|", ", ")
+      end
+
+      def post_data(action, parameters = {})
+        add_pair parameters, 'Operation' , action
+        if @options[:signature] # the user wants a SHA-1 signature
+          string = ['orderID','amount','currency','CARDNO','PSPID','Operation','ALIAS'].map{|s|parameters[s]}.join + @options[:signature]
+          add_pair parameters, 'SHASign' , Digest::SHA1.hexdigest(string)
+        end
+        parameters.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+      end
+
+      def add_pair(post, key, value, options = {})
+        post[key] = value if !value.blank? || options[:required]
+      end
+
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/paypal.rb

@@ -11,14 +11,14 @@ module ActiveMerchant #:nodoc:
       self.homepage_url = 'https://www.paypal.com/cgi-bin/webscr?cmd=_wp-pro-overview-outside'
       self.display_name = 'PayPal Website Payments Pro (US)'
       
-      def authorize(money, credit_card, options = {})
+      def authorize(money, credit_card_or_referenced_id, options = {})
         requires!(options, :ip)
-        commit 'DoDirectPayment', build_sale_or_authorization_request('Authorization', money, credit_card, options)
+        commit define_transaction_type(credit_card_or_referenced_id), build_sale_or_authorization_request('Authorization', money, credit_card_or_referenced_id, options)
       end
 
-      def purchase(money, credit_card, options = {})
+      def purchase(money, credit_card_or_referenced_id, options = {})
         requires!(options, :ip)
-        commit 'DoDirectPayment', build_sale_or_authorization_request('Sale', money, credit_card, options)
+        commit define_transaction_type(credit_card_or_referenced_id), build_sale_or_authorization_request('Sale', money, credit_card_or_referenced_id, options)
       end
       
       def express
@@ -26,15 +26,28 @@ module ActiveMerchant #:nodoc:
       end
       
       private
-      def build_sale_or_authorization_request(action, money, credit_card, options)
+      
+      def define_transaction_type(transaction_arg)
+        if transaction_arg.is_a?(String)
+          return 'DoReferenceTransaction'
+        else
+          return 'DoDirectPayment'
+        end
+      end
+      
+      def build_sale_or_authorization_request(action, money, credit_card_or_referenced_id, options)
+        transaction_type = define_transaction_type(credit_card_or_referenced_id)
+        reference_id = credit_card_or_referenced_id if transaction_type == "DoReferenceTransaction"
+        
         billing_address = options[:billing_address] || options[:address]
         currency_code = options[:currency] || currency(money)
        
         xml = Builder::XmlMarkup.new :indent => 2
-        xml.tag! 'DoDirectPaymentReq', 'xmlns' => PAYPAL_NAMESPACE do
-          xml.tag! 'DoDirectPaymentRequest', 'xmlns:n2' => EBAY_NAMESPACE do
+        xml.tag! transaction_type + 'Req', 'xmlns' => PAYPAL_NAMESPACE do
+          xml.tag! transaction_type + 'Request', 'xmlns:n2' => EBAY_NAMESPACE do
             xml.tag! 'n2:Version', API_VERSION
-            xml.tag! 'n2:DoDirectPaymentRequestDetails' do
+            xml.tag! 'n2:' + transaction_type + 'RequestDetails' do
+              xml.tag! 'n2:ReferenceID', reference_id if transaction_type == 'DoReferenceTransaction'
               xml.tag! 'n2:PaymentAction', action
               xml.tag! 'n2:PaymentDetails' do
                 xml.tag! 'n2:OrderTotal', amount(money), 'currencyID' => currency_code
@@ -54,7 +67,7 @@ module ActiveMerchant #:nodoc:
                 
                 add_address(xml, 'n2:ShipToAddress', options[:shipping_address]) if options[:shipping_address]
               end
-              add_credit_card(xml, credit_card, billing_address, options)
+              add_credit_card(xml, credit_card_or_referenced_id, billing_address, options) unless transaction_type == 'DoReferenceTransaction'
               xml.tag! 'n2:IPAddress', options[:ip]
             end
           end

data/lib/active_merchant/billing/gateways/{protx.rb → sage_pay.rb}

@@ -1,12 +1,12 @@
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
-    class ProtxGateway < Gateway  
+    class SagePayGateway < Gateway  
       cattr_accessor :simulate
       self.simulate = false
       
-      TEST_URL = 'https://ukvpstest.protx.com/vspgateway/service'
-      LIVE_URL = 'https://ukvps.protx.com/vspgateway/service'
-      SIMULATOR_URL = 'https://ukvpstest.protx.com/VSPSimulator'
+      TEST_URL = 'https://test.sagepay.com/gateway/service'
+      LIVE_URL = 'https://live.sagepay.com/gateway/service'
+      SIMULATOR_URL = 'https://test.sagepay.com/Simulator'
     
       APPROVED = 'OK'
       REGISTERED = 'REGISTERED'
@@ -47,10 +47,11 @@ module ActiveMerchant #:nodoc:
     
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :switch, :solo, :maestro, :diners_club]
       self.supported_countries = ['GB']
+      self.supports_3d_secure = true
       self.default_currency = 'GBP'
       
-      self.homepage_url = 'http://www.protx.com'
-      self.display_name = 'Protx'
+      self.homepage_url = 'http://www.sagepay.com'
+      self.display_name = 'SagePay'
 
       def initialize(options = {})
         requires!(options, :login)
@@ -61,6 +62,10 @@ module ActiveMerchant #:nodoc:
       def test?
         @options[:test] || super
       end
+
+      def three_d_secure_enabled?
+        @options[:enable_3d_secure]
+      end
       
       def purchase(money, credit_card, options = {})
         requires!(options, :order_id)
@@ -71,7 +76,8 @@ module ActiveMerchant #:nodoc:
         add_credit_card(post, credit_card)
         add_address(post, options)
         add_customer_data(post, options)
-
+        add_three_d_secure_flag(post, options)
+        
         commit(:purchase, post)
       end
       
@@ -84,7 +90,8 @@ module ActiveMerchant #:nodoc:
         add_credit_card(post, credit_card)
         add_address(post, options)
         add_customer_data(post, options)
-
+        add_three_d_secure_flag(post, options)
+        
         commit(:authorization, post)
       end
       
@@ -152,6 +159,11 @@ module ActiveMerchant #:nodoc:
         commit(:credit, post)
       end
       
+      # Completes a 3D Secure transaction
+      def three_d_complete(pa_res, md)
+        commit(:three_d_complete, 'PARes' => pa_res, 'MD' => md)
+      end
+      
       private
       def add_reference(post, identification)
         order_id, transaction_id, authorization, security_key = identification.split(';') 
@@ -186,6 +198,14 @@ module ActiveMerchant #:nodoc:
         add_pair(post, :BillingPhone, options[:phone].gsub(/[^0-9+]/, '')[0,20]) unless options[:phone].blank?
         add_pair(post, :ClientIPAddress, options[:ip])
       end
+      
+      def add_three_d_secure_flag(post, options)
+        if three_d_secure_enabled? && options[:skip_3d_secure] != true
+          add_pair(post, :Apply3DSecure, '0')
+        else
+          add_pair(post, :Apply3DSecure, '2')
+        end
+      end
 
       def add_address(post, options)
         if billing_address = options[:billing_address] || options[:address]
@@ -270,7 +290,11 @@ module ActiveMerchant #:nodoc:
             :street_match => AVS_CVV_CODE[ response["AddressResult"] ],
             :postal_match => AVS_CVV_CODE[ response["PostCodeResult"] ],
           },
-          :cvv_result => AVS_CVV_CODE[ response["CV2Result"] ]
+          :cvv_result => AVS_CVV_CODE[ response["CV2Result"] ],
+          :three_d_secure => response["Status"] == '3DAUTH',
+          :pa_req => response["PAReq"],
+          :md => response["MD"],
+          :acs_url => response["ACSURL"]
         )
       end
       
@@ -300,12 +324,20 @@ module ActiveMerchant #:nodoc:
       end
       
       def build_url(action)
-        endpoint = [ :purchase, :authorization, :authenticate ].include?(action) ? "vspdirect-register" : TRANSACTIONS[action].downcase
+        if action == :three_d_complete
+          endpoint = 'direct3dcallback'
+        else
+          endpoint = [ :purchase, :authorization, :authenticate ].include?(action) ? "vspdirect-register" : TRANSACTIONS[action].downcase
+        end
         "#{test? ? TEST_URL : LIVE_URL}/#{endpoint}.vsp"
       end
       
       def build_simulator_url(action)
-        endpoint = [ :purchase, :authorization, :authenticate ].include?(action) ? "VSPDirectGateway.asp" : "VSPServerGateway.asp?Service=Vendor#{TRANSACTIONS[action].capitalize}Tx"
+        if action == :three_d_complete
+          endpoint = 'VSPDirectCallback.asp'
+        else
+          endpoint = [ :purchase, :authorization, :authenticate ].include?(action) ? "VSPDirectGateway.asp" : "VSPServerGateway.asp?Service=Vendor#{TRANSACTIONS[action].capitalize}Tx"
+        end
         "#{SIMULATOR_URL}/#{endpoint}"
       end
 
@@ -323,7 +355,7 @@ module ActiveMerchant #:nodoc:
         parameters.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
       end
       
-      # Protx returns data in the following format
+      # SagePay returns data in the following format
       # Key1=value1
       # Key2=value2
       def parse(body)
@@ -344,6 +376,7 @@ module ActiveMerchant #:nodoc:
         [ first_name[0,20], last_name[0,20] ]
       end
     end
+    ProtxGateway = SagePayGateway
   end
 end