veritrans 2.1.2 → 2.4.0

data/example/coreapi/core_api_credit_card_example.rb

@@ -0,0 +1,66 @@
+require 'veritrans'
+
+# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely.
+
+# Set Midtrans config
+# You can find it in Merchant Portal -> Settings -> Access keys
+Midtrans.config.server_key = "SB-Mid-server-uQmMImQMeo0Ky3Svl90QTUj2"
+Midtrans.config.client_key = "SB-Mid-client-ArNfhrh7st9bQKmz"
+Midtrans.config.api_host = "https://api.sandbox.midtrans.com"
+
+# IMPORTANT NOTE: You should do credit card get token via frontend using `midtrans-new-3ds.min.js`, to avoid card data breach risks on your backend
+# ( refer to: https://docs.midtrans.com/en/core-api/credit-card?id=_1-getting-the-card-token )
+# For full example on Credit Card 3DS transaction refer to:
+# (/example/sinatra) that implement Snap & Core Api
+
+# prepare CORE API parameter to get credit card token
+# another sample of card number can refer to https://docs.midtrans.com/en/technical-reference/sandbox-test?id=card-payments
+begin
+  card = {
+    card_number: 5211111111111117,
+    card_cvv: 123,
+    card_exp_month: 12,
+    card_exp_year: 2025
+  }
+  get_token = Midtrans.create_card_token(card)
+
+  # prepare CORE API parameter to charge credit card ( refer to: https://docs.midtrans.com/en/core-api/credit-card?id=_2-sending-transaction-data-to-charge-api )
+  result = Midtrans.charge(
+    {
+      "payment_type": "credit_card",
+      "transaction_details": {
+        "gross_amount": 10000,
+        "order_id": "ruby-example-coreapi-creditcard-#{Time.now.to_i}"
+      },
+      "credit_card": {
+        "token_id": "#{get_token.token_id}"
+      }
+    }
+  )
+  puts "charge result : #{result.data}"
+rescue MidtransError => e
+  puts e.message # Basic message error
+  puts e.http_status_code # HTTP status code e.g: 400, 401, etc.
+  puts e.api_response # API response body in String
+  puts e.raw_http_client_data # Raw HTTP client response
+end
+
+# result.data this will be Hash representation of the API JSON response, of example:
+# {
+# : status_code => "200",
+# : status_message => "Success, Credit Card transaction is successful",
+# : channel_response_code => "00",
+# : channel_response_message => "Approved",
+# : bank => "bni",
+# : transaction_id => "21386a6e-6e26-4191-9d05-877aa6063c08",
+# : order_id => "ruby-example-coreapi-creditcard-1634014338",
+# : merchant_id => "G686051436",: gross_amount => "10000.00",
+# : currency => "IDR",
+# : payment_type => "credit_card",
+# : transaction_time => "2021-10-12 11:52:18",
+# : transaction_status => "capture",
+# : fraud_status => "accept",
+# : approval_code => "1634014339258",
+# : masked_card => "521111-1117",
+# : card_type => "debit"
+# }

data/example/coreapi/readme.md

@@ -0,0 +1,4 @@
+How to run core_api_credit_card_example:
+
+1. Install dependencies: `gem install veritrans`
+2. Run the file: `ruby core_api_credit_card_example.rb`

data/example/sinatra/Gemfile

@@ -0,0 +1,7 @@
+source 'https://rubygems.org'
+gem 'sinatra'
+gem 'veritrans', path: "./../../" # install from local path, for testing purpose
+
+# @NOTE: in real usage scenario, for your project dependency you should only require
+# gem 'veritrans'
+# so the gem will be installed directly from rubygem repo. No need the `, path: "./../../"`

data/example/sinatra/README.md

@@ -0,0 +1,6 @@
+How to run sinatra example:
+
+1. Install dependencies: `bundle install`
+2. Run the sinatra app: `bundle exec ruby webapp.rb`
+
+The app will run at port 4567. Open `localhost:4567` from your browser.

data/example/sinatra/index.erb

@@ -0,0 +1,202 @@
+<!doctype html>
+<html>
+<head>
+  <title>Midtrans-Ruby simple demo</title>
+  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.12/featherlight.min.css">
+</head>
+<body>
+
+<header>
+  <h3>Midtrans sample demo sinatra app</h3>
+  <a href="https://github.com/veritrans/veritrans-ruby" class="github">Source Code</a>
+</header>
+
+<section>
+  <h4>Snap Popup</h4>
+  <a href="/snap">Click here</a>
+</section>
+
+<section>
+  <h4>Snap Redirect</h4>
+  <a href="/snap_redirect">Click here</a>
+</section>
+<br>
+<h3>Core API Credit Card</h3>
+<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/picomodal/3.0.0/picoModal.js"></script>
+
+<h1>Checkout</h1>
+<form action="/coreapi_card_charge_ajax_handler" method="POST" id="payment-form">
+  <fieldset>
+    <legend>Checkout</legend>
+    <small><strong>Field that may be presented to customer:</strong></small>
+    <p>
+      <label>Card Number</label>
+      <input class="card-number" value="4811 1111 1111 1114" size="23" type="text" autocomplete="off" />
+    </p>
+    <p>
+      <label>Expiration (MM/YYYY)</label>
+      <input class="card-expiry-month" value="12" placeholder="MM" size="2" type="text" />
+      <span> / </span>
+      <input class="card-expiry-year" value="2025" placeholder="YYYY" size="4" type="text" />
+    </p>
+    <p>
+      <label>CVV</label>
+      <input class="card-cvv" value="123" size="4" type="password" autocomplete="off" />
+    </p>
+
+    <small><strong>Fields that shouldn't be presented to the customer:</strong></small>
+    <p>
+      <label>3D Secure</label>
+      <input class="authenticate_3ds" type="checkbox" name="authenticate_3ds" value="true" checked>
+    </p>
+
+    <input id="token_id" name="token_id" type="hidden" />
+    <button class="submit-button" type="submit">Submit Payment</button>
+  </fieldset>
+</form>
+
+<code>
+  <b>Transaction Result:</b>
+  <pre id="result"> Awaiting transactions... </pre>
+  <b>Transaction verified status result:</b>
+  <pre id="status-result"> Awaiting transactions... </pre>
+  <pre>
+  <b>Testing cards:</b>
+
+    <b>For 3D Secure:</b>
+    Visa success              4811 1111 1111 1114
+    Visa deny by bank         4711 1111 1111 1115
+    Visa deny by FDS          4611 1111 1111 1116
+
+    MasterCard success        5211 1111 1111 1117
+    MasterCard deny by bank   5111 1111 1111 1118
+    MasterCard deny by FDS    5411 1111 1111 1115
+
+    Challenge by FDS          4511 1111 1111 1117
+    </pre>
+</code>
+
+<!-- Import MidtransNew3ds library -->
+<!-- TODO change data-environment to `production` for Production mode -->
+<!-- TODO change data-client-key to your production client key for Production mode -->
+<script id= "midtrans-script" src="https://api.midtrans.com/v2/assets/js/midtrans-new-3ds.min.js" data-environment="sandbox" data-client-key=<%= Midtrans.config.client_key %> type="text/javascript"></script>
+
+<!-- Javascript for token generation -->
+<script type="text/javascript">
+    // On Submit button clicked
+    document.querySelector(".submit-button").onclick = function (event) {
+        console.log("SUBMIT button clicked");
+        // prepare cardData
+        var cardData = {
+            "card_number": document.querySelector(".card-number").value,
+            "card_exp_month": document.querySelector(".card-expiry-month").value,
+            "card_exp_year": document.querySelector(".card-expiry-year").value,
+            "card_cvv": document.querySelector(".card-cvv").value,
+        };
+        // [1] Use card data to get card token on the callback
+        MidtransNew3ds.getCardToken(cardData, getCardTokenCallback);
+
+        event.preventDefault(); return false;
+    };
+
+    // getCardTokenCallback triggered when `MidtransNew3ds.getCardToken` completed.
+    var getCardTokenCallback = {
+        onSuccess: function(response){
+            // success to get card token
+            // [2] Send AJAX to let backend charge the card using the card token_id
+            fetch("/coreapi_card_charge_ajax_handler", {
+                method : "POST",
+                body: JSON.stringify({
+                    "token_id" : response.token_id,
+                    "authenticate_3ds" : document.querySelector('.authenticate_3ds').checked
+                }),
+                headers: {'Content-Type': 'application/json'},
+            })
+              .then(function(response) { return response.json(); })
+              .then(function(responseObj) {
+                  console.log("Charge response:",responseObj);
+                  if (responseObj.status_code == "201"){
+                      // [3.1] Transaction need 3DS authentication
+                      MidtransNew3ds.authenticate(responseObj.redirect_url, callback3dsAuthentication);
+                  } else {
+                      // Transaction do not need 3DS Authentication, transaction is complete with result
+                      transactionComplete(responseObj);
+                  }
+              })
+        },
+        onFailure: function(response){
+            // fail to get card token
+            transactionComplete(response);
+        }
+    }
+
+    var callback3dsAuthentication = {
+        performAuthentication: function(redirect_url){
+            // [3.2] 3ds authentication redirect_url received, open iframe to display to customer
+            popupModal.openPopup(redirect_url);
+        },
+        // [3.3] When 3DS authentication result received, which contains transaction result
+        // it will trigger one of function below, according to status: success/failure/pending
+        onSuccess: function(response){
+            transactionComplete(response);
+        },
+        onFailure: function(response){
+            transactionComplete(response);
+        },
+        onPending: function(response){
+            transactionComplete(response);
+
+        }
+    }
+
+    function transactionComplete(responseObj){
+        // Close 3DS popup, then display the result (for example)
+        console.log("transactionComplete with status: ",responseObj);
+        popupModal.closePopup();
+
+        document.querySelector("#result").innerText = JSON.stringify(responseObj, null, 2);
+        document.querySelector("#result").scrollIntoView();
+
+        if (responseObj.transaction_id){
+            // [4] Inform the result to backend update DB status and verify to Midtrans
+            fetch('/check_transaction_status', {
+                method : "POST",
+                body: JSON.stringify({ "transaction_id" : responseObj.transaction_id }),
+                headers: {'Content-Type': 'application/json'},
+            })
+              .then(function(statusResponse) { return statusResponse.json(); } )
+              .then(function(statusResponseObj) {
+                  // Transaction status received after being verified
+                  console.log("Check transaction response:",statusResponseObj);
+                  // transactionComplete(statusResponseObj);
+                  document.querySelector("#status-result").innerText =
+                    JSON.stringify(statusResponseObj, null, 2);
+
+              })
+        }
+    }
+
+    // helper functions below
+    let popupModal = (function(){
+        let modal = null;
+        return {
+            openPopup(url){
+                modal = picoModal({
+                    content:'<iframe frameborder="0" style="height:90vh; width:100%;" src="'+url+'"></iframe>',
+                    width: "75%",
+                    closeButton: false,
+                    overlayClose: false,
+                    escCloses: false
+                }).show();
+            },
+            closePopup(){
+                try{
+                    modal.close();
+                } catch(e) {}
+            }
+        }
+    }());
+</script>
+
+</body>
+</html>

data/example/sinatra/response.erb

@@ -0,0 +1 @@
+<%= @result.response.body %>

data/example/sinatra/snap.erb

@@ -0,0 +1,33 @@
+<!doctype html>
+<html>
+
+  <body>
+  <p>
+    <label>Snap Token</label>
+    <input type="text" id="token" value="<%= @token %>" readonly size="50">
+  </p>
+  <button id="pay-button">Pay</button>
+  <pre><div id="result-json">JSON result will appear here after payment:<br></div></pre>
+
+  <!-- TODO: Remove ".sandbox" from script src URL for production environment. Also input your client key in "data-client-key" -->
+  <script src="https://app.sandbox.midtrans.com/snap/snap.js" data-client-key=<%= Midtrans.config.client_key %>></script>
+  <script type="text/javascript">
+      document.getElementById('pay-button').onclick = function(){
+          // SnapToken acquired from previous step
+          snap.pay('<%= @token %>', {
+              // Optional
+              onSuccess: function(result){
+                  /* You may add your own js here, this is just example */ document.getElementById('result-json').innerHTML += JSON.stringify(result, null, 2);
+              },
+              // Optional
+              onPending: function(result){
+                  /* You may add your own js here, this is just example */ document.getElementById('result-json').innerHTML += JSON.stringify(result, null, 2);
+              },
+              // Optional
+              onError: function(result){
+                  /* You may add your own js here, this is just example */ document.getElementById('result-json').innerHTML += JSON.stringify(result, null, 2);
+              }
+          });
+      };
+  </script>
+  </body>

data/example/sinatra/snap_redirect.erb

@@ -0,0 +1,10 @@
+<!doctype html>
+<html>
+
+<body>
+<p>
+  <label>Snap Redirect URL</label>
+  <input type="text" id="Redirect URL" value="<%= @redirecturl %>" readonly size="50"><br><br>
+  <button onclick="location.href='<%= @redirecturl %>'">Open Snap Redirect URL</button></p>
+</body>
+</html>

data/example/sinatra/webapp.rb

@@ -0,0 +1,113 @@
+require 'veritrans'
+require 'json'
+require 'sinatra'
+
+Midtrans.config.server_key = "SB-Mid-server-uQmMImQMeo0Ky3Svl90QTUj2"
+Midtrans.config.client_key = "SB-Mid-client-ArNfhrh7st9bQKmz"
+Midtrans.config.api_host = "https://api.sandbox.midtrans.com"
+
+set :public_folder, File.dirname(__FILE__)
+set :views, File.dirname(__FILE__)
+set :run, $0 == __FILE__
+
+def generate_order_id
+  "sinatra-example-#{Time.now.to_i}"
+end
+
+get "/" do
+  erb :index
+end
+
+get "/snap" do
+  result = Midtrans.create_snap_token(
+    transaction_details: {
+      order_id: generate_order_id,
+      gross_amount: 100000,
+      secure: true
+    }
+  )
+  @token = result.token
+  erb :snap
+end
+
+get "/snap_redirect" do
+  result = Midtrans.create_snap_redirect_url(
+    transaction_details: {
+      order_id: generate_order_id,
+      gross_amount: 100000,
+      secure: true
+    }
+  )
+  @redirecturl = result.redirect_url
+  erb :snap_redirect
+end
+
+post "/coreapi_card_charge_ajax_handler" do
+  @data = JSON.parse(request.body.read)
+  @result = Midtrans.charge(
+    payment_type: "credit_card",
+    credit_card: {
+      token_id: @data['token_id'],
+      authentication: @data['authenticate_3ds']
+    },
+    transaction_details: {
+      order_id: generate_order_id,
+      gross_amount: 20000
+    })
+
+  if params[:format] == "json"
+    content_type :json
+    @result.response.body
+  else
+    erb :response
+  end
+end
+
+post "/check_transaction_status" do
+  @data = JSON.parse(request.body.read)
+  transaction_id = @data['transaction_id']
+  @result = Midtrans.status(transaction_id)
+
+  if params[:format] == "json"
+    content_type :json
+    @result.response.body
+  else
+    erb :response
+  end
+end
+
+post "/handle_http_notification" do
+  post_body = JSON.parse(request.body.read)
+  notification = Midtrans.status(post_body['transaction_id'])
+
+  order_id = notification.data[:order_id]
+  payment_type = notification.data[:payment_type]
+  transaction_status = notification.data[:transaction_status]
+  fraud_status = notification.data[:fraud_status]
+
+  puts "Transaction order_id: #{order_id}"
+  puts "Payment type:   #{payment_type}"
+  puts "Transaction status: #{transaction_status}"
+  puts "Fraud status:   #{fraud_status}"
+
+  return "Transaction notification received. Order ID: #{order_id}. Transaction status: #{transaction_status}. Fraud status: #{fraud_status}"
+
+  # Sample transactionStatus handling logic
+  if transaction_status == "capture" && fraud_status == "challange"
+    # TODO set transaction status on your databaase to 'challenge'
+  elsif transaction_status == "capture" && fraud_status == "success"
+    # TODO set transaction status on your databaase to 'success'
+  elsif transaction_status == "settlement"
+    # TODO set transaction status on your databaase to 'success'
+  elsif transaction_status == "deny"
+    # TODO you can ignore 'deny', because most of the time it allows payment retries
+  elsif transaction_status == "cancel" || transaction_status == "expire"
+    # TODO set transaction status on your databaase to 'failure'
+  elsif transaction_status == "pending"
+    # Todo set transaction status on your databaase to 'pending' / waiting payment
+  end
+
+end
+
+
+

data/example/snap/readme.md

@@ -0,0 +1,4 @@
+How to run snap_example:
+
+1. Install dependencies: `gem install veritrans`
+2. Run the file: `ruby snap_example.rb`

data/example/snap/snap_example.rb

@@ -0,0 +1,39 @@
+require 'veritrans'
+
+# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely.
+# Please refer to this docs for snap popup:
+# https://docs.midtrans.com/en/snap/integration-guide?id=integration-steps-overview
+
+# Please refer to this docs for snap-redirect:
+# https://docs.midtrans.com/en/snap/integration-guide?id=alternative-way-to-display-snap-payment-page-via-redirect
+
+# Set Midtrans config
+# You can find it in Merchant Portal -> Settings -> Access keys
+Midtrans.config.server_key = "SB-Mid-server-uQmMImQMeo0Ky3Svl90QTUj2"
+Midtrans.config.client_key = "SB-Mid-client-ArNfhrh7st9bQKmz"
+Midtrans.config.api_host = "https://api.sandbox.midtrans.com"
+
+# Create snap transaction
+begin
+result = Midtrans.create_snap_token(
+  transaction_details: {
+    order_id: "snap-example-test-#{Time.now.to_i}",
+    gross_amount: 200000
+  },
+  "credit_card": {
+    "secure": true
+  }
+)
+puts "Snap result : #{result.data}"
+rescue MidtransError => e
+  puts e.message # Basic message error
+  puts e.http_status_code # HTTP status code e.g: 400, 401, etc.
+  puts e.api_response # API response body in String
+  puts e.raw_http_client_data # Raw HTTP client response
+end
+
+# result.data this will be Hash representation of the API JSON response, of example:
+# {
+# : token => "008e586b-17f5-459f-8418-2764f08f1d8c",
+# : redirect_url => "https://app.sandbox.midtrans.com/snap/v2/vtweb/008e586b-17f5-459f-8418-2764f08f1d8c"
+# }

data/lib/test/all.rb

@@ -0,0 +1 @@
+Dir[File.dirname(File.absolute_path(__FILE__)) + '/**/*_test.rb'].each {|file| require file }