wirecard_checkout_page 0.0.1 → 0.1.0

data/lib/wirecard_checkout_page/toolkit/request.rb

@@ -0,0 +1,55 @@
+# Official Wirecard Checkout Page Docs for Toolkit Requests:
+# https://integration.wirecard.at/doku.php/wcp:toolkit_light:start?s[]=toolkit
+module WirecardCheckoutPage
+  module Toolkit
+    class Request < WirecardCheckoutPage::Request
+
+      DEFAULT_URL = 'https://checkout.wirecard.com/page/toolkit.php'
+
+      # Which request parameters are required for all operations?
+      # To start an operation you have to set all required parameters to their corresponding values.
+      # If one or more of these required parameters are missing you will get an error message.
+
+      # Parameter          Data type                               Short description
+      # customerId         Alphanumeric with a fixed length of 7.  Unique ID of merchant.
+      # shopId             Alphanumeric with a variable length of 16. Unique ID of your online shop if several
+      # toolkitPassword    Alphanumeric with special characters.   Your password for Toolkit light operations.
+      # command            Enumeration                             Operation to be executed.
+      # language           Alphabetic with a fixed length of 2.    Language for returned texts and error messages,
+      #                                                            currently only “en” is supported; we are able
+      #                                                            to integrate other languages upon request.
+      # requestFingerprint Alphanumeric with a fixed length of 32. Computed fingerprint of the parameter
+      #                                                            values and the secret.
+      # param :customerId,      required: true
+      # param :shopId
+      # param :toolkitPassword, required: true
+      # param :command,         required: true
+      # param :language,        required: true
+
+
+      def initialize(url: nil, params: {})
+        super url: url || DEFAULT_URL, params: params
+        self.language = 'en'
+      end
+
+      def call
+        raise WirecardCheckoutPage::ValueMissing, errors.join(', ') unless valid?
+        WirecardCheckoutPage::Toolkit::Response.from_typhoeus_response Typhoeus.post(url, body: body, headers: headers)
+      end
+
+      # HTTP header parameter	Description
+      # Host           Domain name of server. Has to be set to the following value: secure.wirecard-cee.com
+      # User-Agent     User agent string of client. (Should be set by the HTTP-Client lib)
+      # Content-Length Length of body in bytes. (Should be set by HTTP-Client lib)
+      # Content-Type   MIME type of the body. Has to be set to the following value: application/x-www-form-urlencoded
+      # Connection     Type of connection. Has to be set to the following value: close
+      def headers
+        {
+          'Host'         => 'secure.wirecard-cee.com',
+          'Content-Type' => 'application/x-www-form-urlencoded',
+          'Connection'   => 'close',
+        }
+      end
+    end
+  end
+end

data/lib/wirecard_checkout_page/toolkit/response.rb

@@ -0,0 +1,50 @@
+require 'cgi'
+
+module WirecardCheckoutPage
+  module Toolkit
+    class Response
+      def self.from_typhoeus_response(response)
+        new(response.body, original_response: response)
+      end
+
+      def initialize(body, original_response: nil)
+        @body = body
+        @original_response = original_response
+      end
+
+      attr_reader :original_response
+
+      attr_reader :body
+
+      def success?
+        status == '0'
+      end
+
+      def error_code
+        param('errorCode').to_s
+      end
+
+      def order_number
+        param('orderNumber').to_i
+      end
+
+      def params
+        { payment_url: original_response.headers['Location'] }
+      end
+
+      private
+
+      def status
+        param 'status'
+      end
+
+      def param(key)
+        parsed_body[key].last
+      end
+
+      def parsed_body
+        @parsed_body ||= CGI::parse(body)
+      end
+    end
+  end
+end

data/lib/wirecard_checkout_page/version.rb

@@ -1,6 +1,6 @@
 module WirecardCheckoutPage
   # WirecardCheckoutPage version
-  VERSION         = '0.0.1'
+  VERSION         = '0.1.0'
   VERSION_ARRAY   = VERSION.split('.').map(&:to_i) # :nodoc:
   VERSION_MAJOR   = VERSION_ARRAY[0] # :nodoc:
   VERSION_MINOR   = VERSION_ARRAY[1] # :nodoc:

data/spec/spec_helper.rb

@@ -1,3 +1,5 @@
+require 'typhoeus'
+
 if ENV['START_SIMPLECOV'].to_i == 1
   require 'simplecov'
   SimpleCov.start do
@@ -15,13 +17,15 @@ if ENV.key?('CODECLIMATE_REPO_TOKEN')
   end
 end
 
-require 'rspec'
-require 'byebug'
-require 'wirecard_checkout_page'
-
 RSpec.configure do |config|
-  config.before(:all) do
-    response = Typhoeus::Response.new(code: 302, body: "", headers: { 'Location' => 'payment-url' })
-    Typhoeus.stub(/init/).and_return(response)
-  end
+  config.before :each do
+    Typhoeus::Expectation.clear
+   end
 end
+
+require 'rspec'
+begin
+  require 'byebug'
+rescue LoadError
+end
+require 'wirecard_checkout_page'

data/spec/wirecard_checkout_page/gateway_spec.rb

@@ -1,62 +1,120 @@
 require 'spec_helper'
 
 describe WirecardCheckoutPage::Gateway do
-  let(:gateway) { WirecardCheckoutPage::Gateway.new(customerId: 'foo', secret: 'bar') }
+  let(:credentials) do
+    {
+      customer_id:      'D200001',
+      secret:           'B8AKTPWBRMNBV455FG6M2DANE99WU2',
+      toolkit_password: 'jcv45z',
+    }
+  end
+  let(:gateway) { WirecardCheckoutPage::Gateway.new credentials }
 
   describe '#initialize' do
     it 'stores secret, customerId and init_url if given' do
-      gateway = WirecardCheckoutPage::Gateway.new(customerId: 'foo', secret: 'bar', init_url: 'foobar')
-      expect(gateway.customerId).to eq 'foo'
+      gateway = WirecardCheckoutPage::Gateway.new(
+        customer_id: 'foo',
+        secret: 'bar',
+        toolkit_password: '123'
+      )
+      expect(gateway.customer_id).to eq 'foo'
       expect(gateway.secret).to eq 'bar'
-      expect(gateway.init_url).to eq 'foobar'
-    end
-
-    it 'takes the default init url if none was given' do
-      gateway = WirecardCheckoutPage::Gateway.new
-      expect(gateway.init_url).to be_a String
-      expect(gateway.init_url).to eq WirecardCheckoutPage::Gateway::DEFAULT_INIT_URL
+      expect(gateway.toolkit_password).to eq '123'
     end
   end
 
   describe '#init' do
+    let(:stubbed_response) do
+      Typhoeus::Response.new(code: 302, body: '', headers: { 'Location' => 'https://example.com/single_init' })
+    end
+    before { Typhoeus.stub('https://checkout.wirecard.com/page/init.php').and_return(stubbed_response) }
+
     let(:valid_params) do
       {
         amount:           '100.00',
+        currency:         'EUR',
         orderDescription: 'order',
-        serviceURL:       'service',
-        successURL:       'succes',
-        cancelURL:        'cancel',
-        failureURL:       'failure',
-        confirmURL:       'confirm',
+        serviceUrl:       'https://foo.com/service',
+        successUrl:       'https://foo.com/success',
+        cancelUrl:        'https://foo.com/cancel',
+        failureUrl:       'https://foo.com/failure',
+        confirmUrl:       'https://foo.com/confirm',
         orderReference:   '123',
+        language:         'de',
+        paymentType:      'SELECT',
       }
     end
 
-    it 'builds a checksum with the authorization params' do
-      expect(WirecardCheckoutPage::RequestChecksum).to receive(:new).
-        with(hash_including customerId: 'foo', secret: 'bar').and_call_original
+    it 'builds' do
+      expect(WirecardCheckoutPage::InitRequest).to receive(:new).and_call_original
       gateway.init(valid_params)
     end
 
     it 'returns a InitResponse with the correct payment url' do
+      gateway = WirecardCheckoutPage::Gateway.new(
+        customer_id: 'D200001',
+        secret: 'B8AKTPWBRMNBV455FG6M2DANE99WU2',
+      )
       response = gateway.init(valid_params)
       expect(response).to be_a WirecardCheckoutPage::InitResponse
-      expect(response.params).to eq(payment_url: 'payment-url')
+      payment_url = response.params[:payment_url]
+      expect(payment_url).to match 'https://example.com/single_init'
     end
   end
 
-  describe '#check_response' do
+  describe '#recurring_init' do
+    let(:stubbed_response) do
+      Typhoeus::Response.new(code: 302, body: '', headers: { 'Location' => 'https://example.com/recurring_init' })
+    end
+    before { Typhoeus.stub('https://checkout.wirecard.com/page/init.php').and_return(stubbed_response) }
+
+    let(:valid_params) do
+      {
+        amount:           '100.00',
+        currency:         'EUR',
+        paymentType:      'SELECT',
+        orderDescription: 'order',
+        serviceUrl:       'https://foo.com/service',
+        successUrl:       'https://foo.com/success',
+        cancelUrl:        'https://foo.com/cancel',
+        failureUrl:       'https://foo.com/failure',
+        confirmUrl:       'https://foo.com/confirm',
+        orderReference:   '123',
+        language:         'de',
+      }
+    end
+
     it 'builds a checksum with the authorization params' do
-      expect(WirecardCheckoutPage::ResponseChecksum).to receive(:new).
-        with(
-          hash_including('customerId' => 'foo', 'secret' => 'bar')
-      ).and_call_original
-      gateway.check_response.valid?
+      expect(WirecardCheckoutPage::InitRequest).to receive(:new).and_call_original
+      gateway.recurring_init(valid_params)
+    end
+
+    it 'returns a InitResponse with the correct payment url' do
+      response = gateway.recurring_init(valid_params)
+      expect(response).to be_a WirecardCheckoutPage::InitResponse
+      payment_url = response.params[:payment_url]
+      expect(payment_url).to match 'https://example.com/recurring_init'
+    end
+  end
+
+  describe '#recurring_process' do
+    let(:stubbed_response) { Typhoeus::Response.new(code: 302, body: 'status=0&orderNumber=1') }
+    before { Typhoeus.stub('https://checkout.wirecard.com/page/toolkit.php').and_return(stubbed_response) }
+
+    let(:valid_params) do
+      {
+        sourceOrderNumber: '123',
+        orderDescription:  'orderDescription',
+        amount:            '345',
+        currency:          'EUR'
+      }
     end
 
-    it 'returns true if the response was valid' do
-      allow_any_instance_of(WirecardCheckoutPage::ResponseChecksum).to receive(:valid?).and_return(true)
-      expect(gateway.check_response).to be_valid
+    it 'returns a successful ToolKit::Reponse' do
+      response = gateway.recurring_process(valid_params)
+      expect(response).to be_a WirecardCheckoutPage::Toolkit::Response
+      expect(response).to be_success
     end
   end
+
 end

data/spec/wirecard_checkout_page/init_request_spec.rb

@@ -0,0 +1,62 @@
+require 'spec_helper'
+
+describe WirecardCheckoutPage::InitRequest do
+  let(:valid_params) do
+    {
+      customerId:            'D200001',
+      secret:                'B8AKTPWBRMNBV455FG6M2DANE99WU2',
+      amount:                '100.00',
+      currency:              'EUR',
+      orderDescription:      'order',
+      serviceUrl:            'https://foo.com/service',
+      successUrl:            'https://foo.com/success',
+      cancelUrl:             'https://foo.com/cancel',
+      failureUrl:            'https://foo.com/failure',
+      confirmUrl:            'https://foo.com/confirm',
+      orderReference:        '123',
+      language:              'de',
+      paymentType:           'SELECT',
+    }
+  end
+
+  describe '#body' do
+    context 'with standard params' do
+      it 'has the right fingerprint' do
+        request = described_class.new params: valid_params
+        expected_request_fingerprint_order = 'secret,customerId,language,paymentType,amount,currency,orderDescription,successUrl,cancelUrl,failureUrl,serviceUrl,confirmUrl,orderReference,transactionIdentifier,requestFingerprintOrder'
+        expect(request.body['requestFingerprintOrder']).to eq expected_request_fingerprint_order
+        expect(request.body['requestFingerprint']).to eq Digest::MD5.hexdigest(
+              'B8AKTPWBRMNBV455FG6M2DANE99WU2''D200001''de''SELECT''100.00''EUR''order''https://foo.com/success''https://foo.com/cancel''https://foo.com/failure''https://foo.com/service''https://foo.com/confirm''123''SINGLE'"#{expected_request_fingerprint_order}"
+            )
+      end
+    end
+
+    context 'with recurring init' do
+      it 'has the right fingerprint' do
+        request = described_class.new params: valid_params.merge(transactionIdentifier: 'INITIAL')
+        expected_request_fingerprint_order = 'secret,customerId,language,paymentType,amount,currency,orderDescription,successUrl,cancelUrl,failureUrl,serviceUrl,confirmUrl,orderReference,transactionIdentifier,requestFingerprintOrder'
+        expect(request.body['requestFingerprintOrder']).to eq expected_request_fingerprint_order
+        expect(request.body['requestFingerprint']).to eq Digest::MD5.hexdigest(
+              'B8AKTPWBRMNBV455FG6M2DANE99WU2''D200001''de''SELECT''100.00''EUR''order''https://foo.com/success''https://foo.com/cancel''https://foo.com/failure''https://foo.com/service''https://foo.com/confirm''123''INITIAL'"#{expected_request_fingerprint_order}"
+            )
+      end
+    end
+  end
+
+  context 'performing a request' do
+    let(:stubbed_response) do
+      Typhoeus::Response.new(code: 302, body: '', headers: { 'Location' => 'https://example.com/single_init' })
+    end
+    before { Typhoeus.stub('https://checkout.wirecard.com/page/init.php').and_return(stubbed_response) }
+
+    it 'makes a successful request' do
+      request = described_class.new params: valid_params
+
+      response = request.call
+      expect(response).to be_a WirecardCheckoutPage::InitResponse
+      expect(response).to be_success
+      payment_url = response.params[:payment_url]
+      expect(payment_url).to match 'https://example.com/single_init'
+    end
+  end
+end

data/spec/wirecard_checkout_page/request_spec.rb

@@ -0,0 +1,88 @@
+require 'spec_helper'
+
+class TestRequest < WirecardCheckoutPage::Request
+
+  param :customerId, required: true
+  param :shopId
+  param :param1,     required: true
+  param :secret,     required: true
+  param :command,    required: true
+  param :language,   required: true
+
+  def initialize(params: {})
+    super params: params
+    self.command = 'test'
+    self.language = 'en'
+  end
+
+end
+
+describe WirecardCheckoutPage::Request do
+  let(:valid_params) do
+    {
+      customerId: 'ABC',
+      secret:     'geheim',
+      param1:     '345'
+    }
+  end
+
+  describe '#request_params' do
+    subject { TestRequest.new params: valid_params }
+
+    it 'has the right request_params' do
+      expect(subject.request_params).to eq(
+          {
+            'command'    => 'test',
+            'language'   => 'en',
+            'customerId' => 'ABC',
+            'param1'     => '345',
+          }
+        )
+    end
+  end
+
+  describe '#body' do
+
+    context 'with minimal params' do
+      subject { TestRequest.new(params: valid_params) }
+
+      it 'has correct fingerprinted params' do
+        expect(subject.body).to  eq(
+            {
+              'command'                 => 'test',
+              'language'                => 'en',
+              'customerId'              => 'ABC',
+              'param1'                  => '345',
+              'requestFingerprint'      => Digest::MD5.hexdigest('ABC''345''geheim''test''en'),
+              'requestFingerprintOrder' => 'customerId,param1,secret,command,language',
+            }
+          )
+      end
+    end
+
+    context 'with optional params' do
+      subject { TestRequest.new(params: valid_params.merge(shopId: 'XYZ')) }
+
+      it 'has correct fingerprinted params' do
+        expect(subject.body).to  eq(
+            {
+              'command'                 => 'test',
+              'language'                => 'en',
+              'customerId'              => 'ABC',
+              'param1'                  => '345',
+              'shopId'                  => 'XYZ',
+              'requestFingerprint'      => Digest::MD5.hexdigest('ABC''XYZ''345''geheim''test''en'),
+              'requestFingerprintOrder' => 'customerId,shopId,param1,secret,command,language',
+            }
+          )
+      end
+    end
+  end
+
+  describe '#call' do
+    it 'raises ValueMissing' do
+      expect { TestRequest.new.call } .to raise_error WirecardCheckoutPage::NotImplementedError
+    end
+  end
+
+end

data/spec/wirecard_checkout_page/response_checksum_spec.rb

@@ -2,127 +2,81 @@ require 'spec_helper'
 require 'wirecard_checkout_page'
 
 describe WirecardCheckoutPage::ResponseChecksum do
-  let :secret do
-    'SOMESECRET'
-  end
-
-  let :customer_id do
-    'SOMECUSTOMERID'
-  end
+  describe '#valid?' do
+    context 'with valid parameters' do
+      it 'is valid' do
+        fingerprint_order           = 'amount,currency,paymentType,financialInstitution,language,orderNumber,paymentState,authenticated,anonymousPan,expiry,maskedPan,gatewayReferenceNumber,gatewayContractNumber,secret,responseFingerprintOrder'
+        expected_fingerprint_string = '50.00''EUR''CCARD''Visa''de''8300664''SUCCESS''No''1122''06/2018''405911******1122''C101361143697423285286''000000316159CED9''SECRET'"#{fingerprint_order}"
 
-  let :shop_id do
-    'someshopid'
-  end
+        params = {
+          secret:                    'SECRET',
+          'amount'                   => '50.00',
+          'currency'                 => 'EUR',
+          'paymentType'              => 'CCARD',
+          'financialInstitution'     => 'Visa',
+          'language'                 => 'de',
+          'orderNumber'              => '8300664',
+          'paymentState'             => 'SUCCESS',
+          'authenticated'            => 'No',
+          'anonymousPan'             => '1122',
+          'expiry'                   => '06/2018',
+          'maskedPan'                => '405911******1122',
+          'gatewayReferenceNumber'   => 'C101361143697423285286',
+          'gatewayContractNumber'    => '000000316159CED9',
+          'responseFingerprintOrder' => fingerprint_order,
+          'responseFingerprint'      => 'd1e7ecba3980ca2da4954b9d154c1e1e',
+        }
+        checksum = described_class.new(params)
+        expect(checksum).to be_valid
+      end
+    end
 
-  it "recognizes a correct response" do
-    response_params = {
-      secret:                  secret,
-      fingerprint_keys:        WirecardCheckoutPage::RequestChecksum::FINGERPRINT_KEYS + %w[shopId],
-      customerId:              customer_id,
-      shopId:                  shop_id,
-      "amount"                 => "28.95",
-      "currency"               => "EUR",
-      "paymentType"            => "CCARD",
-      "financialInstitution"   => "MC",
-      "language"               => "de",
-      "orderNumber"            => "7739491",
-      "paymentState"           => "SUCCESS",
-      "utf8"                   => "✓",
-      "authenticity_token"     => "bnz1fHxcCYD9jdPiNIEl7yJExRetWWAOQPopmjYksFc=",
-      "commit"                 => "Bezahlen",
-      "authenticated"          => "No",
-      "anonymousPan"           => "0002",
-      "expiry"                 => "01/2013",
-      "cardholder"             => "Foorian Bar",
-      "maskedPan"              => "950000******0002",
-      "gatewayReferenceNumber" => "DGW_7739491_RN",
-      "gatewayContractNumber"  => "DemoContractNumber123",
-      "responseFingerprintOrder"=>"amount,currency,paymentType,"\
-        "financialInstitution,language,orderNumber,paymentState,utf8,"\
-        "authenticity_token,commit,authenticated,anonymousPan,expiry,"\
-        "cardholder,maskedPan,gatewayReferenceNumber,gatewayContractNumber,"\
-        "secret,responseFingerprintOrder",
-      "responseFingerprint" => "8a1319b4a097d5a9157f479b11e8f5ae",
-      "challenge_offer_id"  => "0dd916e49abd1935c2dc084bae2a57b8"
-    }
-    checksum = WirecardCheckoutPage::ResponseChecksum.new(response_params)
-    checksum.valid?
-    expect(checksum.computed_fingerprint).to eq '8a1319b4a097d5a9157f479b11e8f5ae'
-    expect(checksum).to be_valid
-  end
+    context 'with invalid parameters' do
+      it 'is not valid' do
+        fingerprint_order           = 'amount,currency,paymentType,financialInstitution,language,orderNumber,paymentState,authenticated,anonymousPan,expiry,maskedPan,gatewayReferenceNumber,gatewayContractNumber,secret,responseFingerprintOrder'
+        expected_fingerprint_string = '50.00''EUR''CCARD''Visa''de''8300664''SUCCESS''No''1122''06/2018''405911******1122''C101361143697423285286''000000316159CED9''SECRET'"#{fingerprint_order}"
 
-  it "fails check on an incorrect response" do
-    response_params = {
-      secret:                  secret,
-      fingerprint_keys:        WirecardCheckoutPage::RequestChecksum::FINGERPRINT_KEYS + %w[shopId],
-      customerId:              customer_id,
-      shopId:                  shop_id,
-      "amount"                 => "28.95",
-      "currency"               => "EUR",
-      "paymentType"            => "CCARD",
-      "financialInstitution"   => "MC",
-      "language"               => "de",
-      "orderNumber"            => "7739491",
-      "paymentState"           => "SUCCESS",
-      "utf8"                   => "✓",
-      "authenticity_token"     => "bnz1fHxcCYD9jdPiNIEl7yJExRetWWAOQPopmjYksFc=",
-      "commit"                 => "Bezahlen",
-      "authenticated"          => "No",
-      "anonymousPan"           => "0002",
-      "expiry"                 => "01/2013",
-      "cardholder"             => "Foorian Bar",
-      "maskedPan"              => "950000******0002",
-      "gatewayReferenceNumber" => "DGW_7739491_RN",
-      "gatewayContractNumber"  => "DemoContractNumber123",
-      "responseFingerprintOrder"=>"amount,currency,paymentType,"\
-        "financialInstitution,language,orderNumber,paymentState,utf8,"\
-        "authenticity_token,commit,authenticated,anonymousPan,expiry,"\
-        "cardholder,maskedPan,gatewayReferenceNumber,gatewayContractNumber,"\
-        "secret,responseFingerprintOrder",
-      "responseFingerprint" => "666c9c80495703dabfc08434d2e99af0",
-      "challenge_offer_id"  => "0dd916e49abd1935c2dc084bae2a57b8"
-    }
-    expect(WirecardCheckoutPage::ResponseChecksum.new(response_params)).
-      to_not be_valid
+        params = {
+          secret:                    'SECRET',
+          'amount'                   => '21121221250.00',
+          'currency'                 => 'EUR',
+          'paymentType'              => 'CCARD',
+          'financialInstitution'     => 'Visa',
+          'language'                 => 'de',
+          'orderNumber'              => '8300664',
+          'paymentState'             => 'SUCCESS',
+          'authenticated'            => 'No',
+          'anonymousPan'             => '1122',
+          'expiry'                   => '06/2018',
+          'maskedPan'                => '405911******1122',
+          'gatewayReferenceNumber'   => 'C101361143697423285286',
+          'gatewayContractNumber'    => '000000316159CED9',
+          'responseFingerprintOrder' => fingerprint_order,
+          'responseFingerprint'      => 'd1e7ecba3980ca2da4954b9d154c1e1e',
+        }
+        checksum = described_class.new(params)
+        expect(checksum).to_not be_valid
+      end
+    end
   end
 
-  it "fails check on a response with missing keys" do
-    response_params = {
-      secret:                  secret,
-      fingerprint_keys:        WirecardCheckoutPage::RequestChecksum::FINGERPRINT_KEYS + %w[shopId],
-      customerId:              customer_id,
-      shopId:                  shop_id,
-      "currency"               => "EUR",
-      "paymentType"            => "CCARD",
-      "financialInstitution"   => "MC",
-      "language"               => "de",
-      "orderNumber"            => "7739491",
-      "paymentState"           => "SUCCESS",
-      "utf8"                   => "✓",
-      "authenticity_token"     => "bnz1fHxcCYD9jdPiNIEl7yJExRetWWAOQPopmjYksFc=",
-      "commit"                 => "Bezahlen",
-      "authenticated"          => "No",
-      "anonymousPan"           => "0002",
-      "expiry"                 => "01/2013",
-      "cardholder"             => "Foorian Bar",
-      "maskedPan"              => "950000******0002",
-      "gatewayReferenceNumber" => "DGW_7739491_RN",
-      "gatewayContractNumber"  => "DemoContractNumber123",
-      "responseFingerprintOrder"=>"amount,currency,paymentType,"\
-        "financialInstitution,language,orderNumber,paymentState,utf8,"\
-        "authenticity_token,commit,authenticated,anonymousPan,expiry,"\
-        "cardholder,maskedPan,gatewayReferenceNumber,gatewayContractNumber,"\
-        "secret,responseFingerprintOrder",
-      "responseFingerprint" => "666c9c80495703dabfc08434d2e99af0",
-      "challenge_offer_id"  => "0dd916e49abd1935c2dc084bae2a57b8"
-    }
-    checksum = WirecardCheckoutPage::ResponseChecksum.new(response_params)
-    expect(checksum).to_not be_valid
-    expect(checksum).to be_missing_keys
-    expect(checksum.missing_keys?).to eq %w[amount]
-  end
+  describe '#initialize' do
+    context 'a probably crafted request without the secret key in the responseFingerprintOrder' do
+      let(:fingerprint_order) { 'amount,currency,responseFingerprintOrder' }
+      let(:params) do
+        {
+          'amount'                   => '10.00',
+          'currency'                 => 'EUR',
+          'responseFingerprint'      => Digest::MD5.hexdigest('10.00''EUR'"#{fingerprint_order}"),
+          'responseFingerprintOrder' => fingerprint_order,
+        }
+      end
 
-  it "fails check in an empty response" do
-    expect(WirecardCheckoutPage::ResponseChecksum.new(secret: secret)).to_not be_valid
+      it 'raises InvalidResponseFingerprintOrder' do
+        expect {
+          described_class.new(params)
+        }.to raise_error WirecardCheckoutPage::InvalidResponseFingerPrintOrder
+      end
+    end
   end
 end