workarea-forter 1.2.2

data/app/models/workarea/order/status/suspected_fraud.rb

@@ -0,0 +1,13 @@
+module Workarea
+  class Order
+    module Status
+      class SuspectedFraud
+        include StatusCalculator::Status
+
+        def in_status?
+          !order.placed? && order.flagged_for_fraud? && !order.canceled?
+        end
+      end
+    end
+  end
+end

data/app/models/workarea/order.decorator

@@ -0,0 +1,14 @@
+module Workarea
+  decorate Order, with: :forter do
+    decorated do
+      field :forter_tracking_code, type: String
+    end
+
+    def flagged_for_fraud?
+      decision = Workarea::Forter::Decision.find(id) rescue nil
+      return false unless decision.present? && decision.response.present?
+
+      decision.response.action == 'decline'
+    end
+  end
+end

data/app/models/workarea/payment/saved_credit_card.decorator

@@ -0,0 +1,14 @@
+module Workarea
+  decorate Payment::SavedCreditCard, with: :forter do
+    decorated do
+      field :bin, type: String
+      before_validation :set_bin
+    end
+
+    def set_bin
+      if number.present?
+        self.bin = ActiveMerchant::Billing::CreditCard.first_digits(number)
+      end
+    end
+  end
+end

data/app/models/workarea/payment/status/suspected_fraud.rb

@@ -0,0 +1,13 @@
+module Workarea
+  class Payment
+    module Status
+      class SuspectedFraud
+        include Workarea::StatusCalculator::Status
+
+        def in_status?
+          order.flagged_for_fraud?
+        end
+      end
+    end
+  end
+end

data/app/models/workarea/payment/tender/credit_card.decorator

@@ -0,0 +1,25 @@
+module Workarea
+  decorate Payment::Tender::CreditCard, with: :forter do
+    decorated do
+      field :bin, type: String
+      before_validation :set_bin
+    end
+
+    def set_bin
+      if number.present?
+        self.bin = ActiveMerchant::Billing::CreditCard.first_digits(number)
+      end
+    end
+
+    def set_saved_card_values
+      if saved_card.present?
+        self.display_number = saved_card.display_number
+        self.issuer = saved_card.issuer
+        self.month = saved_card.month
+        self.year = saved_card.year
+        self.token = saved_card.token
+        self.bin = saved_card.bin
+      end
+    end
+  end
+end

data/app/models/workarea/payment.decorator

@@ -0,0 +1,13 @@
+module Workarea
+  decorate Payment, with: :forter do
+    decorated do
+      field :flagged_for_fraud, type: Boolean, default: false
+    end
+
+    def rollback!(options = {})
+      transactions = tenders.flat_map(&:transactions)
+      operation = Workarea::Payment::Operation.new(transactions, options)
+      operation.rollback!
+    end
+  end
+end

data/app/services/workarea/forter/account.rb

@@ -0,0 +1,42 @@
+module Workarea
+  module Forter
+    class Account
+      attr_reader :order, :options
+
+      def initialize(order, options = {})
+        @order = order
+        @options = options
+      end
+
+      # @return Hash
+      def to_h
+        return guest_account unless order.user_id.present?
+
+        user_account
+      end
+
+      private
+
+        def user_account
+          user = Workarea::User.find(order.user_id)
+            {
+              firstName: user.first_name,
+              lastName: user.last_name,
+              email: user.email,
+              accountId: user.id.to_s,
+              created: user.created_at.to_i,
+              lastLoginIP: user.ip_address
+            }
+        end
+
+        def guest_account
+          payment = Workarea::Payment.find(order.id)
+          {
+            firstName: payment.address.first_name,
+            lastName: payment.address.last_name,
+            email: order.email
+          }
+        end
+    end
+  end
+end

data/app/services/workarea/forter/order.rb

@@ -0,0 +1,145 @@
+module Workarea
+  module Forter
+    class Order
+      attr_reader :order, :options
+
+      def initialize(order, options = {})
+        @order = order
+        @options = options
+      end
+
+      # @return Hash
+      def to_h
+        hsh = {
+          orderId: order.id,
+          orderType: 'WEB',
+          timeSentToForter: forter_export_time,
+          checkoutTime: order.placed_at.to_i,
+          primaryRecipient: {
+            personalDetails: {
+              firstName: payment.address.first_name,
+              lastName: payment.address.last_name
+            },
+            address: primary_recipient_address,
+            phone: [
+              {
+                phone: payment.address.phone_number.to_s
+              }
+            ]
+          },
+          totalAmount: {
+            amountUSD: order.total_price.to_s
+          },
+          connectionInformation: {
+            customerIP: order.ip_address,
+            userAgent: order.user_agent,
+            forterTokenCookie: order.forter_tracking_code
+          },
+          primaryDeliveryDetails: {
+            deliveryType: delivery_type,
+            deliveryMethod: delivery_method,
+            deliveryPrice: {
+              amountUSD: order.shipping_total.to_s
+            },
+            carrier: shipping_service_carrier
+          },
+          cartItems: items,
+          payment: forter_payments,
+          accountOwner: forter_account,
+          totalDiscount: forter_discount_codes
+        }
+      end
+
+      private
+
+        def forter_export_time
+          @forter_export_time = Time.new.to_i * 1000
+        end
+
+        def delivery_type
+          return "DIGITAL" if order.items.all? { |oi| oi.digital? }
+          return "HYBRID" if order.items.any? { |oi| oi.digital? }
+          "PHYSICAL"
+        end
+
+        def delivery_method
+          return "EMAIL" if delivery_type == "DIGITAL"
+          shipping_service_name
+        end
+
+        def items
+          order.items.map do |oi|
+            item = Workarea::Storefront::OrderItemViewModel.new(oi)
+            {
+              basicItemData: {
+                name: item.product.name,
+                quantity: item.quantity,
+                type: item.digital? ? "NON_TANGIBLE" : "TANGIBLE",
+                price: { amountUSD: item.total_value.to_s },
+                productId: item.product.id
+              }
+            }
+          end
+        end
+
+        def forter_payments
+          Forter::Payment.new(payment).to_a
+        end
+
+        def forter_account
+          Forter::Account.new(order).to_h
+        end
+
+        def forter_discount_codes
+          return unless order.promo_codes.present?
+
+          # Forter only supports 1 entry in the totalDiscount field.
+          code = order.promo_codes.first
+          {
+            couponCodeUsed: code,
+            discountType: "PROMOCODE"
+          }
+        end
+
+        def payment
+          @payment ||= Workarea::Payment.find(order.id)
+        end
+
+        def shipping
+          @shipping ||= Workarea::Shipping.find_by_order(order.id)
+        end
+
+        def shipping_service
+          return unless shipping.present? && shipping.shipping_service.present?
+          shipping.shipping_service
+        end
+
+        def shipping_service_name
+          return unless shipping_service.present?
+          shipping_service.name
+        end
+
+        def shipping_service_carrier
+          return unless shipping_service.present?
+          shipping_service.carrier
+        end
+
+        def primary_recipient_address
+          address_obj = if shipping.present?
+            shipping.address
+          else
+            payment.address
+          end
+
+          {
+            address1: address_obj.street,
+            city: address_obj.city,
+            country: address_obj.country.alpha2,
+            address2: address_obj.street_2,
+            zip: address_obj.postal_code,
+            region: address_obj.region
+          }
+        end
+    end
+  end
+end

data/app/services/workarea/forter/payment.rb

@@ -0,0 +1,80 @@
+module Workarea
+  module Forter
+    class Payment
+      attr_reader :payment, :options
+
+      def initialize(payment, options = {})
+        @payment = payment
+        @options = options
+      end
+
+      # @return Array
+      def to_a
+        payment.tenders.map do | tender|
+
+          tender_hash = build_tender_details(tender)
+
+          billing_details_hash = {
+            billingDetails: {
+              personalDetails: {
+                firstName: address.first_name,
+                lastName: address.last_name
+              },
+            address: forter_address,
+            phone: [{ phone: address.phone_number.to_s }]
+            },
+            amount: { amountUSD: tender.amount.to_s }
+          }
+
+          tender_hash.merge!(billing_details_hash)
+        end
+      end
+
+      private
+
+        def build_tender_details(tender)
+          case tender.slug
+          when :credit_card
+            Tender::CreditCard.new(tender).to_h
+          when :gift_card
+            Tender::GiftCard.new(tender).to_h
+          when :store_credit
+            Tender::StoreCredit.new(tender).to_h
+          when :paypal
+            Tender::Paypal.new(tender).to_h
+          else
+            Tender::General.new(tender).to_h
+          end
+        end
+
+        def address
+          payment.address
+        end
+
+        def forter_address
+          {
+            address1: address.street,
+            address2: address.street_2,
+            city: address.city,
+            country: address.country.alpha2,
+            zip: address.postal_code,
+            region: address.region
+          }
+        end
+
+        def credit_used
+          tender = payment.tenders.detect { |t| t.slug == :store_credit }
+          return {} unless tender.present?
+          {
+            creditUsed: {
+              amountUSD: tender.amount.to_s
+            }
+          }
+        end
+
+        def cc_month(month)
+          month < 10 ? "0#{month}" : month.to_s
+        end
+    end
+  end
+end

data/app/services/workarea/forter/tender/credit_card.rb

@@ -0,0 +1,73 @@
+module Workarea
+  module Forter
+    module Tender
+      class CreditCard
+        attr_reader :tender, :options
+
+        def initialize(tender, options = {})
+          @tender = tender
+          @options = options
+        end
+
+        # @return Hash
+        def to_h
+          return {} unless tender.present?
+          {
+            creditCard: {
+              bin: tender.bin,
+              lastFourDigits: tender.display_number[-4, 4].to_s,
+              expirationMonth: cc_month(tender.month),
+              expirationYear: tender.year.to_s,
+              cardBrand: tender.issuer,
+              nameOnCard: "#{address.first_name} #{address.last_name}"
+            }.merge!(verification_results)
+          }
+        end
+
+        private
+
+          def address
+            payment.address
+          end
+
+          def cc_month(month)
+            month < 10 ? "0#{month}" : month.to_s
+          end
+
+          def payment
+            @payment ||= tender.payment
+          end
+
+          def transaction
+            @transaction ||= tender.transactions.sort_by { |t| t.created_at.to_i }.last
+          end
+
+          def verification_results
+            return {} unless tender.transactions.present?
+
+            return {} unless transaction.response.avs_result.present?
+            {
+              verificationResults: {
+                avsFullResult: transaction.response.avs_result["code"].to_s,
+                cvvResult: transaction.response.cvv_result["code"].to_s,
+                authorizationCode: transaction.response.authorization.to_s,
+                processorResponseText: transaction.response.message.to_s,
+                processorResponseCode: forter_authorization_code.to_s
+              }
+            }
+
+          rescue => e
+            Forter.log_error(e)
+            {
+              verificationResults: {}
+            }
+          end
+
+          def forter_authorization_code
+            gateway_class = Workarea.config.gateways.credit_card.class.to_s
+            Workarea.config.forter.response_code[gateway_class].call(transaction) rescue nil
+          end
+      end
+    end
+  end
+end

data/app/services/workarea/forter/tender/general.rb

@@ -0,0 +1,29 @@
+module Workarea
+  module Forter
+    module Tender
+      class General
+        attr_reader :tender, :options
+
+        def initialize(tender, options = {})
+          @tender = tender
+          @options = options
+        end
+
+        # @return Hash
+        def to_h
+          {
+            generalPaymentMethod: {
+              name: tender.slug.to_s,
+              payload: transaction.response.params
+            }
+          }
+        end
+
+        private
+          def transaction
+            @transaction ||= tender.transactions.sort_by { |t| t.created_at.to_i }.last
+          end
+      end
+    end
+  end
+end

data/app/services/workarea/forter/tender/gift_card.rb

@@ -0,0 +1,23 @@
+module Workarea
+  module Forter
+    module Tender
+      class GiftCard
+        attr_reader :tender, :options
+
+        def initialize(tender, options = {})
+          @tender = tender
+          @options = options
+        end
+
+        # @return Hash
+        def to_h
+          {
+            creditUsed: {
+              amountUSD: tender.amount.to_s
+            }
+          }
+        end
+      end
+    end
+  end
+end

data/app/services/workarea/forter/tender/paypal.rb

@@ -0,0 +1,38 @@
+module Workarea
+  module Forter
+    module Tender
+      class Paypal
+
+        class PaypalDependencyError < StandardError; end
+        attr_reader :tender, :options
+
+        def initialize(tender, options = {})
+          @tender = tender
+          @options = options
+        end
+
+        # @return Hash
+        def to_h
+          raise PaypalDependencyError.new("Paypal plugin not installed but paypal transaction detected") unless Plugin.installed?("Workarea::Paypal")
+          {
+            paypal: {
+              payerId: tender.payer_id,
+              fullPaypalResponsePayload: transaction.response.params,
+              payerEmail:  tender.details["payer"],
+              paymentStatus: transaction.response.params["payment_status"],
+              paymentMethod:  transaction.response.params["payment_type"],
+              payerAddressStatus: tender.details["address_status"],
+              payerStatus: tender.details["payer_status"]
+            }
+          }
+        end
+
+        private
+
+          def transaction
+            @transaction ||= tender.transactions.detect { |t| t.success? }
+          end
+      end
+    end
+  end
+end

data/app/services/workarea/forter/tender/store_credit.rb

@@ -0,0 +1,23 @@
+module Workarea
+  module Forter
+    module Tender
+      class StoreCredit
+        attr_reader :tender, :options
+
+        def initialize(tender, options = {})
+          @tender = tender
+          @options = options
+        end
+
+        # @return Hash
+        def to_h
+          {
+            creditUsed: {
+              amountUSD: tender.amount.to_s
+            }
+          }
+        end
+      end
+    end
+  end
+end

data/app/view_models/workarea/admin/order_view_model.decorator

@@ -0,0 +1,7 @@
+module Workarea
+  decorate Admin::OrderViewModel, with: :forter do
+    def decision
+      @decision = Workarea::Forter::Decision.find(model.id) rescue nil
+    end
+  end
+end

data/app/views/workarea/admin/orders/_forter.html.haml

@@ -0,0 +1,18 @@
+- if order.decision.present?
+  .grid__cell
+    .card{ class: card_classes(:forter, local_assigns[:active]) }
+      = link_to forter_order_path(order), class: 'card__header' do
+        %span.card__header-text= t('workarea.admin.orders.cards.forter.title')
+        = inline_svg 'workarea/admin/icons/link.svg', class: 'card__icon'
+
+      - if local_assigns[:active].blank?
+        .card__body
+          %ul.list-reset
+            %li
+              %strong= t('workarea.admin.orders.cards.forter.decision')
+              = order.decision.response&.action
+
+            - if order.decision.response&.reason_code.present?
+              %li
+                %strong= t('workarea.admin.orders.cards.forter.reason_code')
+                = order.decision.response.reason_code

data/app/views/workarea/admin/orders/forter.html.haml

@@ -0,0 +1,57 @@
+- @page_title = t('workarea.admin.orders.forter.page_title', id: @order.id)
+
+.view
+  .view__header
+    .grid.grid--middle.grid--right
+      .grid__cell.grid__cell--50
+        .view__heading
+          = link_to_index_for(@order)
+          %h1= link_to @order.name, url_for(@order)
+      .grid__cell.grid__cell--25
+        = render_aux_navigation_for(@order)
+
+  .view__container
+    = render_cards_for(@order, :forter)
+
+  .view__container.view__container--narrow
+    .grid
+      .grid__cell.grid__cell--50
+        %h2= t('workarea.admin.orders.forter.title')
+        %ul.list-reset
+
+        %li
+          %strong= t('workarea.admin.orders.forter.status')
+          = @order.decision.external_order_status
+        %li
+          %br
+          %strong= link_to t('workarea.admin.orders.forter.console'), "https://portal.forter.com/dashboard/#{@order.id}"
+
+      .grid__cell.grid__cell--50
+        %h2= t('workarea.admin.orders.forter.details_heading')
+
+        %p= t('workarea.admin.orders.forter.details_description')
+
+        %table
+          %thead
+            %tr
+              %th= t('workarea.admin.orders.forter.details.action')
+              %th= t('workarea.admin.orders.forter.details.message')
+              %th= t('workarea.admin.orders.forter.details.reason_code')
+              %th= t('workarea.admin.orders.forter.details.decision_error')
+              %th= t('workarea.admin.orders.forter.error')
+
+          %tbody
+            - @order.decision.responses.each do |response|
+              %tr
+                %td= response.fraud_decision_action
+                %td= response.decision_response&.body_message
+                %td= response.decision_response&.reason_code
+                %td
+                  -if response.decision_response&.errors.present?
+                    - response.decision_response.errors.each do |e|
+                      %li= e["message"]
+                %td= response.error
+
+
+
+

data/app/views/workarea/storefront/_forter_tracking.html.haml

@@ -0,0 +1,4 @@
+- if Workarea::Forter.site_id.present?
+  %script{type: "text/javascript", id: Workarea::Forter.site_id }
+    (function () {var siteId = "#{Workarea::Forter.site_id}";function t(t,e){for(var n=t.split(""),r=0;r<n.length;++r)n[r]=String.fromCharCode(n[r].charCodeAt(0)+e);return n.join("")}function e(e){return t(e,-l).replace(/%SN%/g,siteId)}function n(t){try{S.ex=t,g(S)}catch(e){}}function r(t,e,n){var r=document.createElement("script");r.onerror=n,r.onload=e,r.type="text/javascript",r.id="ftr__script",r.async=!0,r.src="https://"+t;var o=document.getElementsByTagName("script")[0];o.parentNode.insertBefore(r,o)}function o(){k(T.uAL),setTimeout(i,v,T.uAL)}function i(t){try{var e=t===T.uDF?h:m;r(e,function(){try{U(),n(t+T.uS)}catch(e){}},function(){try{U(),S.td=1*new Date-S.ts,n(t+T.uF),t===T.uDF&&o()}catch(e){n(T.eUoe)}})}catch(i){n(t+T.eTlu)}}var a={write:function(t,e,n,r){void 0===r&&(r=!0);var o,i;if(n?(o=new Date,o.setTime(o.getTime()+24*n*60*60*1e3),i="; expires="+o.toGMTString()):i="",!r)return void(document.cookie=escape(t)+"="+escape(e)+i+"; path=/");var a,c,u;if(u=location.host,1===u.split(".").length)document.cookie=escape(t)+"="+escape(e)+i+"; path=/";else{c=u.split("."),c.shift(),a="."+c.join("."),document.cookie=escape(t)+"="+escape(e)+i+"; path=/; domain="+a;var s=this.read(t);null!=s&&s==e||(a="."+u,document.cookie=escape(t)+"="+escape(e)+i+"; path=/; domain="+a)}},read:function(t){for(var e=escape(t)+"=",n=document.cookie.split(";"),r=0;r<n.length;r++){for(var o=n[r];" "==o.charAt(0);)o=o.substring(1,o.length);if(0===o.indexOf(e))return unescape(o.substring(e.length,o.length))}return null}},c="fort",u="erTo",s="ken",d=c+u+s,f="9";f+="ck";var l=3,h=e("(VQ(1fgq71iruwhu1frp2vq2(VQ(2vfulsw1mv"),m=e("g68x4yj4t5;e6z1forxgiurqw1qhw2vq2(VQ(2vfulsw1mv"),v=10;window.ftr__startScriptLoad=1*new Date;var g=function(t){var e=function(t){return t||""},n=e(t.id)+"_"+e(t.ts)+"_"+e(t.td)+"_"+e(t.ex)+"_"+e(f);a.write(d,n,1825,!0)},p=function(){var t=a.read(d)||"",e=t.split("_"),n=function(t){return e[t]||void 0};return{id:n(0),ts:n(1),td:n(2),ex:n(3),vr:n(4)}},w=function(){for(var t={},e="fgu",n=[],r=0;r<256;r++)n[r]=(r<16?"0":"")+r.toString(16);var o=function(t,e,r,o,i){var a=i?"-":"";return n[255&t]+n[t>>8&255]+n[t>>16&255]+n[t>>24&255]+a+n[255&e]+n[e>>8&255]+a+n[e>>16&15|64]+n[e>>24&255]+a+n[63&r|128]+n[r>>8&255]+a+n[r>>16&255]+n[r>>24&255]+n[255&o]+n[o>>8&255]+n[o>>16&255]+n[o>>24&255]},i=function(){if(window.Uint32Array&&window.crypto&&window.crypto.getRandomValues){var t=new window.Uint32Array(4);return window.crypto.getRandomValues(t),{d0:t[0],d1:t[1],d2:t[2],d3:t[3]}}return{d0:4294967296*Math.random()>>>0,d1:4294967296*Math.random()>>>0,d2:4294967296*Math.random()>>>0,d3:4294967296*Math.random()>>>0}},a=function(){var t="",e=function(t,e){for(var n="",r=t;r>0;--r)n+=e.charAt(1e3*Math.random()%e.length);return n};return t+=e(2,"0123456789"),t+=e(1,"123456789"),t+=e(8,"0123456789")};return t.safeGenerateNoDash=function(){try{var t=i();return o(t.d0,t.d1,t.d2,t.d3,!1)}catch(n){try{return e+a()}catch(n){}}},t.isValidNumericalToken=function(t){return t&&t.toString().length<=11&&t.length>=9&&parseInt(t,10).toString().length<=11&&parseInt(t,10).toString().length>=9},t.isValidUUIDToken=function(t){return t&&32===t.toString().length&&/^[a-z0-9]+$/.test(t)},t.isValidFGUToken=function(t){return 0==t.indexOf(e)&&t.length>=12},t}(),T={uDF:"UDF",uAL:"UAL",mLd:"1",eTlu:"2",eUoe:"3",uS:"4",uF:"9",tmos:["T5","T10","T15","T30","T60"],tmosSecs:[5,10,15,30,60],bIR:"43"},y=function(t,e){for(var n=T.tmos,r=0;r<n.length;r++)if(t+n[r]===e)return!0;return!1};try{var S=p();try{S.id&&(w.isValidNumericalToken(S.id)||w.isValidUUIDToken(S.id)||w.isValidFGUToken(S.id))||(S.id=w.safeGenerateNoDash()),S.ts=window.ftr__startScriptLoad,g(S);var D=new Array(T.tmosSecs.length),k=function(t){for(var e=0;e<T.tmosSecs.length;e++)D[e]=setTimeout(n,1e3*T.tmosSecs[e],t+T.tmos[e])},U=function(){for(var t=0;t<T.tmosSecs.length;t++)clearTimeout(D[t])};y(T.uDF,S.ex)?o():(k(T.uDF),setTimeout(i,v,T.uDF))}catch(F){n(T.mLd)}}catch(F){}})()
+

data/app/workers/forter/update_status.rb

@@ -0,0 +1,21 @@
+module Workarea
+  module Forter
+    class UpdateStatus
+      include Sidekiq::Worker
+
+      def perform(id, status_hash)
+        decision = Workarea::Forter::Decision.find(id) rescue nil
+
+        if decision.blank?
+          Rails.logger.warn "No decision record found for #{id} during update status"
+          return false
+        end
+
+        Workarea::Forter.gateway.update_order_status(id, status_hash)
+
+        decision.external_order_status = status_hash[:updatedStatus]
+        decision.save!
+      end
+    end
+  end
+end