workarea-forter 1.2.2

data/app/workers/workarea/save_user_order_details.decorator

@@ -0,0 +1,34 @@
+module Workarea
+  decorate SaveUserOrderDetails, with: :forter do
+    def save_payment_details(order, user)
+      payment = Payment.find_or_initialize_by(id: order.id)
+      payment_profile = Payment::Profile.lookup(PaymentReference.new(user))
+      billing_address = extract_address_attributes(payment.address)
+
+      if billing_address.present?
+        user.auto_save_billing_address(billing_address)
+
+        if user.public_info.blank?
+          user.update_attributes!(
+            first_name: billing_address[:first_name],
+            last_name: billing_address[:last_name]
+          )
+        end
+      end
+
+      if payment.credit_card? && !payment.credit_card.saved?
+        payment_profile.credit_cards.create(
+          first_name: payment.credit_card.first_name,
+          last_name: payment.credit_card.last_name,
+          display_number: payment.credit_card.display_number,
+          issuer: payment.credit_card.issuer,
+          month: payment.credit_card.month,
+          year: payment.credit_card.year,
+          token: payment.credit_card.token,
+          default: payment_profile.credit_cards.none?,
+          bin: payment.credit_card.bin
+        )
+      end
+    end
+  end
+end

data/bin/rails

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails gems
+# installed from the root of your application.
+
+ENGINE_ROOT = File.expand_path('../..', __FILE__)
+ENGINE_PATH = File.expand_path('../../lib/workarea/forter/engine', __FILE__)
+APP_PATH = File.expand_path('../../test/dummy/config/application', __FILE__)
+
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+
+require "action_controller/railtie"
+require "action_view/railtie"
+require "action_mailer/railtie"
+require "rails/test_unit/railtie"
+require "sprockets/railtie"
+require 'teaspoon-mocha'
+
+require 'rails/engine/commands'

data/config/initializers/appends.rb

@@ -0,0 +1,9 @@
+Workarea.append_partials(
+  'storefront.javascript',
+  'workarea/storefront/forter_tracking'
+)
+
+Workarea.append_partials(
+  'admin.order_cards',
+  'workarea/admin/orders/forter'
+)

data/config/initializers/workarea.rb

@@ -0,0 +1,22 @@
+Workarea.configure do |config|
+  config.order_status_calculators.insert(0, 'Workarea::Order::Status::SuspectedFraud')
+  config.payment_status_calculators.insert(0, 'Workarea::Payment::Status::SuspectedFraud')
+
+  config.forter = ActiveSupport::Configurable::Configuration.new
+  config.forter.site_id = nil
+
+  config.forter.api_version = "2.2"
+
+  config.forter.api_timeout = 2
+  config.forter.open_timeout = 2
+
+  config.forter.response_code = {
+    'ActiveMerchant::Billing::StripeGateway' => -> (transaction) { transaction.params['failure_code'] },
+    'ActiveMerchant::Billing::BraintreeBlueGateway' => -> (transaction) { transaction.response.params["braintree_transaction"]["processor_response_code"] },
+    'ActiveMerchant::Billing::MonerisGateway' => -> (transaction) { transaction.response.params["response_code"] },
+    'ActiveMerchant::Billing::AuthorizeNetCimGateway' => -> (transaction) { transaction.response.params["direct_response"]["response_code"] },
+    'ActiveMerchant::Billing::PayflowGateway' => -> (transaction) { transaction.response.params["result"] },
+    'ActiveMerchant::Billing::CyberSourceGateway' => -> (transaction) { transaction.response.params["reasonCode"] },
+    'ActiveMerchant::Billing::CheckoutV2Gateway' => -> (transaction) { transaction.response.params["responseCode"] || transaction.response.params["response_code"]  }
+  }
+end

data/config/locales/en.yml

@@ -0,0 +1,26 @@
+en:
+  workarea:
+    admin:
+      orders:
+        forter:
+          page_title: "%{id} Forter Fraud Decision"
+          title: Fraud Decision
+          review_reason: Decision Action
+          reason_code: Reason
+          status: Forter Order Status
+          console: View in Forter Admin
+          details_heading: Details
+          details_description: A list of decision responses returned from Forter
+          decision_error: No decision made, check response
+          error: Error
+          details:
+            action: Action
+            message: Message
+            reason_code: Reason Code
+            errors: Errors
+        cards:
+          forter:
+            title: 'Fraud Decision:'
+            decision: 'Decision Action:'
+            reason_code: 'Reason:'
+            status: 'Forter Order Status:'

data/config/routes.rb

@@ -0,0 +1,7 @@
+Workarea::Admin::Engine.routes.draw do
+  resources :orders, only: [] do
+    member do
+      get :forter
+    end
+  end
+end

data/lib/workarea/forter/bogus_gateway.rb

@@ -0,0 +1,62 @@
+module Workarea
+  module Forter
+    class BogusGateway
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def create_decision(order_id, hsh = {})
+        response_json = if hsh[:accountOwner][:email] == "decline@workarea.com"
+          response_body(order_id, "decline")
+        elsif hsh[:accountOwner][:email] == "notreviewed@workarea.com"
+          response_body(order_id, "not reviewed")
+        elsif hsh[:accountOwner][:email] == "error@workarea.com"
+          error_body(order_id)
+        else
+          response_body(order_id, "approve")
+        end
+
+        response = Faraday.new do |builder|
+          builder.adapter :test do |stub|
+            stub.get('/rest/bogus.json') { |env| [ 200, {}, response_json ] }
+          end
+        end
+        response.get('/rest/bogus.json')
+      end
+
+      def method_missing(method, *args)
+        generic_response
+      end
+
+      private
+
+        def generic_response
+          response = Faraday.new do |builder|
+            builder.adapter :test do |stub|
+              stub.get('/rest/bogus.json') { |env| [ 200, {}, nil ] }
+            end
+          end
+          response.get('/rest/bogus.json')
+        end
+
+        def response_body(id, action)
+          {
+            status: "success",
+            transaction: "#{id}",
+            action: "#{action}",
+            message: "Transaction #{id}"
+          }.to_json
+        end
+
+        def error_body(id)
+          {
+            status: "failure",
+            action: "",
+            errors: [{ "path" => "#/payment/", "message" => "Forced Gateway Error" }]
+          }.to_json
+        end
+    end
+  end
+end

data/lib/workarea/forter/decision_response.rb

@@ -0,0 +1,60 @@
+module Workarea
+  module Forter
+    class DecisionResponse
+      def initialize(body)
+        @body = body
+      end
+
+      def success?
+        @body["status"] == "success"
+      end
+
+      def suspected_fraud?
+        @body["action"] == "decline"
+      end
+
+      def action
+        @body["action"]
+      end
+
+      def body_message
+        @body["message"]
+      end
+
+      def reason_code
+        @body["reasonCode"]
+      end
+
+      def errors
+        @body["errors"]
+      end
+
+      def status
+        @body["status"]
+      end
+
+      def mongoize
+        @body
+      end
+
+      class << self
+        def demongoize(object)
+          return nil if object.blank?
+
+          DecisionResponse.new(object)
+        end
+
+        def mongoize(object)
+          case object
+          when DecisionResponse then object.mongoize
+          else object
+          end
+        end
+
+        def evolve(object)
+          raise 'querying on an Workarea::Forter::DecisionResponse is unsupported at this time'
+        end
+      end
+    end
+  end
+end

data/lib/workarea/forter/engine.rb

@@ -0,0 +1,8 @@
+module Workarea
+  module Forter
+    class Engine < ::Rails::Engine
+      include Workarea::Plugin
+      isolate_namespace Workarea::Forter
+    end
+  end
+end

data/lib/workarea/forter/gateway.rb

@@ -0,0 +1,66 @@
+module Workarea
+  module Forter
+    class Gateway
+
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def create_decision(order_id, order_details)
+        body = order_details.to_json
+
+        connection.post do |req|
+          req.url "v2/orders/#{order_id}", {}
+          req.body = body
+        end
+      end
+
+      def update_order_status(order_id, order_details)
+        body = order_details.to_json
+
+        connection.put do |req|
+          req.url "v2/status/#{order_id}", {}
+          req.body = body
+        end
+      end
+
+      private
+
+        def rest_endpoint
+          "https://api.forter-secure.com"
+        end
+
+        def connection
+          headers = {
+            "Content-Type" => "application/json",
+            "x-forter-siteid" => site_id,
+            "api-version" => api_version
+          }
+
+          request_timeouts = {
+            timeout: Workarea.config.forter[:api_timeout],
+            open_timeout: Workarea.config.forter[:open_timeout]
+          }
+
+          conn = Faraday.new(url: rest_endpoint, headers: headers, request: request_timeouts)
+          conn.basic_auth(secret_key, nil)
+
+          conn
+        end
+
+        def api_version
+          options[:api_version] || "2.2"
+        end
+
+        def secret_key
+          options[:secret_key]
+        end
+
+        def site_id
+          options[:site_id]
+        end
+    end
+  end
+end

data/lib/workarea/forter/version.rb

@@ -0,0 +1,5 @@
+module Workarea
+  module Forter
+    VERSION = "1.2.2"
+  end
+end

data/lib/workarea/forter.rb

@@ -0,0 +1,50 @@
+require 'workarea'
+require 'workarea/storefront'
+require 'workarea/admin'
+
+require 'workarea/forter/gateway'
+require 'workarea/forter/bogus_gateway'
+require 'workarea/forter/decision_response'
+
+require 'workarea/forter/engine'
+require 'workarea/forter/version'
+
+module Workarea
+  module Forter
+    def self.credentials
+      (Rails.application.secrets.forter || {}).deep_symbolize_keys
+    end
+
+    def self.secret_key
+      credentials[:secret_key]
+    end
+
+    def self.config
+      Workarea.config.forter
+    end
+
+    def self.site_id
+      config.site_id
+    end
+
+    def self.api_version
+      config.api_version
+    end
+
+    def self.gateway
+      if credentials.present?
+        Forter::Gateway.new(site_id: site_id, secret_key: secret_key, api_version: api_version)
+      else
+        Forter::BogusGateway.new
+      end
+    end
+
+    def self.log_error(error)
+      if defined?(::Raven)
+        Raven.capture_exception error
+      else
+        Rails.logger.warn error
+      end
+    end
+  end
+end

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require_relative 'config/application'
+
+Rails.application.load_tasks

data/test/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/test/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../config/application', __dir__)
+require_relative '../config/boot'
+require 'rails/commands'

data/test/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/test/dummy/bin/setup

@@ -0,0 +1,30 @@
+#!/usr/bin/env ruby
+require 'pathname'
+require 'fileutils'
+include FileUtils
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
+
+def system!(*args)
+  system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+chdir APP_ROOT do
+  # This script is a starting point to setup your application.
+  # Add necessary setup steps to this file.
+
+  puts '== Installing dependencies =='
+  system! 'gem install bundler --conservative'
+  system('bundle check') || system!('bundle install')
+
+  # Install JavaScript dependencies if using Yarn
+  # system('bin/yarn')
+
+
+  puts "\n== Removing old logs and tempfiles =="
+  system! 'bin/rails log:clear tmp:clear'
+
+  puts "\n== Restarting application server =="
+  system! 'bin/rails restart'
+end

data/test/dummy/bin/update

@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+require 'pathname'
+require 'fileutils'
+include FileUtils
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
+
+def system!(*args)
+  system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+chdir APP_ROOT do
+  # This script is a way to update your development environment automatically.
+  # Add necessary update steps to this file.
+
+  puts '== Installing dependencies =='
+  system! 'gem install bundler --conservative'
+  system('bundle check') || system!('bundle install')
+
+  puts "\n== Removing old logs and tempfiles =="
+  system! 'bin/rails log:clear tmp:clear'
+
+  puts "\n== Restarting application server =="
+  system! 'bin/rails restart'
+end

data/test/dummy/bin/yarn

@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+VENDOR_PATH = File.expand_path('..', __dir__)
+Dir.chdir(VENDOR_PATH) do
+  begin
+    exec "yarnpkg #{ARGV.join(" ")}"
+  rescue Errno::ENOENT
+    $stderr.puts "Yarn executable was not detected in the system."
+    $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
+    exit 1
+  end
+end

data/test/dummy/config/application.rb

@@ -0,0 +1,30 @@
+require_relative 'boot'
+
+# Pick the frameworks you want:
+# require "active_record/railtie"
+require "action_controller/railtie"
+require "action_view/railtie"
+require "action_mailer/railtie"
+require "active_job/railtie"
+# require "action_cable/engine"
+require "rails/test_unit/railtie"
+require "sprockets/railtie"
+
+# Workarea must be required before other gems to ensure control over Rails.env
+# for running tests
+require 'workarea/core'
+require 'workarea/admin'
+require 'workarea/storefront'
+Bundler.require(*Rails.groups)
+require "workarea/forter"
+
+module Dummy
+  class Application < Rails::Application
+    # Initialize configuration defaults for originally generated Rails version.
+    config.load_defaults 5.1
+
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+  end
+end

data/test/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../Gemfile', __dir__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)

data/test/dummy/config/cable.yml

@@ -0,0 +1,10 @@
+development:
+  adapter: async
+
+test:
+  adapter: async
+
+production:
+  adapter: redis
+  url: redis://localhost:6379/1
+  channel_prefix: dummy_production

data/test/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require_relative 'application'
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/test/dummy/config/environments/development.rb

@@ -0,0 +1,51 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  if Rails.root.join('tmp/caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => "public, max-age=#{2.days.seconds.to_i}"
+    }
+  else
+    config.action_controller.perform_caching = false
+
+    config.cache_store = :null_store
+  end
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  config.action_mailer.perform_caching = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Suppress logger output for asset requests.
+  config.assets.quiet = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem.
+  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+end

data/test/dummy/config/environments/production.rb

@@ -0,0 +1,88 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Attempt to read encrypted secrets from `config/secrets.yml.enc`.
+  # Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or
+  # `config/secrets.yml.key`.
+  config.read_encrypted_secrets = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
+
+  # Mount Action Cable outside main process or domain
+  # config.action_cable.mount_path = nil
+  # config.action_cable.url = 'wss://example.com/cable'
+  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :debug
+
+  # Prepend all log lines with the following tags.
+  config.log_tags = [ :request_id ]
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Use a real queuing backend for Active Job (and separate queues per environment)
+  # config.active_job.queue_adapter     = :resque
+  # config.active_job.queue_name_prefix = "dummy_#{Rails.env}"
+  config.action_mailer.perform_caching = false
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Use a different logger for distributed setups.
+  # require 'syslog/logger'
+  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
+
+  if ENV["RAILS_LOG_TO_STDOUT"].present?
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger    = ActiveSupport::TaggedLogging.new(logger)
+  end
+end