xpay 0.0.5

data/.gitignore

@@ -0,0 +1,12 @@
+*.sw?
+.DS_Store
+coverage
+rdoc
+pkg
+*~
+*.gem
+tmp
+log
+.yardoc
+doc
+.idea

data/Gemfile

@@ -0,0 +1,4 @@
+source :gemcutter
+
+# Specify your gem's dependencies in efcm.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,35 @@
+PATH
+  remote: .
+  specs:
+    xpay (0.0.1)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    diff-lcs (1.1.2)
+    log_buddy (0.5.0)
+    mocha (0.9.8)
+      rake
+    rake (0.8.7)
+    rspec (2.0.0)
+      rspec-core (= 2.0.0)
+      rspec-expectations (= 2.0.0)
+      rspec-mocks (= 2.0.0)
+    rspec-core (2.0.0)
+    rspec-expectations (2.0.0)
+      diff-lcs (>= 1.1.2)
+    rspec-mocks (2.0.0)
+      rspec-core (= 2.0.0)
+      rspec-expectations (= 2.0.0)
+    shoulda (2.11.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (>= 1.0.0)
+  log_buddy
+  mocha
+  rspec (>= 2.0.0)
+  shoulda
+  xpay!

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2010 Volker Pacher
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,109 @@
+= Xpay
+
+An abstaction layer on top Xpay from SecureTrading.com
+http://www.securetrading.com/support/xpay.html for futher details, in depth specifications and installation guides of the xpay java applet
+
+== Install
+ * install the xpay java applet and configure it according to the installation guidelines from SecureTrading
+   (http://www.securetrading.com/download/DOC_COM_ST-XPAY4-USER-GUIDE.pdf)
+ * start the applet then install the gem:
+
+ $ gem install xpay
+
+ * configure by either creating a yaml file at config/xpay.yml or call Xpay.set_config with a hash
+ * the following options can be set:
+    - merchant_name
+    - version
+    - alias
+    - site_reference
+    - port
+    - callback_url
+
+== Usage
+ === An example of a 3D-Secure Transaction
+
+     -first: create the class instance for CreditCard, Customer and Operatioon
+
+        CreditCard:
+        cc = Xpay::CreditCard.new(:card_type => "Visa",
+                                  :number => "4111111111111160",
+                                  :security_code => "123",
+                                   :valid_until => "11/11")
+
+        Customer:
+        cus = Xpay::Customer.new(:fullname => "Fred Bloggs")
+
+        Operation:
+        ops = Xpay::Operation.new(:currency => "GBP", :amount => 1999)
+
+        Create payment instance
+        p = Xpay::Payment.new({:creditcard => cc, :customer => cus, :operation => ops)
+
+        Make payment
+        rt = p.make_payment
+
+     -second: depending on the return value rt:
+
+        rt==0 An error occured during processing
+        Check p.response_block[:error_code] for further details
+
+        rt==1 Settlement request approve, check p.response_block for all the details
+        rt==2 Settlement request declined, check p.response_block for all the details
+
+        rt==-1 A redirection to an 3D-Secure server is necessary.
+        All necessary information is contained in p.three_secure
+        It has the following keys:
+            :md     a unique reference generated according to the 3D Secure specification
+                    (currently up to 1024 bytes in base64 format).
+                    it is passed as parameter in the callback from the 3D-Secure server
+                    and you will need to store it to find the transaction on callback
+
+            :pareq  The pareq contains purchase transaction details upon which ACS authentication decisions are based.
+                    If you are making your own customised redirect page instead of using the <Html> provided then this
+                    field MUST be included in that html, as a hidden field. The length of the PaReq is not explicitly
+                    defined by the 3-D Secure specification. We recommend allowing at least 4096 bytes
+                    for this field in any variables/storage systems.
+
+            :termurl Your own callback url. If you are making your own customised redirect page
+                     instead of using the <Html> provided then this field MUST be included in that html as a hidden field.
+
+            :acsurl  This is the url of the ACS it should be used as the location of the redirect if you use your own form/redirect
+
+            :html   This value contains the complete html code if you don't want to use your own form.
+                    This can be achieved by sending your normal server headers to the client immediately followed by the contents of the <Html> tag.
+
+            :request_xml This is a complete xml document as string that you need to pass to a new payment instance after the callback.
+                         You need to store this field for the callback.
+
+     -third: after the callback from the 3D Secure Server:
+
+         make sure that protect_from_forgery is switched off for this controller method as it is not transmitted by the callback
+         you will have to paramaters in the params hash
+         params[:MD] and params[:PaRes]
+
+         Use params[:md] to find your stored transaction:
+
+         create a new class instance with the request_xml stored in the transaction and params[:PaRes] from the callback
+
+          p = Xpay::Payment.new({:xml => request_xml, :pares => params[:PaRes])
+
+         make the payment
+
+          rt = p.make_payment
+
+         The possible values of rt are as above.
+
+ === more examples to follow
+
+
+== Copyright
+
+See LICENSE for details.
+
+== Note on Patches/Pull Requests
+
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a future version unintentionally.
+* Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself in another branch so I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.

data/Rakefile

@@ -0,0 +1,52 @@
+require 'rubygems'
+require 'rake'
+require 'rake/testtask'
+require 'bundler'
+
+require File.expand_path('../lib/xpay/version', __FILE__)
+
+
+namespace :test do
+  Rake::TestTask.new(:all) do |test|
+    test.libs << 'lib' << 'test'
+    test.ruby_opts << '-rubygems'
+    test.pattern   = 'test/**/*_test.rb'
+    test.verbose = true
+  end
+  Rake::TestTask.new(:unit) do |test|
+    test.libs << 'lib' << 'test'
+    test.ruby_opts << '-rubygems'
+    test.pattern   = 'test/xpay/**/*_test.rb'
+    test.verbose = true
+  end
+  Rake::TestTask.new(:functional) do |test|
+    test.libs << 'lib' << 'test'
+    test.ruby_opts << '-rubygems'
+    test.pattern   = 'test/functional/*_test.rb'
+    test.verbose = true
+  end
+end
+task :default => :test
+
+desc 'Builds the gem'
+task :build do
+  sh "gem build xpay.gemspec"
+end
+
+desc 'Builds and installs the gem'
+task :install => :build do
+  sh "gem install ./pkg/xpay-#{Xpay::Version}"
+end
+
+desc 'Tags version, pushes to remote, and pushes gem'
+task :release => :build do
+  sh "git tag v#{Xpay::Version}"
+  sh "git push origin master"
+  sh "git push origin v#{Xpay::Version}"
+  sh "gem push ./pkg/xpay-#{Xpay::Version}.gem"
+end
+desc "Open an irb session preloaded with this library"
+task :console do
+  sh "irb -rubygems -I lib -r xpay.rb"
+end
+Bundler::GemHelper.install_tasks

data/UPGRADES

@@ -0,0 +1,9 @@
+0.0.1 => 0.0.2
+  * established basic structure of the gem, wrote most test and added first functional tests, added fixtures
+
+0.0.2 => 0.0.3
+  * finished all methods necessary to make a succesful transaction
+  * wrote basic documentation for usage
+
+0.0.3 => 0.0.4
+  * bug fixed that prevents loading of MerchantName from config and create root xml

data/lib/xpay.rb

@@ -0,0 +1,109 @@
+require 'rexml/document'
+require 'rexml/xmldecl'
+require 'ostruct'
+require 'erb'
+require 'xpay/transaction'
+
+module Xpay
+  # These are the default settings. You can change them by placing YAML file into config/xpay.yml with settings for each environment.
+  # Alternatively you can change the settings by calling the config setter for each attribute for example:
+  # Xpay.config.alias = "your_new_alias"
+  # Another option is to call Xpay.set_config with a hash containing the attributes you want to change
+  #
+  # merchant_name:  CompanyName
+  # version:        3.51              'this is the only supported version at the moment and has to be 3.51, as String'
+  # alias:          site12345
+  # site_reference: site12345
+  # port:           5000               'this needs to be an Integer'
+  # default_query:  ST3DCARDQUERY      'defaults to 3D Card query if not otherwise specified'
+  # settlement_day: 1                  'this needs to be a String'
+  # default_currency: GBP
+
+  autoload :Payment, 'xpay/payment'
+  autoload :CreditCard, 'xpay/core/creditcard'
+  autoload :Customer, 'xpay/core/customer'
+  autoload :Operation, 'xpay/core/operation'
+
+  @xpay_config = OpenStruct.new({
+                                        "merchant_name" => "CompanyName",
+                                        "version" => "3.51",
+                                        "alias" => "site12345",
+                                        "site_reference" => "site12345",
+                                        "port" => 5000,
+                                        "callback_url" => "http://localhost/gateway_callback",
+                                        "default_query" => "ST3DCARDQUERY",
+                                        "settlement_day" => "1",
+                                        "default_currency" => "GBP"
+                                })
+  class XpayError < StandardError
+    attr_reader :data
+
+    def initialize(data)
+      @data = data
+      super
+    end
+  end
+
+  class PaResMissing      < XpayError; end
+  class General           < XpayError; end
+
+  class << self
+    attr_accessor :app_root, :environment
+
+    def load_config(app_root = Dir.pwd)
+      self.app_root = (RAILS_ROOT if defined?(RAILS_ROOT)) || app_root
+      self.environment = (RAILS_ENV if defined?(RAILS_ENV)) || "development"
+      parse_config
+      return true
+    end
+
+
+    def root_xml
+      @request_xml ||= create_root_xml
+    end
+
+    def root_to_s
+      self.root_xml.to_s
+    end
+
+
+    def config
+      @xpay_config
+    end
+
+    def set_config(conf)
+      conf.each do |key, value|
+        @xpay_config.send("#{key}=", value) if @xpay_config.respond_to? key
+      end
+      return true
+    end
+
+    private
+    def parse_config
+      path = "#{app_root}/config/xpay.yml"
+      return unless File.exists?(path)
+      conf = YAML::load(ERB.new(IO.read(path)).result)[environment]
+      self.set_config(conf)
+    end
+
+    def create_root_xml
+      r = REXML::Document.new
+      r << REXML::XMLDecl.new("1.0", "iso-8859-1")
+      rb = r.add_element "RequestBlock", {"Version" => config.version}
+      request = rb.add_element "Request", {"Type" => config.default_query}
+      operation = request.add_element "Operation"
+      site_ref = operation.add_element "SiteReference"
+      site_ref.text = config.site_reference
+      if config.default_query == "ST3DCARDQUERY"
+        mn = operation.add_element "MerchantName"
+        mn.text = config.merchant_name
+        tu = operation.add_element "TermUrl"
+        tu.text = config.callback_url
+      end
+      cer = rb.add_element "Certificate"
+      cer.text = config.alias
+      return r
+    end
+
+  end
+end

data/lib/xpay/core/creditcard.rb

@@ -0,0 +1,49 @@
+module Xpay
+  class CreditCard
+    attr_accessor :card_type, :valid_until, :valid_from, :issue, :parent_transaction_ref, :transaction_verifier
+    attr_writer :security_code
+    def initialize(options={})
+      if !options.nil? && options.is_a?(Hash)
+        options.each do |key, value|
+          self.send("#{key.to_s}=", value) if self.respond_to? key.to_s
+        end
+      end
+    end
+
+    def number
+      @number.sub(/^([0-9]+)([0-9]{4})$/) { 'x' * $1.length + $2 }
+    end
+
+    def number=(new_val)
+      @number = new_val.to_s.gsub(/[^0-9]/, "")
+    end
+
+    def security_code=(new_val)
+      @security_code = new_val.to_s
+    end
+
+    def add_to_xml(doc)
+      op = REXML::XPath.first(doc, "//Request")
+      op.delete_element "PaymentMethod"
+      pa = op.add_element "PaymentMethod"
+      cc = pa.add_element("CreditCard")
+      cc.add_element("Type").add_text(self.card_type) if self.card_type
+      cc.add_element("Number").add_text(self.number_internal) if self.number_internal
+      cc.add_element("StartDate").add_text(self.valid_from) if self.valid_from
+      cc.add_element("ExpiryDate").add_text(self.valid_until) if self.valid_until
+      cc.add_element("ParentTransactionReference").add_text(self.parent_transaction_ref) if self.parent_transaction_ref
+      cc.add_element("TransactionVerifier").add_text(self.transaction_verifier) if self.transaction_verifier
+      cc.add_element("SecurityCode").add_text(self.security_code) if self.security_code
+      cc.add_element("Issue").add_text(self.issue) if self.issue
+    end
+
+    protected
+    def number_internal
+      @number
+    end
+
+    def security_code
+      @security_code
+    end
+  end
+end

data/lib/xpay/core/customer.rb

@@ -0,0 +1,47 @@
+module Xpay
+
+  # The customer is not required for a transaction except for 3D secure transactions in which case
+  # http_accept and user_agent are required for ST3DCARDQUERY
+  #
+  # All other fields are optional and also depend on your security policy with SecureTrading
+  #
+  # A further note:
+  # fullname and firstname + lastname are different and end up in different places in the final xml. You can supply fullname as it appears on the card.
+
+  class Customer
+
+    attr_accessor :title, :fullname, :firstname, :lastname, :middlename, :namesuffix, :companyname,
+                  :street, :city, :stateprovince, :postcode, :countrycode,
+                  :phone, :email,
+                  :http_accept, :user_agent
+
+
+    def initialize(options={})
+      options.each { |key, value| self.send("#{key}=", value) if self.respond_to? key } if (!options.nil? && options.is_a?(Hash))
+    end
+
+    def add_to_xml(doc)
+      op = REXML::XPath.first(doc, "//Request")
+      op.delete_element "CustomerInfo"
+      ci = op.add_element "CustomerInfo"
+      postal = ci.add_element("Postal")
+      name = postal.add_element("Name")
+      name.text = self.fullname if self.fullname
+      name.add_element("NamePrefix").add_text(self.title) if self.title
+      name.add_element("FirstName").add_text(self.firstname) if self.firstname
+      name.add_element("MiddleName").add_text(self.middlename) if self.middlename
+      name.add_element("LastName").add_text(self.lastname) if self.lastname
+      name.add_element("NameSuffix").add_text(self.namesuffix) if self.namesuffix
+      postal.add_element("Company").add_text(self.companyname) if self.companyname
+      postal.add_element("Street").add_text(self.street) if self.street
+      postal.add_element("City").add_text(self.city) if self.city
+      postal.add_element("StateProv").add_text(self.stateprovince) if self.stateprovince
+      postal.add_element("PostalCode").add_text(self.postcode) if self.postcode
+      postal.add_element("CountryCode").add_text(self.countrycode) if self.countrycode
+      ci.add_element("Telecom").add_element("Phone").add_text(self.phone) if self.phone
+      ci.add_element("Online").add_element("Email").add_text(self.email) if self.email
+      ci.add_element("Accept").add_text(self.http_accept) if self.http_accept
+      ci.add_element("UserAgent").add_text(self.user_agent) if self.user_agent
+    end
+  end
+end