forked from activemerchant/active_merchant
/
payment_express.rb
353 lines (301 loc) · 14.2 KB
/
payment_express.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
require 'rexml/document'
module ActiveMerchant #:nodoc:
module Billing #:nodoc:
# In NZ DPS supports ANZ, Westpac, National Bank, ASB and BNZ.
# In Australia DPS supports ANZ, NAB, Westpac, CBA, St George and Bank of South Australia.
# The Maybank in Malaysia is supported and the Citibank for Singapore.
class PaymentExpressGateway < Gateway
self.default_currency = 'NZD'
# PS supports all major credit cards; Visa, Mastercard, Amex, Diners, BankCard & JCB.
# Various white label cards can be accepted as well; Farmers, AirNZCard and Elders etc.
# Please note that not all acquirers and Eftpos networks can support some of these card types.
# VISA, Mastercard, Diners Club and Farmers cards are supported
#
# However, regular accounts with DPS only support VISA and Mastercard
self.supported_cardtypes = [ :visa, :master, :american_express, :diners_club, :jcb ]
self.supported_countries = %w[ AU CA DE ES FR GB HK IE MY NL NZ SG US ZA ]
self.homepage_url = 'http://www.paymentexpress.com/'
self.display_name = 'PaymentExpress'
self.live_url = self.test_url = 'https://sec.paymentexpress.com/pxpost.aspx'
APPROVED = '1'
TRANSACTIONS = {
:purchase => 'Purchase',
:credit => 'Refund',
:authorization => 'Auth',
:capture => 'Complete',
:validate => 'Validate'
}
# We require the DPS gateway username and password when the object is created.
#
# The PaymentExpress gateway also supports a :use_custom_payment_token boolean option.
# If set to true the gateway will use BillingId for the Token type. If set to false,
# then the token will be sent as the DPS specified "DpsBillingId". This is per the documentation at
# http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#Tokenbilling
def initialize(options = {})
requires!(options, :login, :password)
super
end
# Funds are transferred immediately.
#
# `payment_source` can be a usual ActiveMerchant credit_card object, or can also
# be a string of the `DpsBillingId` or `BillingId` which can be gotten through the
# store method. If you are using a `BillingId` instead of `DpsBillingId` you must
# also set the instance method `#use_billing_id_for_token` to true, see the `#store`
# method for an example of how to do this.
def purchase(money, payment_source, options = {})
request = build_purchase_or_authorization_request(money, payment_source, options)
commit(:purchase, request)
end
# NOTE: Perhaps in options we allow a transaction note to be inserted
# Verifies that funds are available for the requested card and amount and reserves the specified amount.
# See: http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#Authcomplete
#
# `payment_source` can be a usual ActiveMerchant credit_card object or a token, see #purchased method
def authorize(money, payment_source, options = {})
request = build_purchase_or_authorization_request(money, payment_source, options)
commit(:authorization, request)
end
# Transfer pre-authorized funds immediately
# See: http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#Authcomplete
def capture(money, identification, options = {})
request = build_capture_or_credit_request(money, identification, options)
commit(:capture, request)
end
# Refund funds to the card holder
def refund(money, identification, options = {})
requires!(options, :description)
request = build_capture_or_credit_request(money, identification, options)
commit(:credit, request)
end
def credit(money, identification, options = {})
ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
refund(money, identification, options)
end
# Token Based Billing
#
# Instead of storing the credit card details locally, you can store them inside the
# Payment Express system and instead bill future transactions against a token.
#
# This token can either be specified by your code or autogenerated by the PaymentExpress
# system. The default is to let PaymentExpress generate the token for you and so use
# the `DpsBillingId`. If you do not pass in any option of the `billing_id`, then the store
# method will ask PaymentExpress to create a token for you. Additionally, if you are
# using the default `DpsBillingId`, you do not have to do anything extra in the
# initialization of your gateway object.
#
# To specify and use your own token, you need to do two things.
#
# Firstly, pass in a `:billing_id` as an option in the hash of this store method. No
# validation is done on this BillingId by PaymentExpress so you must ensure that it is unique.
#
# gateway.store(credit_card, {:billing_id => 'YourUniqueBillingId'})
#
# Secondly, you will need to pass in the option `{:use_custom_payment_token => true}` when
# initializing your gateway instance, like so:
#
# gateway = ActiveMerchant::Billing::PaymentExpressGateway.new(
# :login => 'USERNAME',
# :password => 'PASSWORD',
# :use_custom_payment_token => true
# )
#
# see: http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#Tokenbilling
#
# Note, once stored, PaymentExpress does not support unstoring a stored card.
def store(credit_card, options = {})
request = build_token_request(credit_card, options)
commit(:validate, request)
end
private
def use_custom_payment_token?
@options[:use_custom_payment_token]
end
def build_purchase_or_authorization_request(money, payment_source, options)
result = new_transaction
if payment_source.is_a?(String)
add_billing_token(result, payment_source)
else
add_credit_card(result, payment_source)
end
add_amount(result, money, options)
add_invoice(result, options)
add_address_verification_data(result, options)
add_optional_elements(result, options)
result
end
def build_capture_or_credit_request(money, identification, options)
result = new_transaction
add_amount(result, money, options)
add_invoice(result, options)
add_reference(result, identification)
add_optional_elements(result, options)
result
end
def build_token_request(credit_card, options)
result = new_transaction
add_credit_card(result, credit_card)
add_amount(result, 100, options) #need to make an auth request for $1
add_token_request(result, options)
add_optional_elements(result, options)
result
end
def add_credentials(xml)
xml.add_element("PostUsername").text = @options[:login]
xml.add_element("PostPassword").text = @options[:password]
end
def add_reference(xml, identification)
xml.add_element("DpsTxnRef").text = identification
end
def add_credit_card(xml, credit_card)
xml.add_element("CardHolderName").text = credit_card.name
xml.add_element("CardNumber").text = credit_card.number
xml.add_element("DateExpiry").text = format_date(credit_card.month, credit_card.year)
if credit_card.verification_value?
xml.add_element("Cvc2").text = credit_card.verification_value
xml.add_element("Cvc2Presence").text = "1"
end
if requires_start_date_or_issue_number?(credit_card)
xml.add_element("DateStart").text = format_date(credit_card.start_month, credit_card.start_year) unless credit_card.start_month.blank? || credit_card.start_year.blank?
xml.add_element("IssueNumber").text = credit_card.issue_number unless credit_card.issue_number.blank?
end
end
def add_billing_token(xml, token)
if use_custom_payment_token?
xml.add_element("BillingId").text = token
else
xml.add_element("DpsBillingId").text = token
end
end
def add_token_request(xml, options)
xml.add_element("BillingId").text = options[:billing_id] if options[:billing_id]
xml.add_element("EnableAddBillCard").text = 1
end
def add_amount(xml, money, options)
xml.add_element("Amount").text = amount(money)
xml.add_element("InputCurrency").text = options[:currency] || currency(money)
end
def add_transaction_type(xml, action)
xml.add_element("TxnType").text = TRANSACTIONS[action]
end
def add_invoice(xml, options)
xml.add_element("TxnId").text = options[:order_id].to_s.slice(0, 16) unless options[:order_id].blank?
xml.add_element("MerchantReference").text = options[:description].to_s.slice(0, 50) unless options[:description].blank?
end
def add_address_verification_data(xml, options)
address = options[:billing_address] || options[:address]
return if address.nil?
xml.add_element("EnableAvsData").text = 1
xml.add_element("AvsAction").text = 1
xml.add_element("AvsStreetAddress").text = address[:address1]
xml.add_element("AvsPostCode").text = address[:zip]
end
# The options hash may contain optional data which will be passed
# through the specialized optional fields at PaymentExpress
# as follows:
#
# {
# :client_type => :web, # Possible values are: :web, :ivr, :moto, :unattended, :internet, or :recurring
# :txn_data1 => "String up to 255 characters",
# :txn_data2 => "String up to 255 characters",
# :txn_data3 => "String up to 255 characters"
# }
#
# +:client_type+, while not documented for PxPost, will be sent as
# the +ClientType+ XML element as described in the documentation for
# the PaymentExpress WebService: http://www.paymentexpress.com/Technical_Resources/Ecommerce_NonHosted/WebService#clientType
# (PaymentExpress have confirmed that this value works the same in PxPost).
# The value sent for +:client_type+ will be normalized and sent
# as one of the explicit values allowed by PxPost:
#
# :web => "Web"
# :ivr => "IVR"
# :moto => "MOTO"
# :unattended => "Unattended"
# :internet => "Internet"
# :recurring => "Recurring"
#
# If you set the +:client_type+ to any value not listed above,
# the ClientType element WILL NOT BE INCLUDED at all in the
# POST data.
#
# +:txn_data1+, +:txn_data2+, and +:txn_data3+ will be sent as
# +TxnData1+, +TxnData2+, and +TxnData3+, respectively, and are
# free form fields of the merchant's choosing, as documented here:
# http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#txndata
#
# These optional elements are added to all transaction types:
# +purchase+, +authorize+, +capture+, +refund+, +store+
def add_optional_elements(xml, options)
if client_type = normalized_client_type(options[:client_type])
xml.add_element("ClientType").text = client_type
end
xml.add_element("TxnData1").text = options[:txn_data1].to_s.slice(0,255) unless options[:txn_data1].blank?
xml.add_element("TxnData2").text = options[:txn_data2].to_s.slice(0,255) unless options[:txn_data2].blank?
xml.add_element("TxnData3").text = options[:txn_data3].to_s.slice(0,255) unless options[:txn_data3].blank?
end
def new_transaction
REXML::Document.new.add_element("Txn")
end
# Take in the request and post it to DPS
def commit(action, request)
add_credentials(request)
add_transaction_type(request, action)
# Parse the XML response
response = parse( ssl_post(self.live_url, request.to_s) )
# Return a response
PaymentExpressResponse.new(response[:success] == APPROVED, message_from(response), response,
:test => response[:test_mode] == '1',
:authorization => authorization_from(action, response)
)
end
# Response XML documentation: http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#XMLTxnOutput
def parse(xml_string)
response = {}
xml = REXML::Document.new(xml_string)
# Gather all root elements such as HelpText
xml.elements.each('Txn/*') do |element|
response[element.name.underscore.to_sym] = element.text unless element.name == 'Transaction'
end
# Gather all transaction elements and prefix with "account_"
# So we could access the MerchantResponseText by going
# response[account_merchant_response_text]
xml.elements.each('Txn/Transaction/*') do |element|
response[element.name.underscore.to_sym] = element.text
end
response
end
def message_from(response)
(response[:card_holder_help_text] || response[:response_text])
end
def authorization_from(action, response)
case action
when :validate
(response[:billing_id] || response[:dps_billing_id])
else
response[:dps_txn_ref]
end
end
def format_date(month, year)
"#{format(month, :two_digits)}#{format(year, :two_digits)}"
end
def normalized_client_type(client_type_from_options)
case client_type_from_options.to_s.downcase
when 'web' then "Web"
when 'ivr' then "IVR"
when 'moto' then "MOTO"
when 'unattended' then "Unattended"
when 'internet' then "Internet"
when 'recurring' then "Recurring"
else nil
end
end
end
class PaymentExpressResponse < Response
# add a method to response so we can easily get the token
# for Validate transactions
def token
@params["billing_id"] || @params["dps_billing_id"]
end
end
end
end