require "nokogiri" module ActiveMerchant #:nodoc: module Billing #:nodoc: class HpsGateway < Gateway self.live_url = 'https://posgateway.secureexchange.net/Hps.Exchange.PosGateway/PosGatewayService.asmx?wsdl' self.test_url = 'https://posgateway.cert.secureexchange.net/Hps.Exchange.PosGateway/PosGatewayService.asmx?wsdl' self.supported_countries = ['US'] self.default_currency = 'USD' self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jbc, :diners_club] self.homepage_url = 'http://developer.heartlandpaymentsystems.com/SecureSubmit/' self.display_name = 'Heartland Payment Systems' self.money_format = :dollars def initialize(options={}) requires!(options, :secret_api_key) super end def authorize(money, card_or_token, options={}) commit('CreditAuth') do |xml| add_amount(xml, money) add_allow_dup(xml) add_customer_data(xml, card_or_token, options) add_details(xml, options) add_descriptor_name(xml, options) add_payment(xml, card_or_token, options) end end def capture(money, transaction_id, options={}) commit('CreditAddToBatch') do |xml| add_amount(xml, money) add_reference(xml, transaction_id) end end def purchase(money, card_or_token, options={}) commit('CreditSale') do |xml| add_amount(xml, money) add_allow_dup(xml) add_customer_data(xml, card_or_token,options) add_details(xml, options) add_descriptor_name(xml, options) add_payment(xml, card_or_token, options) end end def refund(money, transaction_id, options={}) commit('CreditReturn') do |xml| add_amount(xml, money) add_allow_dup(xml) add_reference(xml, transaction_id) add_customer_data(xml, transaction_id,options) add_details(xml, options) end end def verify(card_or_token, options={}) commit('CreditAccountVerify') do |xml| add_customer_data(xml, card_or_token, options) add_descriptor_name(xml, options) add_payment(xml, card_or_token, options) end end def void(transaction_id, options={}) commit('CreditVoid') do |xml| add_reference(xml, transaction_id) end end def supports_scrubbing? true end def scrub(transcript) transcript. gsub(%r(()[^<]*(<\/hps:CardNbr>))i, '\1[FILTERED]\2'). gsub(%r(()[^<]*(<\/hps:CVV2>))i, '\1[FILTERED]\2'). gsub(%r(()[^<]*(<\/hps:SecretAPIKey>))i, '\1[FILTERED]\2') end private def add_reference(xml, transaction_id) xml.hps :GatewayTxnId, transaction_id end def add_amount(xml, money) xml.hps :Amt, amount(money) if money end def add_customer_data(xml, credit_card, options) xml.hps :CardHolderData do if credit_card.respond_to?(:number) xml.hps :CardHolderFirstName, credit_card.first_name if credit_card.first_name xml.hps :CardHolderLastName, credit_card.last_name if credit_card.last_name end xml.hps :CardHolderEmail, options[:email] if options[:email] xml.hps :CardHolderPhone, options[:phone] if options[:phone] if(billing_address = (options[:billing_address] || options[:address])) xml.hps :CardHolderAddr, billing_address[:address1] if billing_address[:address1] xml.hps :CardHolderCity, billing_address[:city] if billing_address[:city] xml.hps :CardHolderState, billing_address[:state] if billing_address[:state] xml.hps :CardHolderZip, billing_address[:zip] if billing_address[:zip] end end end def add_payment(xml, card_or_token, options) xml.hps :CardData do if card_or_token.respond_to?(:number) if card_or_token.track_data xml.tag!("hps:TrackData", 'method'=>'swipe') do xml.text! card_or_token.track_data end if options[:encryption_type] xml.hps :EncryptionData do xml.hps :Version, options[:encryption_type] if options[:encryption_type] == '02' xml.hps :EncryptedTrackNumber, options[:encrypted_track_number] xml.hps :KTB, options[:ktb] end end end else xml.hps :ManualEntry do xml.hps :CardNbr, card_or_token.number xml.hps :ExpMonth, card_or_token.month xml.hps :ExpYear, card_or_token.year xml.hps :CVV2, card_or_token.verification_value if card_or_token.verification_value xml.hps :CardPresent, 'N' xml.hps :ReaderPresent, 'N' end end else xml.hps :TokenData do xml.hps :TokenValue, card_or_token end end xml.hps :TokenRequest, (options[:store] ? 'Y' : 'N') end end def add_details(xml, options) xml.hps :AdditionalTxnFields do xml.hps :Description, options[:description] if options[:description] xml.hps :InvoiceNbr, options[:order_id] if options[:order_id] xml.hps :CustomerID, options[:customer_id] if options[:customer_id] end end def add_allow_dup(xml) xml.hps :AllowDup, 'Y' end def add_descriptor_name(xml, options) xml.hps :TxnDescriptor, options[:descriptor_name] if options[:descriptor_name] end def build_request(action) xml = Builder::XmlMarkup.new(encoding: 'UTF-8') xml.instruct!(:xml, encoding: 'UTF-8') xml.SOAP :Envelope, { 'xmlns:SOAP' => 'http://schemas.xmlsoap.org/soap/envelope/', 'xmlns:hps' => 'http://Hps.Exchange.PosGateway' } do xml.SOAP :Body do xml.hps :PosRequest do xml.hps 'Ver1.0'.to_sym do xml.hps :Header do xml.hps :SecretAPIKey, @options[:secret_api_key] xml.hps :DeveloperID, @options[:developer_id] if @options[:developer_id] xml.hps :VersionNbr, @options[:version_number] if @options[:version_number] xml.hps :SiteTrace, @options[:site_trace] if @options[:site_trace] end xml.hps :Transaction do xml.hps action.to_sym do if %w(CreditVoid CreditAddToBatch).include?(action) yield(xml) else xml.hps :Block1 do yield(xml) end end end end end end end end xml.target! end def parse(raw) response = {} doc = Nokogiri::XML(raw) doc.remove_namespaces! if(header = doc.xpath("//Header").first) header.elements.each do |node| if (node.elements.size == 0) response[node.name] = node.text else node.elements.each do |childnode| response[childnode.name] = childnode.text end end end end if(transaction = doc.xpath("//Transaction/*[1]").first) transaction.elements.each do |node| response[node.name] = node.text end end if(fault = doc.xpath("//Fault/Reason/Text").first) response["Fault"] = fault.text end response end def commit(action, &request) data = build_request(action, &request) response = begin parse(ssl_post((test? ? test_url : live_url), data, 'Content-Type' => 'text/xml')) rescue ResponseError => e parse(e.response.body) end ActiveMerchant::Billing::Response.new( successful?(response), message_from(response), response, test: test?, authorization: authorization_from(response), avs_result: { code: response['AVSRsltCode'], message: response['AVSRsltText'] }, cvv_result: response['CVVRsltCode'] ) end def successful?(response) ( (response["GatewayRspCode"] == "0") && ((response["RspCode"] || "00") == "00" || response["RspCode"] == "85") ) end def message_from(response) if(response["Fault"]) response["Fault"] elsif(response["GatewayRspCode"] == "0") if(response["RspCode"] != "00" && response["RspCode"] != "85") issuer_message(response["RspCode"]) else response['GatewayRspMsg'] end else (GATEWAY_MESSAGES[response["GatewayRspCode"]] || response["GatewayRspMsg"]) end end def authorization_from(response) response['GatewayTxnId'] end def test? (@options[:secret_api_key] && @options[:secret_api_key].include?('_cert_')) end ISSUER_MESSAGES = { "13" => "Must be greater than or equal 0.", "14" => "The card number is incorrect.", "54" => "The card has expired.", "55" => "The 4-digit pin is invalid.", "75" => "Maximum number of pin retries exceeded.", "80" => "Card expiration date is invalid.", "86" => "Can't verify card pin number." } def issuer_message(code) return "The card was declined." if %w(02 03 04 05 41 43 44 51 56 61 62 63 65 78).include?(code) return "An error occurred while processing the card." if %w(06 07 12 15 19 12 52 53 57 58 76 77 91 96 EC).include?(code) return "The card's security code is incorrect." if %w(EB N7).include?(code) ISSUER_MESSAGES[code] end GATEWAY_MESSAGES = { "-2" => "Authentication error. Please double check your service configuration.", "12" => "Invalid CPC data.", "13" => "Invalid card data.", "14" => "The card number is not a valid credit card number.", "30" => "Gateway timed out." } end end end