# -*- coding: utf-8 -*- module ActiveMerchant #:nodoc: module Billing #:nodoc: # ==== Customer Information Manager (CIM) # # The Authorize.Net Customer Information Manager (CIM) is an optional additional service that allows you to store sensitive payment information on # Authorize.Net's servers, simplifying payments for returning customers and recurring transactions. It can also help with Payment Card Industry (PCI) # Data Security Standard compliance, since customer data is no longer stored locally. # # To use the AuthorizeNetCimGateway CIM must be enabled for your account. # # Information about CIM is available on the {Authorize.Net website}[http://www.authorize.net/solutions/merchantsolutions/merchantservices/cim/]. # Information about the CIM API is available at the {Authorize.Net Integration Center}[http://developer.authorize.net/] # # ==== Login and Password # # The login and password are not the username and password you use to # login to the Authorize.Net Merchant Interface. Instead, you will # use the API Login ID as the login and Transaction Key as the # password. # # ==== How to Get Your API Login ID and Transaction Key # # 1. Log into the Merchant Interface # 2. Select Settings from the Main Menu # 3. Click on API Login ID and Transaction Key in the Security section # 4. Type in the answer to the secret question configured on setup # 5. Click Submit class AuthorizeNetCimGateway < Gateway self.test_url = 'https://apitest.authorize.net/xml/v1/request.api' self.live_url = 'https://api2.authorize.net/xml/v1/request.api' AUTHORIZE_NET_CIM_NAMESPACE = 'AnetApi/xml/v1/schema/AnetApiSchema.xsd' CIM_ACTIONS = { :create_customer_profile => 'createCustomerProfile', :create_customer_payment_profile => 'createCustomerPaymentProfile', :create_customer_shipping_address => 'createCustomerShippingAddress', :get_customer_profile => 'getCustomerProfile', :get_customer_profile_ids => 'getCustomerProfileIds', :get_customer_payment_profile => 'getCustomerPaymentProfile', :get_customer_shipping_address => 'getCustomerShippingAddress', :delete_customer_profile => 'deleteCustomerProfile', :delete_customer_payment_profile => 'deleteCustomerPaymentProfile', :delete_customer_shipping_address => 'deleteCustomerShippingAddress', :update_customer_profile => 'updateCustomerProfile', :update_customer_payment_profile => 'updateCustomerPaymentProfile', :update_customer_shipping_address => 'updateCustomerShippingAddress', :create_customer_profile_transaction => 'createCustomerProfileTransaction', :validate_customer_payment_profile => 'validateCustomerPaymentProfile' } CIM_TRANSACTION_TYPES = { :auth_capture => 'profileTransAuthCapture', :auth_only => 'profileTransAuthOnly', :capture_only => 'profileTransCaptureOnly', :prior_auth_capture => 'profileTransPriorAuthCapture', :refund => 'profileTransRefund', :void => 'profileTransVoid' } CIM_VALIDATION_MODES = { :none => 'none', :test => 'testMode', :live => 'liveMode', :old => 'oldLiveMode' } BANK_ACCOUNT_TYPES = { :checking => 'checking', :savings => 'savings', :business_checking => 'businessChecking' } ECHECK_TYPES = { :ccd => 'CCD', :ppd => 'PPD', :web => 'WEB' } self.homepage_url = 'http://www.authorize.net/' self.display_name = 'Authorize.Net CIM' self.supported_countries = ['US'] self.supported_cardtypes = [:visa, :master, :american_express, :discover] # Creates a new AuthorizeNetCimGateway # # The gateway requires that a valid API Login ID and Transaction Key be passed # in the +options+ hash. # # ==== Options # # * :login -- The Authorize.Net API Login ID (REQUIRED) # * :password -- The Authorize.Net Transaction Key. (REQUIRED) # * :test -- +true+ or +false+. If true, perform transactions against the test server. # Otherwise, perform transactions against the production server. # * :delimiter -- The delimiter used in the direct response. Default is ',' (comma). def initialize(options = {}) requires!(options, :login, :password) super end # Creates a new customer profile along with any customer payment profiles and customer shipping addresses # for the customer profile. # # Returns a Response with the Customer Profile ID of the new customer profile in the authorization field. # It is *CRITICAL* that you save this ID. There is no way to retrieve this through the API. You will not # be able to create another Customer Profile with the same information. # # # # ==== Options # # * :profile -- A hash containing at least one of the CONDITIONAL profile options below (REQUIRED) # # ==== Profile # # * :email -- Email address associated with the customer profile (CONDITIONAL) # * :description -- Description of the customer or customer profile (CONDITIONAL) # * :merchant_customer_id -- Merchant assigned ID for the customer (CONDITIONAL) # * :payment_profile -- A hash containing the elements of the new payment profile (optional) # # ==== Payment Profile # # * :payment -- A hash containing information on payment. Either :credit_card or :bank_account (optional) def create_customer_profile(options) requires!(options, :profile) requires!(options[:profile], :email) unless options[:profile][:merchant_customer_id] || options[:profile][:description] requires!(options[:profile], :description) unless options[:profile][:email] || options[:profile][:merchant_customer_id] requires!(options[:profile], :merchant_customer_id) unless options[:profile][:description] || options[:profile][:email] request = build_request(:create_customer_profile, options) commit(:create_customer_profile, request) end # Creates a new customer payment profile for an existing customer profile. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer the payment profile will be added to. (REQUIRED) # * :payment_profile -- A hash containing the elements of the new payment profile (REQUIRED) # # ==== Payment Profile # # * :payment -- A hash containing information on payment. Either :credit_card or :bank_account (REQUIRED) def create_customer_payment_profile(options) requires!(options, :customer_profile_id) requires!(options, :payment_profile) requires!(options[:payment_profile], :payment) request = build_request(:create_customer_payment_profile, options) commit(:create_customer_payment_profile, request) end # Creates a new customer shipping address for an existing customer profile. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer the payment profile will be added to. (REQUIRED) # * :address -- A hash containing the elements of the shipping address (REQUIRED) def create_customer_shipping_address(options) requires!(options, :customer_profile_id) requires!(options, :address) request = build_request(:create_customer_shipping_address, options) commit(:create_customer_shipping_address, request) end # Deletes an existing customer profile along with all associated customer payment profiles and customer shipping addresses. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer to be deleted. (REQUIRED) def delete_customer_profile(options) requires!(options, :customer_profile_id) request = build_request(:delete_customer_profile, options) commit(:delete_customer_profile, request) end # Deletes a customer payment profile from an existing customer profile. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer with the payment profile to be deleted. (REQUIRED) # * :customer_payment_profile_id -- The Payment Profile ID of the payment profile to be deleted. (REQUIRED) def delete_customer_payment_profile(options) requires!(options, :customer_profile_id) requires!(options, :customer_payment_profile_id) request = build_request(:delete_customer_payment_profile, options) commit(:delete_customer_payment_profile, request) end # Deletes a customer shipping address from an existing customer profile. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer with the payment profile to be deleted. (REQUIRED) # * :customer_address_id -- The Shipping Address ID of the shipping address to be deleted. (REQUIRED) def delete_customer_shipping_address(options) requires!(options, :customer_profile_id) requires!(options, :customer_address_id) request = build_request(:delete_customer_shipping_address, options) commit(:delete_customer_shipping_address, request) end # Retrieves an existing customer profile along with all the associated customer payment profiles and customer shipping addresses. # # Returns a Response whose params hash contains all the profile information. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer to retrieve. (REQUIRED) def get_customer_profile(options) requires!(options, :customer_profile_id) request = build_request(:get_customer_profile, options) commit(:get_customer_profile, request) end def get_customer_profile_ids(options = {}) request = build_request(:get_customer_profile_ids, options) commit(:get_customer_profile_ids, request) end # Retrieve a customer payment profile for an existing customer profile. # # Returns a Response whose params hash contains all the payment profile information. Sensitive information such as credit card # numbers will be masked. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer with the payment profile to be retrieved. (REQUIRED) # * :customer_payment_profile_id -- The Payment Profile ID of the payment profile to be retrieved. (REQUIRED) def get_customer_payment_profile(options) requires!(options, :customer_profile_id) requires!(options, :customer_payment_profile_id) request = build_request(:get_customer_payment_profile, options) commit(:get_customer_payment_profile, request) end # Retrieve a customer shipping address for an existing customer profile. # # Returns a Response whose params hash contains all the shipping address information. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer with the payment profile to be retrieved. (REQUIRED) # * :customer_address_id -- The Shipping Address ID of the shipping address to be retrieved. (REQUIRED) def get_customer_shipping_address(options) requires!(options, :customer_profile_id) requires!(options, :customer_address_id) request = build_request(:get_customer_shipping_address, options) commit(:get_customer_shipping_address, request) end # Updates an existing customer profile. # # Warning: if you do not provide a parameter in the :payment_profile hash, it is automatically set to nil at # Authorize.Net. You will most likely want to first get the profile hash using get_customer_profile and then only change the # elements you wish to change. # # ==== Options # # * :profile -- A hash containing the values the Customer Profile should be updated to. (REQUIRED) # # ==== Profile # # * :customer_profile_id -- The Customer Profile ID of the customer profile to update. (REQUIRED) def update_customer_profile(options) requires!(options, :profile) requires!(options[:profile], :customer_profile_id) request = build_request(:update_customer_profile, options) commit(:update_customer_profile, request) end # Updates a customer payment profile for an existing customer profile. # # Warning: if you do not provide a parameter in the :payment_profile hash, it is automatically set to nil at # Authorize.Net. You will most likely want to first get the profile hash using get_customer_payment_profile and then only # change the elements you wish to change. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer with the payment profile to be updated. (REQUIRED) # * :payment_profile -- A hash containing the values the Customer Payment Profile should be updated to. (REQUIRED) # # ==== Payment Profile # # * :customer_payment_profile_id -- The Customer Payment Profile ID of the Customer Payment Profile to update. (REQUIRED) def update_customer_payment_profile(options) requires!(options, :customer_profile_id, :payment_profile) requires!(options[:payment_profile], :customer_payment_profile_id) request = build_request(:update_customer_payment_profile, options) commit(:update_customer_payment_profile, request) end # Updates a customer shipping address for an existing customer profile. # # Warning: if you do not provide a parameter in the :address hash, it is automatically set to nil at # Authorize.Net. You will most likely want to first get the profile hash using get_customer_shipping_address and then only # change the elements you wish to change. # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer with the payment profile to be updated. (REQUIRED) # * :address -- A hash containing the values the Customer Shipping Address should be updated to. (REQUIRED) # # ==== Address # # * :customer_address_id -- The Customer Address ID of the Customer Payment Profile to update. (REQUIRED) def update_customer_shipping_address(options) requires!(options, :customer_profile_id, :address) requires!(options[:address], :customer_address_id) request = build_request(:update_customer_shipping_address, options) commit(:update_customer_shipping_address, request) end # Creates a new payment transaction from an existing customer profile # # This is what is used to charge a customer whose information you have stored in a Customer Profile. # # Returns a Response object that contains the result of the transaction in params['direct_response'] # # ==== Options # # * :transaction -- A hash containing information on the transaction that is being requested. (REQUIRED) # # ==== Transaction # # * :type -- The type of transaction. Can be either :auth_only, :capture_only, :auth_capture, :prior_auth_capture, :refund or :void. (REQUIRED) # * :amount -- The amount for the tranaction. Formatted with a decimal. For example "4.95" (CONDITIONAL) # - :type == :void (NOT USED) # - :type == :refund (OPTIONAL) # - :type == (:auth_only, :capture_only, :auth_capture, :prior_auth_capture) (REQUIRED) # # * :customer_profile_id -- The Customer Profile ID of the customer to use in this transaction. (CONDITIONAL) # - :type == (:void, :prior_auth_capture) (OPTIONAL) # - :type == :refund (CONDITIONAL - required if masked information is not being submitted [see below]) # - :type == (:auth_only, :capture_only, :auth_capture) (REQUIRED) # # * :customer_payment_profile_id -- The Customer Payment Profile ID of the Customer Payment Profile to use in this transaction. (CONDITIONAL) # - :type == (:void, :prior_auth_capture) (OPTIONAL) # - :type == :refund (CONDITIONAL - required if masked information is not being submitted [see below]) # - :type == (:auth_only, :capture_only, :auth_capture) (REQUIRED) # # * :trans_id -- The payment gateway assigned transaction ID of the original transaction (CONDITIONAL): # - :type = (:void, :refund, :prior_auth_capture) (REQUIRED) # - :type = (:auth_only, :capture_only, :auth_capture) (NOT USED) # # * :card_code -- CVV/CCV code (OPTIONAL) # - :type = (:void, :refund, :prior_auth_capture) (NOT USED) # - :type = (:auth_only, :capture_only, :auth_capture) (OPTIONAL) # # * :customer_shipping_address_id -- Payment gateway assigned ID associated with the customer shipping address (CONDITIONAL) # - :type = (:void, :refund) (OPTIONAL) # - :type = (:auth_only, :capture_only, :auth_capture) (NOT USED) # - :type = (:prior_auth_capture) (OPTIONAL) # # ==== For :type == :refund only # * :credit_card_number_masked -- (CONDITIONAL - requied for credit card refunds is :customer_profile_id AND :customer_payment_profile_id are missing) # * :bank_routing_number_masked && :bank_account_number_masked -- (CONDITIONAL - requied for electronic check refunds is :customer_profile_id AND :customer_payment_profile_id are missing) (NOT ABLE TO TEST - I keep getting "ACH transactions are not accepted by this merchant." when trying to make a payment and, until that's possible I can't refund (wiseleyb@gmail.com)) def create_customer_profile_transaction(options) requires!(options, :transaction) requires!(options[:transaction], :type) case options[:transaction][:type] when :void requires!(options[:transaction], :trans_id) when :refund requires!(options[:transaction], :trans_id) && ( (options[:transaction][:customer_profile_id] && options[:transaction][:customer_payment_profile_id]) || options[:transaction][:credit_card_number_masked] || (options[:transaction][:bank_routing_number_masked] && options[:transaction][:bank_account_number_masked]) ) when :prior_auth_capture requires!(options[:transaction], :amount, :trans_id) else requires!(options[:transaction], :amount, :customer_profile_id, :customer_payment_profile_id) end request = build_request(:create_customer_profile_transaction, options) commit(:create_customer_profile_transaction, request) end # Creates a new payment transaction for refund from an existing customer profile # # This is what is used to refund a transaction you have stored in a Customer Profile. # # Returns a Response object that contains the result of the transaction in params['direct_response'] # # ==== Options # # * :transaction -- A hash containing information on the transaction that is being requested. (REQUIRED) # # ==== Transaction # # * :amount -- The total amount to be refunded (REQUIRED) # # * :customer_profile_id -- The Customer Profile ID of the customer to use in this transaction. (CONDITIONAL :customer_payment_profile_id must be included if used) # * :customer_payment_profile_id -- The Customer Payment Profile ID of the Customer Payment Profile to use in this transaction. (CONDITIONAL :customer_profile_id must be included if used) # # * :credit_card_number_masked -- Four Xs follwed by the last four digits of the credit card (CONDITIONAL - used if customer_profile_id and customer_payment_profile_id aren't given) # # * :bank_routing_number_masked -- The last four gidits of the routing number to be refunded (CONDITIONAL - must be used with :bank_account_number_masked) # * :bank_account_number_masked -- The last four digis of the bank account number to be refunded, Ex. XXXX1234 (CONDITIONAL - must be used with :bank_routing_number_masked) # # * :tax - A hash containing tax information for the refund (OPTIONAL - :amount, :name (31 characters), :description (255 characters)) # * :duty - A hash containting duty information for the refund (OPTIONAL - :amount, :name (31 characters), :description (255 characters)) # * :shipping - A hash containing shipping information for the refund (OPTIONAL - :amount, :name (31 characters), :description (255 characters)) def create_customer_profile_transaction_for_refund(options) requires!(options, :transaction) options[:transaction][:type] = :refund requires!(options[:transaction], :trans_id) requires!(options[:transaction], :amount) request = build_request(:create_customer_profile_transaction, options) commit(:create_customer_profile_transaction, request) end # Creates a new payment transaction for void from an existing customer profile # # This is what is used to void a transaction you have stored in a Customer Profile. # # Returns a Response object that contains the result of the transaction in params['direct_response'] # # ==== Options # # * :transaction -- A hash containing information on the transaction that is being requested. (REQUIRED) # # ==== Transaction # # * :trans_id -- The payment gateway assigned transaction id of the original transaction. (REQUIRED) # * :customer_profile_id -- The Customer Profile ID of the customer to use in this transaction. # * :customer_payment_profile_id -- The Customer Payment Profile ID of the Customer Payment Profile to use in this transaction. # * :customer_shipping_address_id -- Payment gateway assigned ID associated with the customer shipping address. def create_customer_profile_transaction_for_void(options) requires!(options, :transaction) options[:transaction][:type] = :void requires!(options[:transaction], :trans_id) request = build_request(:create_customer_profile_transaction, options) commit(:create_customer_profile_transaction, request) end # Verifies an existing customer payment profile by generating a test transaction # # Returns a Response object that contains the result of the transaction in params['direct_response'] # # ==== Options # # * :customer_profile_id -- The Customer Profile ID of the customer to use in this transaction. (REQUIRED) # * :customer_payment_profile_id -- The Customer Payment Profile ID of the Customer Payment Profile to be verified. (REQUIRED) # * :customer_address_id -- The Customer Address ID of the Customer Shipping Address to be verified. (OPTIONAL) # * :card_code -- If the payment profile is a credit card, the CCV/CVV code to validate with (OPTIONAL) # * :validation_mode -- :live or :test In Test Mode, only field validation is performed. (REQUIRED # In Live Mode, a transaction is generated and submitted to the processor with the amount of $0.01. If successful, the transaction is immediately voided. (REQUIRED) def validate_customer_payment_profile(options) requires!(options, :customer_profile_id, :customer_payment_profile_id, :validation_mode) request = build_request(:validate_customer_payment_profile, options) commit(:validate_customer_payment_profile, request) end private def expdate(credit_card) if credit_card.year.present? && credit_card.month.present? sprintf('%04d-%02d', credit_card.year, credit_card.month) else 'XXXX' end end def build_request(action, options = {}) unless CIM_ACTIONS.include?(action) raise StandardError, "Invalid Customer Information Manager Action: #{action}" end xml = Builder::XmlMarkup.new(:indent => 2) xml.instruct!(:xml, :version => '1.0', :encoding => 'utf-8') xml.tag!("#{CIM_ACTIONS[action]}Request", :xmlns => AUTHORIZE_NET_CIM_NAMESPACE) do add_merchant_authentication(xml) # Merchant-assigned reference ID for the request xml.tag!('refId', options[:ref_id]) if options[:ref_id] # Order options add_order(xml, options[:order]) if options[:order] send("build_#{action}_request", xml, options) end end # Contains the merchant’s payment gateway account authentication information def add_merchant_authentication(xml) xml.tag!('merchantAuthentication') do xml.tag!('name', @options[:login]) xml.tag!('transactionKey', @options[:password]) end end def build_create_customer_profile_request(xml, options) add_profile(xml, options[:profile]) xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode] if options.has_key?(:payment_profile) xml.tag!('paymentProfile') do add_payment_profile(xml, options[:payment_profile]) end end xml.target! end def build_create_customer_payment_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('paymentProfile') do add_payment_profile(xml, options[:payment_profile]) end xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode] xml.target! end def build_create_customer_shipping_address_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('address') do add_address(xml, options[:address]) end xml.target! end def build_delete_customer_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.target! end def build_delete_customer_payment_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id]) xml.target! end def build_delete_customer_shipping_address_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('customerAddressId', options[:customer_address_id]) xml.target! end def build_get_customer_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.target! end def build_get_customer_profile_ids_request(xml, options) xml.target! end def build_get_customer_payment_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id]) xml.target! end def build_get_customer_shipping_address_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('customerAddressId', options[:customer_address_id]) xml.target! end def build_update_customer_profile_request(xml, options) add_profile(xml, options[:profile], true) xml.target! end def build_update_customer_payment_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('paymentProfile') do add_payment_profile(xml, options[:payment_profile]) end xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode] xml.target! end def build_update_customer_shipping_address_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('address') do add_address(xml, options[:address]) end xml.target! end def build_create_customer_profile_transaction_request(xml, options) options[:extra_options] ||= {} options[:extra_options].merge!('x_test_request' => 'TRUE') if @options[:test] add_transaction(xml, options[:transaction]) tag_unless_blank(xml, 'extraOptions', format_extra_options(options[:extra_options])) xml.target! end def build_validate_customer_payment_profile_request(xml, options) xml.tag!('customerProfileId', options[:customer_profile_id]) xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id]) xml.tag!('customerShippingAddressId', options[:customer_address_id]) if options[:customer_address_id] tag_unless_blank(xml, 'cardCode', options[:card_code]) xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode] xml.target! end # :merchant_customer_id (Optional) # :description (Optional) # :email (Optional) # :payment_profiles (Optional) def add_profile(xml, profile, update = false) xml.tag!('profile') do # Merchant assigned ID for the customer. Up to 20 characters. (optional) xml.tag!('merchantCustomerId', profile[:merchant_customer_id]) if profile[:merchant_customer_id] # Description of the customer. Up to 255 Characters (optional) xml.tag!('description', profile[:description]) if profile[:description] # Email Address for the customer. Up to 255 Characters (optional) xml.tag!('email', profile[:email]) if profile[:email] if update xml.tag!('customerProfileId', profile[:customer_profile_id]) else add_payment_profiles(xml, profile[:payment_profiles]) if profile[:payment_profiles] add_ship_to_list(xml, profile[:ship_to_list]) if profile[:ship_to_list] end end end def add_transaction(xml, transaction) unless CIM_TRANSACTION_TYPES.include?(transaction[:type]) raise StandardError, "Invalid Customer Information Manager Transaction Type: #{transaction[:type]}" end xml.tag!('transaction') do xml.tag!(CIM_TRANSACTION_TYPES[transaction[:type]]) do # The amount to be billed to the customer case transaction[:type] when :void tag_unless_blank(xml,'customerProfileId', transaction[:customer_profile_id]) tag_unless_blank(xml,'customerPaymentProfileId', transaction[:customer_payment_profile_id]) tag_unless_blank(xml,'customerShippingAddressId', transaction[:customer_shipping_address_id]) xml.tag!('transId', transaction[:trans_id]) when :refund #TODO - add lineItems field xml.tag!('amount', transaction[:amount]) tag_unless_blank(xml, 'customerProfileId', transaction[:customer_profile_id]) tag_unless_blank(xml, 'customerPaymentProfileId', transaction[:customer_payment_profile_id]) tag_unless_blank(xml, 'customerShippingAddressId', transaction[:customer_shipping_address_id]) tag_unless_blank(xml, 'creditCardNumberMasked', transaction[:credit_card_number_masked]) tag_unless_blank(xml, 'bankRoutingNumberMasked', transaction[:bank_routing_number_masked]) tag_unless_blank(xml, 'bankAccountNumberMasked', transaction[:bank_account_number_masked]) xml.tag!('transId', transaction[:trans_id]) add_tax(xml, transaction[:tax]) if transaction[:tax] add_duty(xml, transaction[:duty]) if transaction[:duty] add_shipping(xml, transaction[:shipping]) if transaction[:shipping] when :prior_auth_capture xml.tag!('amount', transaction[:amount]) xml.tag!('transId', transaction[:trans_id]) else xml.tag!('amount', transaction[:amount]) xml.tag!('customerProfileId', transaction[:customer_profile_id]) xml.tag!('customerPaymentProfileId', transaction[:customer_payment_profile_id]) xml.tag!('approvalCode', transaction[:approval_code]) if transaction[:type] == :capture_only end add_order(xml, transaction[:order]) if transaction[:order].present? unless [:void,:refund,:prior_auth_capture].include?(transaction[:type]) tag_unless_blank(xml, 'cardCode', transaction[:card_code]) end end end end def add_tax(xml, tax) xml.tag!('tax') do xml.tag!('amount', tax[:amount]) if tax[:amount] xml.tag!('name', tax[:name]) if tax[:name] xml.tag!('description', tax[:description]) if tax[:description] end end def add_duty(xml, duty) xml.tag!('duty') do xml.tag!('amount', duty[:amount]) if duty[:amount] xml.tag!('name', duty[:name]) if duty[:name] xml.tag!('description', duty[:description]) if duty[:description] end end def add_shipping(xml, shipping) xml.tag!('shipping') do xml.tag!('amount', shipping[:amount]) if shipping[:amount] xml.tag!('name', shipping[:name]) if shipping[:name] xml.tag!('description', shipping[:description]) if shipping[:description] end end def add_order(xml, order) xml.tag!('order') do xml.tag!('invoiceNumber', order[:invoice_number]) if order[:invoice_number] xml.tag!('description', order[:description]) if order[:description] xml.tag!('purchaseOrderNumber', order[:purchase_order_number]) if order[:purchase_order_number] end end def add_payment_profiles(xml, payment_profiles) xml.tag!('paymentProfiles') do add_payment_profile(xml, payment_profiles) end end # :customer_type => 'individual or business', # Optional # :bill_to => @address, # :payment => @payment def add_payment_profile(xml, payment_profile) # 'individual' or 'business' (optional) xml.tag!('customerType', payment_profile[:customer_type]) if payment_profile[:customer_type] if payment_profile[:bill_to] xml.tag!('billTo') do add_address(xml, payment_profile[:bill_to]) end end if payment_profile[:payment] xml.tag!('payment') do add_credit_card(xml, payment_profile[:payment][:credit_card]) if payment_profile[:payment].has_key?(:credit_card) add_bank_account(xml, payment_profile[:payment][:bank_account]) if payment_profile[:payment].has_key?(:bank_account) add_drivers_license(xml, payment_profile[:payment][:drivers_license]) if payment_profile[:payment].has_key?(:drivers_license) # This element is only required for Wells Fargo SecureSource eCheck.Net merchants # The customer's Social Security Number or Tax ID xml.tag!('taxId', payment_profile[:payment]) if payment_profile[:payment].has_key?(:tax_id) end end xml.tag!('customerPaymentProfileId', payment_profile[:customer_payment_profile_id]) if payment_profile[:customer_payment_profile_id] end def add_ship_to_list(xml, ship_to_list) xml.tag!('shipToList') do add_address(xml, ship_to_list) end end def add_address(xml, address) xml.tag!('firstName', address[:first_name]) xml.tag!('lastName', address[:last_name]) xml.tag!('company', address[:company]) xml.tag!('address', address[:address1]) if address[:address1] xml.tag!('address', address[:address]) if address[:address] xml.tag!('city', address[:city]) xml.tag!('state', address[:state]) xml.tag!('zip', address[:zip]) xml.tag!('country', address[:country]) xml.tag!('phoneNumber', address[:phone_number]) if address[:phone_number] xml.tag!('faxNumber', address[:fax_number]) if address[:fax_number] xml.tag!('customerAddressId', address[:customer_address_id]) if address[:customer_address_id] end # Adds customer’s credit card information # Note: This element should only be included # when the payment method is credit card. def add_credit_card(xml, credit_card) return unless credit_card xml.tag!('creditCard') do # The credit card number used for payment of the subscription xml.tag!('cardNumber', credit_card.number) # The expiration date of the credit card used for the subscription xml.tag!('expirationDate', expdate(credit_card)) # Note that Authorize.net does not save CVV codes as part of the # payment profile. Any transactions/validations after the payment # profile is created that wish to use CVV verification must pass # the CVV code to authorize.net again. xml.tag!('cardCode', credit_card.verification_value) if credit_card.verification_value? end end # Adds customer’s bank account information # Note: This element should only be included # when the payment method is bank account. def add_bank_account(xml, bank_account) raise StandardError, "Invalid Bank Account Type: #{bank_account[:account_type]}" unless BANK_ACCOUNT_TYPES.include?(bank_account[:account_type]) raise StandardError, "Invalid eCheck Type: #{bank_account[:echeck_type]}" unless ECHECK_TYPES.include?(bank_account[:echeck_type]) xml.tag!('bankAccount') do # The type of bank account xml.tag!('accountType', BANK_ACCOUNT_TYPES[bank_account[:account_type]]) # The routing number of the customer’s bank xml.tag!('routingNumber', bank_account[:routing_number]) # The bank account number xml.tag!('accountNumber', bank_account[:account_number]) # The full name of the individual associated # with the bank account number xml.tag!('nameOnAccount', bank_account[:name_on_account]) # The type of electronic check transaction xml.tag!('echeckType', ECHECK_TYPES[bank_account[:echeck_type]]) # The full name of the individual associated # with the bank account number (optional) xml.tag!('bankName', bank_account[:bank_name]) if bank_account[:bank_name] end end # Adds customer’s driver's license information # Note: This element is only required for # Wells Fargo SecureSource eCheck.Net merchants def add_drivers_license(xml, drivers_license) xml.tag!('driversLicense') do # The state of the customer's driver's license # A valid two character state code xml.tag!('state', drivers_license[:state]) # The customer’s driver's license number xml.tag!('number', drivers_license[:number]) # The date of birth listed on the customer's driver's license # YYYY-MM-DD xml.tag!('dateOfBirth', drivers_license[:date_of_birth]) end end def commit(action, request) url = test? ? test_url : live_url xml = ssl_post(url, request, "Content-Type" => "text/xml") response_params = parse(action, xml) message = nil begin message = Array.wrap(response_params['messages']['message']).first['text'] rescue TypeError => e TangaServices.logger.error(service: 'authnet', alert_tanga_devs: true, authnet_response: xml.to_s, exception: e.message) raise end test_mode = test? || message =~ /Test Mode/ success = response_params['messages']['result_code'] == 'Ok' response_params['direct_response'] = parse_direct_response(response_params['direct_response']) if response_params['direct_response'] transaction_id = response_params['direct_response']['transaction_id'] if response_params['direct_response'] Response.new(success, message, response_params, :test => test_mode, :authorization => transaction_id || response_params['customer_profile_id'] || (response_params['profile'] ? response_params['profile']['customer_profile_id'] : nil) ) end def tag_unless_blank(xml, tag_name, data) xml.tag!(tag_name, data) unless data.blank? || data.nil? end def format_extra_options(options) options.map{ |k, v| "#{k}=#{v}" }.join('&') unless options.nil? end def parse_direct_response(params) delimiter = @options[:delimiter] || ',' direct_response = {'raw' => params} direct_response_fields = params.split(delimiter) direct_response.merge( { 'response_code' => direct_response_fields[0], 'response_subcode' => direct_response_fields[1], 'response_reason_code' => direct_response_fields[2], 'message' => direct_response_fields[3], 'approval_code' => direct_response_fields[4], 'avs_response' => direct_response_fields[5], 'transaction_id' => direct_response_fields[6], 'invoice_number' => direct_response_fields[7], 'order_description' => direct_response_fields[8], 'amount' => direct_response_fields[9], 'method' => direct_response_fields[10], 'transaction_type' => direct_response_fields[11], 'customer_id' => direct_response_fields[12], 'first_name' => direct_response_fields[13], 'last_name' => direct_response_fields[14], 'company' => direct_response_fields[15], 'address' => direct_response_fields[16], 'city' => direct_response_fields[17], 'state' => direct_response_fields[18], 'zip_code' => direct_response_fields[19], 'country' => direct_response_fields[20], 'phone' => direct_response_fields[21], 'fax' => direct_response_fields[22], 'email_address' => direct_response_fields[23], 'ship_to_first_name' => direct_response_fields[24], 'ship_to_last_name' => direct_response_fields[25], 'ship_to_company' => direct_response_fields[26], 'ship_to_address' => direct_response_fields[27], 'ship_to_city' => direct_response_fields[28], 'ship_to_state' => direct_response_fields[29], 'ship_to_zip_code' => direct_response_fields[30], 'ship_to_country' => direct_response_fields[31], 'tax' => direct_response_fields[32], 'duty' => direct_response_fields[33], 'freight' => direct_response_fields[34], 'tax_exempt' => direct_response_fields[35], 'purchase_order_number' => direct_response_fields[36], 'md5_hash' => direct_response_fields[37], 'card_code' => direct_response_fields[38], 'cardholder_authentication_verification_response' => direct_response_fields[39], # The following direct response fields are only available in version 3.1 of the # transaction response. Check your merchant account settings for details. 'account_number' => direct_response_fields[50] || '', 'card_type' => direct_response_fields[51] || '', 'split_tender_id' => direct_response_fields[52] || '', 'requested_amount' => direct_response_fields[53] || '', 'balance_on_card' => direct_response_fields[54] || '', } ) end def parse(action, xml) xml = REXML::Document.new(xml) root = REXML::XPath.first(xml, "//#{CIM_ACTIONS[action]}Response") || REXML::XPath.first(xml, "//ErrorResponse") if root response = parse_element(root) end response end def parse_element(node) if node.has_elements? response = {} node.elements.each{ |e| key = e.name.underscore value = parse_element(e) if response.has_key?(key) if response[key].is_a?(Array) response[key].push(value) else response[key] = [response[key], value] end else response[key] = parse_element(e) end } else response = node.text end response end end end end