require 'nokogiri'
module ActiveMerchant #:nodoc:
module Billing #:nodoc:
# Public: This gateway allows you to interact with any gateway you've
# created in Spreedly (https://spreedly.com). It's an adapter which can be
# particularly useful if you already have code interacting with
# ActiveMerchant and want to easily take advantage of Spreedly's vault.
class SpreedlyCoreGateway < Gateway
SUCCESS_CODE = 200
SOFT_DECLINE_CODES = [401, 402, 408, 415, 422].freeze
self.live_url = 'https://core.spreedly.com/v1'
self.supported_countries = %w(AD AE AT AU BD BE BG BN CA CH CY CZ DE DK EE EG ES FI FR GB
GI GR HK HU ID IE IL IM IN IS IT JO KW LB LI LK LT LU LV MC
MT MU MV MX MY NL NO NZ OM PH PL PT QA RO SA SE SG SI SK SM
TR TT UM US VA VN ZA)
self.supported_cardtypes = %i[visa master american_express discover]
self.homepage_url = 'https://spreedly.com'
self.display_name = 'Spreedly'
self.money_format = :cents
self.default_currency = 'USD'
# Public: Create a new Spreedly gateway.
#
# options - A hash of options:
# :login - The environment key.
# :password - The access secret.
# :gateway_token - The token of the gateway you've created in
# Spreedly.
def initialize(options = {})
requires!(options, :login, :password, :gateway_token)
super
end
# Public: Run a purchase transaction.
#
# money - The monetary amount of the transaction in cents.
# payment_method - The CreditCard or Check or the Spreedly payment method token.
# options - A hash of options:
# :store - Retain the payment method if the purchase
# succeeds. Defaults to false. (optional)
def purchase(money, payment_method, options = {})
request = build_transaction_request(money, payment_method, options)
commit("gateways/#{options[:gateway_token] || @options[:gateway_token]}/purchase.xml", request)
end
# Public: Run an authorize transaction.
#
# money - The monetary amount of the transaction in cents.
# payment_method - The CreditCard or the Spreedly payment method token.
# options - A hash of options:
# :store - Retain the payment method if the authorize
# succeeds. Defaults to false. (optional)
def authorize(money, payment_method, options = {})
request = build_transaction_request(money, payment_method, options)
commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
end
def capture(money, authorization, options = {})
request = build_xml_request('transaction') do |doc|
add_invoice(doc, money, options)
end
commit("transactions/#{authorization}/capture.xml", request)
end
def refund(money, authorization, options = {})
request = build_xml_request('transaction') do |doc|
add_invoice(doc, money, options)
add_extra_options(:gateway_specific_fields, doc, options)
end
commit("transactions/#{authorization}/credit.xml", request)
end
def void(authorization, options = {})
commit("transactions/#{authorization}/void.xml", '')
end
# Public: Determine whether a credit card is chargeable card and available for purchases.
#
# payment_method - The CreditCard or the Spreedly payment method token.
# options - A hash of options:
# :store - Retain the payment method if the verify
# succeeds. Defaults to false. (optional)
def verify(payment_method, options = {})
if payment_method.is_a?(String)
verify_with_token(payment_method, options)
else
MultiResponse.run do |r|
r.process { save_card(options[:store], payment_method, options) }
r.process { verify_with_token(r.authorization, options) }
end
end
end
# Public: Store a credit card in the Spreedly vault and retain it.
#
# credit_card - The CreditCard to store
# options - A standard ActiveMerchant options hash
def store(credit_card, options = {})
retain = true
save_card(retain, credit_card, options)
end
# Public: Redact the CreditCard in Spreedly. This wipes the sensitive
# payment information from the card.
#
# credit_card - The CreditCard to store
# options - A standard ActiveMerchant options hash
def unstore(authorization, options = {})
commit("payment_methods/#{authorization}/redact.xml", '', :put)
end
# Public: Get the transaction with the given token.
def find(transaction_token)
commit("transactions/#{transaction_token}.xml", nil, :get)
end
alias status find
def supports_scrubbing?
true
end
def scrub(transcript)
transcript.
gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
gsub(%r(().+()), '\1[FILTERED]\2').
gsub(%r(().+()), '\1[FILTERED]\2').
gsub(%r(().+()), '\1[FILTERED]\2')
end
private
def save_card(retain, credit_card, options)
request = build_xml_request('payment_method') do |doc|
add_credit_card(doc, credit_card, options)
add_extra_options(:data, doc, options)
doc.retained(true) if retain
end
commit('payment_methods.xml', request, :post, :payment_method_token)
end
def purchase_with_token(money, payment_method_token, options)
request = build_transaction_request(money, payment_method_token, options)
commit("gateways/#{options[:gateway_token] || @options[:gateway_token]}/purchase.xml", request)
end
def authorize_with_token(money, payment_method_token, options)
request = build_transaction_request(money, payment_method_token, options)
commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
end
def verify_with_token(payment_method_token, options)
request = build_transaction_request(nil, payment_method_token, options)
commit("gateways/#{@options[:gateway_token]}/verify.xml", request)
end
def build_transaction_request(money, payment_method, options)
build_xml_request('transaction') do |doc|
add_invoice(doc, money, options)
add_payment_method(doc, payment_method, options)
add_extra_options(:gateway_specific_fields, doc, options)
end
end
def add_invoice(doc, money, options)
doc.amount amount(money) unless money.nil?
doc.currency_code(options[:currency] || currency(money) || default_currency)
doc.order_id(options[:order_id])
doc.ip(options[:ip]) if options[:ip]
doc.description(options[:description]) if options[:description]
doc.merchant_name_descriptor(options[:merchant_name_descriptor]) if options[:merchant_name_descriptor]
doc.merchant_location_descriptor(options[:merchant_location_descriptor]) if options[:merchant_location_descriptor]
end
def add_payment_method(doc, payment_method, options)
doc.retain_on_success(true) if options[:store]
if payment_method.is_a?(String)
doc.payment_method_token(payment_method)
elsif payment_method.is_a?(CreditCard)
add_credit_card(doc, payment_method, options)
elsif payment_method.is_a?(Check)
add_bank_account(doc, payment_method, options)
end
end
def add_credit_card(doc, credit_card, options)
doc.credit_card do
doc.number(credit_card.number)
doc.verification_value(credit_card.verification_value)
doc.first_name(credit_card.first_name)
doc.last_name(credit_card.last_name)
doc.month(credit_card.month)
doc.year(format(credit_card.year, :four_digits_year))
doc.email(options[:email])
doc.address1(options[:billing_address].try(:[], :address1))
doc.address2(options[:billing_address].try(:[], :address2))
doc.city(options[:billing_address].try(:[], :city))
doc.state(options[:billing_address].try(:[], :state))
doc.zip(options[:billing_address].try(:[], :zip))
doc.country(options[:billing_address].try(:[], :country))
doc.phone_number(options[:billing_address].try(:[], :phone))
doc.shipping_address1(options[:shiping_address].try(:[], :address1))
doc.shipping_address2(options[:shiping_address].try(:[], :address2))
doc.shipping_city(options[:shiping_address].try(:[], :city))
doc.shipping_state(options[:shiping_address].try(:[], :state))
doc.shipping_zip(options[:shiping_address].try(:[], :zip))
doc.shipping_country(options[:shiping_address].try(:[], :country))
doc.shipping_phone_number(options[:shiping_address].try(:[], :phone))
end
end
def add_bank_account(doc, bank_account, options)
doc.bank_account do
doc.first_name(bank_account.first_name)
doc.last_name(bank_account.last_name)
doc.bank_routing_number(bank_account.routing_number)
doc.bank_account_number(bank_account.account_number)
doc.bank_account_type(bank_account.account_type)
doc.bank_account_holder_type(bank_account.account_holder_type)
end
end
def add_extra_options(type, doc, options)
doc.send(type) do
extra_options_to_doc(doc, options[type])
end
end
def extra_options_to_doc(doc, value)
return doc.text value unless value.kind_of? Hash
value.each do |k, v|
doc.send(k) do
extra_options_to_doc(doc, v)
end
end
end
def parse(xml)
response = {}
doc = Nokogiri::XML(xml)
doc.root.xpath('*').each do |node|
if node.elements.empty?
response[node.name.downcase.to_sym] = node.text
else
node.elements.each do |childnode|
childnode_to_response(response, node, childnode)
end
end
end
response
end
def childnode_to_response(response, node, childnode)
node_name = node.name.downcase
childnode_name = childnode.name.downcase
composed_name = "#{node_name}_#{childnode_name}"
childnodes_present = !childnode.elements.empty?
if childnodes_present && composed_name == 'payment_method_data'
response[composed_name.to_sym] = Hash.from_xml(childnode.to_s).values.first
elsif childnodes_present && node_name == 'gateway_specific_response_fields'
response[node_name.to_sym] = {
childnode_name => Hash.from_xml(childnode.to_s).values.first
}
else
response[composed_name.to_sym] = childnode.text
end
end
def build_xml_request(root)
builder = Nokogiri::XML::Builder.new
builder.__send__(root) do |doc|
yield(doc)
end
builder.to_xml
end
def commit(relative_url, request, method = :post, authorization_field = :token)
begin
raw_response = ssl_request(method, request_url(relative_url), request, headers)
rescue ResponseError => e
raw_response = e.response.body
end
response_from(raw_response, authorization_field, request, relative_url)
end
def response_from(raw_response, authorization_field, request_body, relative_url)
parsed = parse(raw_response)
options = {
authorization: parsed[authorization_field],
test: (parsed[:on_test_gateway] == 'true'),
avs_result: { code: parsed[:response_avs_code] },
cvv_result: parsed[:response_cvv_code],
response_type: response_type(@response_http_code.to_i),
response_http_code: @response_http_code,
request_endpoint: request_url(relative_url),
request_method: :post,
request_body:
}
Response.new(parsed[:succeeded] == 'true', parsed[:message] || parsed[:error], parsed, options)
end
def headers
{
'Authorization' => ('Basic ' + Base64.strict_encode64("#{@options[:login]}:#{@options[:password]}").chomp),
'Content-Type' => 'text/xml'
}
end
def request_url(relative_url)
"#{live_url}/#{relative_url}"
end
def handle_response(response)
@response_http_code = response.code.to_i
case @response_http_code
when 200...300
response.body
else
raise ResponseError.new(response)
end
end
def response_type(code)
if code == SUCCESS_CODE
0
elsif SOFT_DECLINE_CODES.include?(code)
1
else
2
end
end
end
end
end