lib/active_merchant/billing/gateways/authorize_net_cim.rb
# -*- coding: utf-8 -*-
module ActiveMerchant #:nodoc:
module Billing #:nodoc:
# ==== Customer Information Manager (CIM)
#
# The Authorize.Net Customer Information Manager (CIM) is an optional additional service that allows you to store sensitive payment information on
# Authorize.Net's servers, simplifying payments for returning customers and recurring transactions. It can also help with Payment Card Industry (PCI)
# Data Security Standard compliance, since customer data is no longer stored locally.
#
# To use the AuthorizeNetCimGateway CIM must be enabled for your account.
#
# Information about CIM is available on the {Authorize.Net website}[http://www.authorize.net/solutions/merchantsolutions/merchantservices/cim/].
# Information about the CIM API is available at the {Authorize.Net Integration Center}[http://developer.authorize.net/]
#
# ==== Login and Password
#
# The login and password are not the username and password you use to
# login to the Authorize.Net Merchant Interface. Instead, you will
# use the API Login ID as the login and Transaction Key as the
# password.
#
# ==== How to Get Your API Login ID and Transaction Key
#
# 1. Log into the Merchant Interface
# 2. Select Settings from the Main Menu
# 3. Click on API Login ID and Transaction Key in the Security section
# 4. Type in the answer to the secret question configured on setup
# 5. Click Submit
class AuthorizeNetCimGateway < Gateway
self.test_url = 'https://apitest.authorize.net/xml/v1/request.api'
self.live_url = 'https://api2.authorize.net/xml/v1/request.api'
AUTHORIZE_NET_CIM_NAMESPACE = 'AnetApi/xml/v1/schema/AnetApiSchema.xsd'
CIM_ACTIONS = {
create_customer_profile: 'createCustomerProfile',
create_customer_payment_profile: 'createCustomerPaymentProfile',
create_customer_shipping_address: 'createCustomerShippingAddress',
get_customer_profile: 'getCustomerProfile',
get_customer_profile_ids: 'getCustomerProfileIds',
get_customer_payment_profile: 'getCustomerPaymentProfile',
get_customer_shipping_address: 'getCustomerShippingAddress',
delete_customer_profile: 'deleteCustomerProfile',
delete_customer_payment_profile: 'deleteCustomerPaymentProfile',
delete_customer_shipping_address: 'deleteCustomerShippingAddress',
update_customer_profile: 'updateCustomerProfile',
update_customer_payment_profile: 'updateCustomerPaymentProfile',
update_customer_shipping_address: 'updateCustomerShippingAddress',
create_customer_profile_transaction: 'createCustomerProfileTransaction',
validate_customer_payment_profile: 'validateCustomerPaymentProfile'
}
CIM_TRANSACTION_TYPES = {
auth_capture: 'profileTransAuthCapture',
auth_only: 'profileTransAuthOnly',
capture_only: 'profileTransCaptureOnly',
prior_auth_capture: 'profileTransPriorAuthCapture',
refund: 'profileTransRefund',
void: 'profileTransVoid'
}
CIM_VALIDATION_MODES = {
none: 'none',
test: 'testMode',
live: 'liveMode',
old: 'oldLiveMode'
}
BANK_ACCOUNT_TYPES = {
checking: 'checking',
savings: 'savings',
business_checking: 'businessChecking'
}
ECHECK_TYPES = {
ccd: 'CCD',
ppd: 'PPD',
web: 'WEB'
}
self.homepage_url = 'http://www.authorize.net/'
self.display_name = 'Authorize.Net CIM'
self.supported_countries = ['US']
self.supported_cardtypes = %i[visa master american_express discover]
# Creates a new AuthorizeNetCimGateway
#
# The gateway requires that a valid API Login ID and Transaction Key be passed
# in the +options+ hash.
#
# ==== Options
#
# * <tt>:login</tt> -- The Authorize.Net API Login ID (REQUIRED)
# * <tt>:password</tt> -- The Authorize.Net Transaction Key. (REQUIRED)
# * <tt>:test</tt> -- +true+ or +false+. If true, perform transactions against the test server.
# Otherwise, perform transactions against the production server.
# * <tt>:test_requests</tt> -- +true+ or +false+. If true, perform transactions without the
# test flag. This is useful when you need to generate card declines, AVS or CVV errors.
# Will hold the same value as :test by default.
# * <tt>:delimiter</tt> -- The delimiter used in the direct response. Default is ',' (comma).
def initialize(options = {})
requires!(options, :login, :password)
super
@options[:test_requests] = test? if @options[:test_requests].nil?
end
# Creates a new customer profile along with any customer payment profiles and customer shipping addresses
# for the customer profile.
#
# Returns a Response with the Customer Profile ID of the new customer profile in the authorization field.
# It is *CRITICAL* that you save this ID. There is no way to retrieve this through the API. You will not
# be able to create another Customer Profile with the same information.
#
#
#
# ==== Options
#
# * <tt>:profile</tt> -- A hash containing at least one of the CONDITIONAL profile options below (REQUIRED)
#
# ==== Profile
#
# * <tt>:email</tt> -- Email address associated with the customer profile (CONDITIONAL)
# * <tt>:description</tt> -- Description of the customer or customer profile (CONDITIONAL)
# * <tt>:merchant_customer_id</tt> -- Merchant assigned ID for the customer (CONDITIONAL)
# * <tt>:payment_profile</tt> -- A hash containing the elements of the new payment profile (optional)
#
# ==== Payment Profile
#
# * <tt>:payment</tt> -- A hash containing information on payment. Either :credit_card or :bank_account (optional)
def create_customer_profile(options)
requires!(options, :profile)
requires!(options[:profile], :email) unless options[:profile][:merchant_customer_id] || options[:profile][:description]
requires!(options[:profile], :description) unless options[:profile][:email] || options[:profile][:merchant_customer_id]
requires!(options[:profile], :merchant_customer_id) unless options[:profile][:description] || options[:profile][:email]
request = build_request(:create_customer_profile, options)
commit(:create_customer_profile, request)
end
# Creates a new customer payment profile for an existing customer profile.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer the payment profile will be added to. (REQUIRED)
# * <tt>:payment_profile</tt> -- A hash containing the elements of the new payment profile (REQUIRED)
#
# ==== Payment Profile
#
# * <tt>:payment</tt> -- A hash containing information on payment. Either :credit_card or :bank_account (REQUIRED)
def create_customer_payment_profile(options)
requires!(options, :customer_profile_id)
requires!(options, :payment_profile)
requires!(options[:payment_profile], :payment)
request = build_request(:create_customer_payment_profile, options)
commit(:create_customer_payment_profile, request)
end
# Creates a new customer shipping address for an existing customer profile.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer the payment profile will be added to. (REQUIRED)
# * <tt>:address</tt> -- A hash containing the elements of the shipping address (REQUIRED)
def create_customer_shipping_address(options)
requires!(options, :customer_profile_id)
requires!(options, :address)
request = build_request(:create_customer_shipping_address, options)
commit(:create_customer_shipping_address, request)
end
# Deletes an existing customer profile along with all associated customer payment profiles and customer shipping addresses.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer to be deleted. (REQUIRED)
def delete_customer_profile(options)
requires!(options, :customer_profile_id)
request = build_request(:delete_customer_profile, options)
commit(:delete_customer_profile, request)
end
# Deletes a customer payment profile from an existing customer profile.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer with the payment profile to be deleted. (REQUIRED)
# * <tt>:customer_payment_profile_id</tt> -- The Payment Profile ID of the payment profile to be deleted. (REQUIRED)
def delete_customer_payment_profile(options)
requires!(options, :customer_profile_id)
requires!(options, :customer_payment_profile_id)
request = build_request(:delete_customer_payment_profile, options)
commit(:delete_customer_payment_profile, request)
end
# Deletes a customer shipping address from an existing customer profile.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer with the payment profile to be deleted. (REQUIRED)
# * <tt>:customer_address_id</tt> -- The Shipping Address ID of the shipping address to be deleted. (REQUIRED)
def delete_customer_shipping_address(options)
requires!(options, :customer_profile_id)
requires!(options, :customer_address_id)
request = build_request(:delete_customer_shipping_address, options)
commit(:delete_customer_shipping_address, request)
end
# Retrieves an existing customer profile along with all the associated customer payment profiles and customer shipping addresses.
#
# Returns a Response whose params hash contains all the profile information.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer to retrieve. (REQUIRED)
def get_customer_profile(options)
requires!(options, :customer_profile_id)
request = build_request(:get_customer_profile, options)
commit(:get_customer_profile, request)
end
def get_customer_profile_ids(options = {})
request = build_request(:get_customer_profile_ids, options)
commit(:get_customer_profile_ids, request)
end
# Retrieve a customer payment profile for an existing customer profile.
#
# Returns a Response whose params hash contains all the payment profile information. Sensitive information such as credit card
# numbers will be masked.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer with the payment profile to be retrieved. (REQUIRED)
# * <tt>:customer_payment_profile_id</tt> -- The Payment Profile ID of the payment profile to be retrieved. (REQUIRED)
def get_customer_payment_profile(options)
requires!(options, :customer_profile_id)
requires!(options, :customer_payment_profile_id)
request = build_request(:get_customer_payment_profile, options)
commit(:get_customer_payment_profile, request)
end
# Retrieve a customer shipping address for an existing customer profile.
#
# Returns a Response whose params hash contains all the shipping address information.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer with the payment profile to be retrieved. (REQUIRED)
# * <tt>:customer_address_id</tt> -- The Shipping Address ID of the shipping address to be retrieved. (REQUIRED)
def get_customer_shipping_address(options)
requires!(options, :customer_profile_id)
requires!(options, :customer_address_id)
request = build_request(:get_customer_shipping_address, options)
commit(:get_customer_shipping_address, request)
end
# Updates an existing customer profile.
#
# Warning: if you do not provide a parameter in the <tt>:payment_profile</tt> hash, it is automatically set to nil at
# Authorize.Net. You will most likely want to first get the profile hash using get_customer_profile and then only change the
# elements you wish to change.
#
# ==== Options
#
# * <tt>:profile</tt> -- A hash containing the values the Customer Profile should be updated to. (REQUIRED)
#
# ==== Profile
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer profile to update. (REQUIRED)
def update_customer_profile(options)
requires!(options, :profile)
requires!(options[:profile], :customer_profile_id)
request = build_request(:update_customer_profile, options)
commit(:update_customer_profile, request)
end
# Updates a customer payment profile for an existing customer profile.
#
# Warning: if you do not provide a parameter in the <tt>:payment_profile</tt> hash, it is automatically set to nil at
# Authorize.Net. You will most likely want to first get the profile hash using get_customer_payment_profile and then only
# change the elements you wish to change.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer with the payment profile to be updated. (REQUIRED)
# * <tt>:payment_profile</tt> -- A hash containing the values the Customer Payment Profile should be updated to. (REQUIRED)
#
# ==== Payment Profile
#
# * <tt>:customer_payment_profile_id</tt> -- The Customer Payment Profile ID of the Customer Payment Profile to update. (REQUIRED)
def update_customer_payment_profile(options)
requires!(options, :customer_profile_id, :payment_profile)
requires!(options[:payment_profile], :customer_payment_profile_id)
request = build_request(:update_customer_payment_profile, options)
commit(:update_customer_payment_profile, request)
end
# Updates a customer shipping address for an existing customer profile.
#
# Warning: if you do not provide a parameter in the <tt>:address</tt> hash, it is automatically set to nil at
# Authorize.Net. You will most likely want to first get the profile hash using get_customer_shipping_address and then only
# change the elements you wish to change.
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer with the payment profile to be updated. (REQUIRED)
# * <tt>:address</tt> -- A hash containing the values the Customer Shipping Address should be updated to. (REQUIRED)
#
# ==== Address
#
# * <tt>:customer_address_id</tt> -- The Customer Address ID of the Customer Payment Profile to update. (REQUIRED)
def update_customer_shipping_address(options)
requires!(options, :customer_profile_id, :address)
requires!(options[:address], :customer_address_id)
request = build_request(:update_customer_shipping_address, options)
commit(:update_customer_shipping_address, request)
end
# Creates a new payment transaction from an existing customer profile
#
# This is what is used to charge a customer whose information you have stored in a Customer Profile.
#
# Returns a Response object that contains the result of the transaction in <tt>params['direct_response']</tt>
#
# ==== Options
#
# * <tt>:transaction</tt> -- A hash containing information on the transaction that is being requested. (REQUIRED)
#
# ==== Transaction
#
# * <tt>:type</tt> -- The type of transaction. Can be either <tt>:auth_only</tt>, <tt>:capture_only</tt>, <tt>:auth_capture</tt>, <tt>:prior_auth_capture</tt>, <tt>:refund</tt> or <tt>:void</tt>. (REQUIRED)
# * <tt>:amount</tt> -- The amount for the transaction. Formatted with a decimal. For example "4.95" (CONDITIONAL)
# - :type == :void (NOT USED)
# - :type == :refund (OPTIONAL)
# - :type == (:auth_only, :capture_only, :auth_capture, :prior_auth_capture) (REQUIRED)
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer to use in this transaction. (CONDITIONAL)
# - :type == (:void, :prior_auth_capture) (OPTIONAL)
# - :type == :refund (CONDITIONAL - required if masked information is not being submitted [see below])
# - :type == (:auth_only, :capture_only, :auth_capture) (REQUIRED)
#
# * <tt>:customer_payment_profile_id</tt> -- The Customer Payment Profile ID of the Customer Payment Profile to use in this transaction. (CONDITIONAL)
# - :type == (:void, :prior_auth_capture) (OPTIONAL)
# - :type == :refund (CONDITIONAL - required if masked information is not being submitted [see below])
# - :type == (:auth_only, :capture_only, :auth_capture) (REQUIRED)
#
# * <tt>:trans_id</tt> -- The payment gateway assigned transaction ID of the original transaction (CONDITIONAL):
# - :type = (:void, :refund, :prior_auth_capture) (REQUIRED)
# - :type = (:auth_only, :capture_only, :auth_capture) (NOT USED)
#
# * <tt>:card_code</tt> -- CVV/CCV code (OPTIONAL)
# - :type = (:void, :refund, :prior_auth_capture) (NOT USED)
# - :type = (:auth_only, :capture_only, :auth_capture) (OPTIONAL)
#
# * <tt>:recurring_billing</tt> -- The recurring billing status (OPTIONAL)
# - :type = (:void, :refund, :prior_auth_capture) (NOT USED)
# - :type = (:auth_only, :capture_only, :auth_capture) (OPTIONAL)
#
# * <tt>:customer_shipping_address_id</tt> -- Payment gateway assigned ID associated with the customer shipping address (CONDITIONAL)
# - :type = (:void, :refund) (OPTIONAL)
# - :type = (:auth_only, :capture_only, :auth_capture) (NOT USED)
# - :type = (:prior_auth_capture) (OPTIONAL)
#
# ==== For :type == :refund only
# * <tt>:credit_card_number_masked</tt> -- (CONDITIONAL - required for credit card refunds if :customer_profile_id AND :customer_payment_profile_id are missing)
# * <tt>:bank_routing_number_masked && :bank_account_number_masked</tt> -- (CONDITIONAL - required for electronic check refunds if :customer_profile_id AND :customer_payment_profile_id are missing) (NOT ABLE TO TEST - I keep getting "ACH transactions are not accepted by this merchant." when trying to make a payment and, until that's possible I can't refund (wiseleyb@gmail.com))
def create_customer_profile_transaction(options)
requires!(options, :transaction)
requires!(options[:transaction], :type)
case options[:transaction][:type]
when :void
requires!(options[:transaction], :trans_id)
when :refund
requires!(options[:transaction], :trans_id) &&
(
(options[:transaction][:customer_profile_id] && options[:transaction][:customer_payment_profile_id]) ||
options[:transaction][:credit_card_number_masked] ||
(options[:transaction][:bank_routing_number_masked] && options[:transaction][:bank_account_number_masked])
)
when :prior_auth_capture
requires!(options[:transaction], :amount, :trans_id)
else
requires!(options[:transaction], :amount, :customer_profile_id, :customer_payment_profile_id)
end
request = build_request(:create_customer_profile_transaction, options)
commit(:create_customer_profile_transaction, request)
end
# Creates a new payment transaction for refund from an existing customer profile
#
# This is what is used to refund a transaction you have stored in a Customer Profile.
#
# Returns a Response object that contains the result of the transaction in <tt>params['direct_response']</tt>
#
# ==== Options
#
# * <tt>:transaction</tt> -- A hash containing information on the transaction that is being requested. (REQUIRED)
#
# ==== Transaction
#
# * <tt>:amount</tt> -- The total amount to be refunded (REQUIRED)
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer to use in this transaction. (CONDITIONAL :customer_payment_profile_id must be included if used)
# * <tt>:customer_payment_profile_id</tt> -- The Customer Payment Profile ID of the Customer Payment Profile to use in this transaction. (CONDITIONAL :customer_profile_id must be included if used)
#
# * <tt>:credit_card_number_masked</tt> -- Four Xs followed by the last four digits of the credit card (CONDITIONAL - used if customer_profile_id and customer_payment_profile_id aren't given)
#
# * <tt>:bank_routing_number_masked</tt> -- The last four digits of the routing number to be refunded (CONDITIONAL - must be used with :bank_account_number_masked)
# * <tt>:bank_account_number_masked</tt> -- The last four digits of the bank account number to be refunded, Ex. XXXX1234 (CONDITIONAL - must be used with :bank_routing_number_masked)
#
# * <tt>:tax</tt> - A hash containing tax information for the refund (OPTIONAL - <tt>:amount</tt>, <tt>:name</tt> (31 characters), <tt>:description</tt> (255 characters))
# * <tt>:duty</tt> - A hash containing duty information for the refund (OPTIONAL - <tt>:amount</tt>, <tt>:name</tt> (31 characters), <tt>:description</tt> (255 characters))
# * <tt>:shipping</tt> - A hash containing shipping information for the refund (OPTIONAL - <tt>:amount</tt>, <tt>:name</tt> (31 characters), <tt>:description</tt> (255 characters))
def create_customer_profile_transaction_for_refund(options)
requires!(options, :transaction)
options[:transaction][:type] = :refund
requires!(options[:transaction], :trans_id)
requires!(options[:transaction], :amount)
request = build_request(:create_customer_profile_transaction, options)
commit(:create_customer_profile_transaction, request)
end
# Creates a new payment transaction for void from an existing customer profile
#
# This is what is used to void a transaction you have stored in a Customer Profile.
#
# Returns a Response object that contains the result of the transaction in <tt>params['direct_response']</tt>
#
# ==== Options
#
# * <tt>:transaction</tt> -- A hash containing information on the transaction that is being requested. (REQUIRED)
#
# ==== Transaction
#
# * <tt>:trans_id</tt> -- The payment gateway assigned transaction id of the original transaction. (REQUIRED)
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer to use in this transaction.
# * <tt>:customer_payment_profile_id</tt> -- The Customer Payment Profile ID of the Customer Payment Profile to use in this transaction.
# * <tt>:customer_shipping_address_id</tt> -- Payment gateway assigned ID associated with the customer shipping address.
def create_customer_profile_transaction_for_void(options)
requires!(options, :transaction)
options[:transaction][:type] = :void
requires!(options[:transaction], :trans_id)
request = build_request(:create_customer_profile_transaction, options)
commit(:create_customer_profile_transaction, request)
end
# Verifies an existing customer payment profile by generating a test transaction
#
# Returns a Response object that contains the result of the transaction in <tt>params['direct_response']</tt>
#
# ==== Options
#
# * <tt>:customer_profile_id</tt> -- The Customer Profile ID of the customer to use in this transaction. (REQUIRED)
# * <tt>:customer_payment_profile_id</tt> -- The Customer Payment Profile ID of the Customer Payment Profile to be verified. (REQUIRED)
# * <tt>:customer_address_id</tt> -- The Customer Address ID of the Customer Shipping Address to be verified. (OPTIONAL)
# * <tt>:card_code</tt> -- If the payment profile is a credit card, the CCV/CVV code to validate with (OPTIONAL)
# * <tt>:validation_mode</tt> -- <tt>:live</tt> or <tt>:test</tt> In Test Mode, only field validation is performed. (REQUIRED
# In Live Mode, a transaction is generated and submitted to the processor with the amount of $0.01. If successful, the transaction is immediately voided. (REQUIRED)
def validate_customer_payment_profile(options)
requires!(options, :customer_profile_id, :customer_payment_profile_id, :validation_mode)
request = build_request(:validate_customer_payment_profile, options)
commit(:validate_customer_payment_profile, request)
end
private
def expdate(credit_card)
if credit_card.year.present? && credit_card.month.present?
sprintf('%04d-%02d', credit_card.year, credit_card.month)
else
'XXXX'
end
end
def build_request(action, options = {})
raise StandardError, "Invalid Customer Information Manager Action: #{action}" unless CIM_ACTIONS.include?(action)
xml = Builder::XmlMarkup.new(indent: 2)
xml.instruct!(:xml, version: '1.0', encoding: 'utf-8')
xml.tag!("#{CIM_ACTIONS[action]}Request", xmlns: AUTHORIZE_NET_CIM_NAMESPACE) do
add_merchant_authentication(xml)
# Merchant-assigned reference ID for the request
xml.tag!('refId', options[:ref_id]) if options[:ref_id]
# Order options
add_order(xml, options[:order]) if options[:order]
send("build_#{action}_request", xml, options)
end
end
# Contains the merchant’s payment gateway account authentication information
def add_merchant_authentication(xml)
xml.tag!('merchantAuthentication') do
xml.tag!('name', @options[:login])
xml.tag!('transactionKey', @options[:password])
end
end
def build_create_customer_profile_request(xml, options)
add_profile(xml, options[:profile])
xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode]
if options.has_key?(:payment_profile)
xml.tag!('paymentProfile') do
add_payment_profile(xml, options[:payment_profile])
end
end
xml.target!
end
def build_create_customer_payment_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('paymentProfile') do
add_payment_profile(xml, options[:payment_profile])
end
xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode]
xml.target!
end
def build_create_customer_shipping_address_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('address') do
add_address(xml, options[:address])
end
xml.target!
end
def build_delete_customer_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.target!
end
def build_delete_customer_payment_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id])
xml.target!
end
def build_delete_customer_shipping_address_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('customerAddressId', options[:customer_address_id])
xml.target!
end
def build_get_customer_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('unmaskExpirationDate', options[:unmask_expiration_date]) if options[:unmask_expiration_date]
xml.tag!('includeIssuerInfo', options[:include_issuer_info]) if options[:include_issuer_info]
xml.target!
end
def build_get_customer_profile_ids_request(xml, options)
xml.target!
end
def build_get_customer_payment_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id])
xml.tag!('unmaskExpirationDate', options[:unmask_expiration_date]) if options[:unmask_expiration_date]
xml.tag!('includeIssuerInfo', options[:include_issuer_info]) if options[:include_issuer_info]
xml.target!
end
def build_get_customer_shipping_address_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('customerAddressId', options[:customer_address_id])
xml.target!
end
def build_update_customer_profile_request(xml, options)
add_profile(xml, options[:profile], true)
xml.target!
end
def build_update_customer_payment_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('paymentProfile') do
add_payment_profile(xml, options[:payment_profile])
end
xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode]
xml.target!
end
def build_update_customer_shipping_address_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('address') do
add_address(xml, options[:address])
end
xml.target!
end
def build_create_customer_profile_transaction_request(xml, options)
options[:extra_options] ||= {}
options[:extra_options]['x_delim_char'] = @options[:delimiter] if @options[:delimiter]
add_transaction(xml, options[:transaction])
xml.tag!('extraOptions') do
xml.cdata!(format_extra_options(options[:extra_options]))
end unless options[:extra_options].blank?
xml.target!
end
def build_validate_customer_payment_profile_request(xml, options)
xml.tag!('customerProfileId', options[:customer_profile_id])
xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id])
xml.tag!('customerShippingAddressId', options[:customer_address_id]) if options[:customer_address_id]
tag_unless_blank(xml, 'cardCode', options[:card_code])
xml.tag!('validationMode', CIM_VALIDATION_MODES[options[:validation_mode]]) if options[:validation_mode]
xml.target!
end
# :merchant_customer_id (Optional)
# :description (Optional)
# :email (Optional)
# :payment_profiles (Optional)
def add_profile(xml, profile, update = false)
xml.tag!('profile') do
# Merchant assigned ID for the customer. Up to 20 characters. (optional)
xml.tag!('merchantCustomerId', profile[:merchant_customer_id]) if profile[:merchant_customer_id]
# Description of the customer. Up to 255 Characters (optional)
xml.tag!('description', profile[:description]) if profile[:description]
# Email Address for the customer. Up to 255 Characters (optional)
xml.tag!('email', profile[:email]) if profile[:email]
if update
xml.tag!('customerProfileId', profile[:customer_profile_id])
else
add_payment_profiles(xml, profile[:payment_profiles]) if profile[:payment_profiles]
add_ship_to_list(xml, profile[:ship_to_list]) if profile[:ship_to_list]
end
end
end
def add_transaction(xml, transaction)
raise StandardError, "Invalid Customer Information Manager Transaction Type: #{transaction[:type]}" unless CIM_TRANSACTION_TYPES.include?(transaction[:type])
xml.tag!('transaction') do
xml.tag!(CIM_TRANSACTION_TYPES[transaction[:type]]) do
# The amount to be billed to the customer
case transaction[:type]
when :void
tag_unless_blank(xml, 'customerProfileId', transaction[:customer_profile_id])
tag_unless_blank(xml, 'customerPaymentProfileId', transaction[:customer_payment_profile_id])
tag_unless_blank(xml, 'customerShippingAddressId', transaction[:customer_shipping_address_id])
xml.tag!('transId', transaction[:trans_id])
when :refund
xml.tag!('amount', transaction[:amount])
tag_unless_blank(xml, 'customerProfileId', transaction[:customer_profile_id])
tag_unless_blank(xml, 'customerPaymentProfileId', transaction[:customer_payment_profile_id])
tag_unless_blank(xml, 'customerShippingAddressId', transaction[:customer_shipping_address_id])
tag_unless_blank(xml, 'creditCardNumberMasked', transaction[:credit_card_number_masked])
tag_unless_blank(xml, 'bankRoutingNumberMasked', transaction[:bank_routing_number_masked])
tag_unless_blank(xml, 'bankAccountNumberMasked', transaction[:bank_account_number_masked])
add_order(xml, transaction[:order]) if transaction[:order].present?
xml.tag!('transId', transaction[:trans_id])
add_tax(xml, transaction[:tax]) if transaction[:tax]
add_duty(xml, transaction[:duty]) if transaction[:duty]
add_shipping(xml, transaction[:shipping]) if transaction[:shipping]
when :prior_auth_capture
xml.tag!('amount', transaction[:amount])
add_order(xml, transaction[:order]) if transaction[:order].present?
xml.tag!('transId', transaction[:trans_id])
else
xml.tag!('amount', transaction[:amount])
xml.tag!('customerProfileId', transaction[:customer_profile_id])
xml.tag!('customerPaymentProfileId', transaction[:customer_payment_profile_id])
xml.tag!('approvalCode', transaction[:approval_code]) if transaction[:type] == :capture_only
add_order(xml, transaction[:order]) if transaction[:order].present?
end
xml.tag!('recurringBilling', transaction[:recurring_billing]) if %i[auth_capture auth_only capture_only].include?(transaction[:type]) && transaction.has_key?(:recurring_billing)
tag_unless_blank(xml, 'cardCode', transaction[:card_code]) unless %i[void refund prior_auth_capture].include?(transaction[:type])
end
end
end
def add_tax(xml, tax)
xml.tag!('tax') do
xml.tag!('amount', tax[:amount]) if tax[:amount]
xml.tag!('name', tax[:name]) if tax[:name]
xml.tag!('description', tax[:description]) if tax[:description]
end
end
def add_duty(xml, duty)
xml.tag!('duty') do
xml.tag!('amount', duty[:amount]) if duty[:amount]
xml.tag!('name', duty[:name]) if duty[:name]
xml.tag!('description', duty[:description]) if duty[:description]
end
end
def add_shipping(xml, shipping)
xml.tag!('shipping') do
xml.tag!('amount', shipping[:amount]) if shipping[:amount]
xml.tag!('name', shipping[:name]) if shipping[:name]
xml.tag!('description', shipping[:description]) if shipping[:description]
end
end
def add_order(xml, order)
xml.tag!('order') do
xml.tag!('invoiceNumber', order[:invoice_number]) if order[:invoice_number]
xml.tag!('description', order[:description]) if order[:description]
xml.tag!('purchaseOrderNumber', order[:purchase_order_number]) if order[:purchase_order_number]
end
end
def add_payment_profiles(xml, payment_profiles)
xml.tag!('paymentProfiles') do
add_payment_profile(xml, payment_profiles)
end
end
# :customer_type => 'individual or business', # Optional
# :bill_to => @address,
# :payment => @payment
def add_payment_profile(xml, payment_profile)
# 'individual' or 'business' (optional)
xml.tag!('customerType', payment_profile[:customer_type]) if payment_profile[:customer_type]
if payment_profile[:bill_to]
xml.tag!('billTo') do
add_address(xml, payment_profile[:bill_to])
end
end
if payment_profile[:payment]
xml.tag!('payment') do
add_credit_card(xml, payment_profile[:payment][:credit_card]) if payment_profile[:payment].has_key?(:credit_card)
add_bank_account(xml, payment_profile[:payment][:bank_account]) if payment_profile[:payment].has_key?(:bank_account)
add_drivers_license(xml, payment_profile[:payment][:drivers_license]) if payment_profile[:payment].has_key?(:drivers_license)
# This element is only required for Wells Fargo SecureSource eCheck.Net merchants
# The customer's Social Security Number or Tax ID
xml.tag!('taxId', payment_profile[:payment]) if payment_profile[:payment].has_key?(:tax_id)
end
end
xml.tag!('customerPaymentProfileId', payment_profile[:customer_payment_profile_id]) if payment_profile[:customer_payment_profile_id]
end
def add_ship_to_list(xml, ship_to_list)
xml.tag!('shipToList') do
add_address(xml, ship_to_list)
end
end
def add_address(xml, address)
xml.tag!('firstName', address[:first_name])
xml.tag!('lastName', address[:last_name])
xml.tag!('company', address[:company])
xml.tag!('address', address[:address1]) if address[:address1]
xml.tag!('address', address[:address]) if address[:address]
xml.tag!('city', address[:city])
xml.tag!('state', address[:state])
xml.tag!('zip', address[:zip])
xml.tag!('country', address[:country])
xml.tag!('phoneNumber', address[:phone_number]) if address[:phone_number]
xml.tag!('faxNumber', address[:fax_number]) if address[:fax_number]
xml.tag!('customerAddressId', address[:customer_address_id]) if address[:customer_address_id]
end
# Adds customer’s credit card information
# Note: This element should only be included
# when the payment method is credit card.
def add_credit_card(xml, credit_card)
return unless credit_card
xml.tag!('creditCard') do
# The credit card number used for payment of the subscription
xml.tag!('cardNumber', full_or_masked_card_number(credit_card.number))
# The expiration date of the credit card used for the subscription
xml.tag!('expirationDate', expdate(credit_card))
# Note that Authorize.net does not save CVV codes as part of the
# payment profile. Any transactions/validations after the payment
# profile is created that wish to use CVV verification must pass
# the CVV code to authorize.net again.
xml.tag!('cardCode', credit_card.verification_value) if credit_card.verification_value?
end
end
# Adds customer’s bank account information
# Note: This element should only be included
# when the payment method is bank account.
def add_bank_account(xml, bank_account)
raise StandardError, "Invalid Bank Account Type: #{bank_account[:account_type]}" unless BANK_ACCOUNT_TYPES.include?(bank_account[:account_type])
raise StandardError, "Invalid eCheck Type: #{bank_account[:echeck_type]}" unless ECHECK_TYPES.include?(bank_account[:echeck_type])
xml.tag!('bankAccount') do
# The type of bank account
xml.tag!('accountType', BANK_ACCOUNT_TYPES[bank_account[:account_type]])
# The routing number of the customer’s bank
xml.tag!('routingNumber', bank_account[:routing_number])
# The bank account number
xml.tag!('accountNumber', bank_account[:account_number])
# The full name of the individual associated
# with the bank account number
xml.tag!('nameOnAccount', bank_account[:name_on_account])
# The type of electronic check transaction
xml.tag!('echeckType', ECHECK_TYPES[bank_account[:echeck_type]])
# The full name of the individual associated
# with the bank account number (optional)
xml.tag!('bankName', bank_account[:bank_name]) if bank_account[:bank_name]
end
end
# Adds customer’s driver's license information
# Note: This element is only required for
# Wells Fargo SecureSource eCheck.Net merchants
def add_drivers_license(xml, drivers_license)
xml.tag!('driversLicense') do
# The state of the customer's driver's license
# A valid two character state code
xml.tag!('state', drivers_license[:state])
# The customer’s driver's license number
xml.tag!('number', drivers_license[:number])
# The date of birth listed on the customer's driver's license
# YYYY-MM-DD
xml.tag!('dateOfBirth', drivers_license[:date_of_birth])
end
end
def commit(action, request)
url = test? ? test_url : live_url
xml = ssl_post(url, request, 'Content-Type' => 'text/xml')
response_params = parse(action, xml)
message_element = response_params['messages']['message']
first_error = message_element.is_a?(Array) ? message_element.first : message_element
message = first_error['text']
test_mode = @options[:test_requests] || message =~ /Test Mode/
success = response_params['messages']['result_code'] == 'Ok'
response_params['direct_response'] = parse_direct_response(response_params['direct_response']) if response_params['direct_response']
transaction_id = response_params['direct_response']['transaction_id'] if response_params['direct_response']
response_options = {}
response_options[:test] = test_mode
response_options[:authorization] = transaction_id || response_params['customer_profile_id'] || (response_params['profile'] ? response_params['profile']['customer_profile_id'] : nil)
response_options[:error_code] = first_error['code'] unless success
Response.new(success, message, response_params, response_options)
end
def tag_unless_blank(xml, tag_name, data)
xml.tag!(tag_name, data) unless data.blank? || data.nil?
end
def format_extra_options(options)
options&.map { |k, v| "#{k}=#{v}" }&.join('&')
end
def parse_direct_response(params)
delimiter = @options[:delimiter] || ','
direct_response = { 'raw' => params }
direct_response_fields = params.split(delimiter)
direct_response.merge(
{
'response_code' => direct_response_fields[0],
'response_subcode' => direct_response_fields[1],
'response_reason_code' => direct_response_fields[2],
'message' => direct_response_fields[3],
'approval_code' => direct_response_fields[4],
'avs_response' => direct_response_fields[5],
'transaction_id' => direct_response_fields[6],
'invoice_number' => direct_response_fields[7],
'order_description' => direct_response_fields[8],
'amount' => direct_response_fields[9],
'method' => direct_response_fields[10],
'transaction_type' => direct_response_fields[11],
'customer_id' => direct_response_fields[12],
'first_name' => direct_response_fields[13],
'last_name' => direct_response_fields[14],
'company' => direct_response_fields[15],
'address' => direct_response_fields[16],
'city' => direct_response_fields[17],
'state' => direct_response_fields[18],
'zip_code' => direct_response_fields[19],
'country' => direct_response_fields[20],
'phone' => direct_response_fields[21],
'fax' => direct_response_fields[22],
'email_address' => direct_response_fields[23],
'ship_to_first_name' => direct_response_fields[24],
'ship_to_last_name' => direct_response_fields[25],
'ship_to_company' => direct_response_fields[26],
'ship_to_address' => direct_response_fields[27],
'ship_to_city' => direct_response_fields[28],
'ship_to_state' => direct_response_fields[29],
'ship_to_zip_code' => direct_response_fields[30],
'ship_to_country' => direct_response_fields[31],
'tax' => direct_response_fields[32],
'duty' => direct_response_fields[33],
'freight' => direct_response_fields[34],
'tax_exempt' => direct_response_fields[35],
'purchase_order_number' => direct_response_fields[36],
'md5_hash' => direct_response_fields[37],
'card_code' => direct_response_fields[38],
'cardholder_authentication_verification_response' => direct_response_fields[39],
# The following direct response fields are only available in version 3.1 of the
# transaction response. Check your merchant account settings for details.
'account_number' => direct_response_fields[50] || '',
'card_type' => direct_response_fields[51] || '',
'split_tender_id' => direct_response_fields[52] || '',
'requested_amount' => direct_response_fields[53] || '',
'balance_on_card' => direct_response_fields[54] || ''
}
)
end
def parse(action, xml)
xml = REXML::Document.new(xml)
root = REXML::XPath.first(xml, "//#{CIM_ACTIONS[action]}Response") ||
REXML::XPath.first(xml, '//ErrorResponse')
response = parse_element(root) if root
response
end
def parse_element(node)
if node.has_elements?
response = {}
node.elements.each { |e|
key = e.name.underscore
value = parse_element(e)
if response.has_key?(key)
if response[key].is_a?(Array)
response[key].push(value)
else
response[key] = [response[key], value]
end
else
response[key] = parse_element(e)
end
}
else
response = node.text
end
response
end
def full_or_masked_card_number(card_number)
!card_number.nil? && card_number.length == 4 ? "XXXX#{card_number}" : card_number
end
end
end
end