Class: ActiveMerchant::Billing::RedsysGateway

Inherits:
Gateway
  • Object
show all
Defined in:
lib/active_merchant/billing/gateways/redsys.rb

Overview

Redsys Merchant Gateway

Gateway support for the Spanish “Redsys” payment gateway system. This is used by many banks in Spain and is particularly well supported by Catalunya Caixa’s ecommerce department.

Redsys requires an order_id be provided with each transaction and it must follow a specific format. The rules are as follows:

* First 4 digits must be numerical
* Remaining 8 digits may be alphanumeric
* Max length: 12

If an invalid order_id is provided, we do our best to clean it up.

Much of the code for this library is based on the active_merchant_sermepa integration gateway which uses essentially the same API but with the banks own payment screen.

Written by Samuel Lown for Cabify. For implementation questions, or test access details please get in touch: [email protected].

*** SHA256 Authentication Update ***

Redsys is dropping support for the SHA1 authentication method. This adapter has been updated to work with the new SHA256 authentication method, however in your initialization options hash you will need to specify the key/value :signature_algorithm => “sha256” to use the SHA256 method. Otherwise it will default to using the SHA1.

Constant Summary collapse

CURRENCY_CODES =
{
  'AED' => '784',
  'ARS' => '32',
  'AUD' => '36',
  'BRL' => '986',
  'BOB' => '68',
  'CAD' => '124',
  'CHF' => '756',
  'CLP' => '152',
  'CNY' => '156',
  'COP' => '170',
  'CRC' => '188',
  'CZK' => '203',
  'DKK' => '208',
  'DOP' => '214',
  'EUR' => '978',
  'GBP' => '826',
  'GTQ' => '320',
  'HUF' => '348',
  'IDR' => '360',
  'INR' => '356',
  'JPY' => '392',
  'KRW' => '410',
  'MYR' => '458',
  'MXN' => '484',
  'NOK' => '578',
  'NZD' => '554',
  'PEN' => '604',
  'PLN' => '985',
  'RUB' => '643',
  'SAR' => '682',
  'SEK' => '752',
  'SGD' => '702',
  'THB' => '764',
  'TWD' => '901',
  'USD' => '840',
  'UYU' => '858'
}
SUPPORTED_TRANSACTIONS =

The set of supported transactions for this gateway. More operations are supported by the gateway itself, but are not supported in this library.

{
  purchase:   '0',
  authorize:  '1',
  capture:    '2',
  refund:     '3',
  cancel:     '9'
}
RESPONSE_TEXTS =

These are the text meanings sent back by the acquirer when a card has been rejected. Syntax or general request errors are not covered here.

{
  0 => 'Transaction Approved',
  400 => 'Cancellation Accepted',
  481 => 'Cancellation Accepted',
  500 => 'Reconciliation Accepted',
  900 => 'Refund / Confirmation approved',

  101 => 'Card expired',
  102 => 'Card blocked temporarily or under susciption of fraud',
  104 => 'Transaction not permitted',
  107 => 'Contact the card issuer',
  109 => 'Invalid identification by merchant or POS terminal',
  110 => 'Invalid amount',
  114 => 'Card cannot be used to the requested transaction',
  116 => 'Insufficient credit',
  118 => 'Non-registered card',
  125 => 'Card not effective',
  129 => 'CVV2/CVC2 Error',
  167 => 'Contact the card issuer: suspected fraud',
  180 => 'Card out of service',
  181 => 'Card with credit or debit restrictions',
  182 => 'Card with credit or debit restrictions',
  184 => 'Authentication error',
  190 => 'Refusal with no specific reason',
  191 => 'Expiry date incorrect',
  195 => 'Requires SCA authentication',

  201 => 'Card expired',
  202 => 'Card blocked temporarily or under suspicion of fraud',
  204 => 'Transaction not permitted',
  207 => 'Contact the card issuer',
  208 => 'Lost or stolen card',
  209 => 'Lost or stolen card',
  280 => 'CVV2/CVC2 Error',
  290 => 'Declined with no specific reason',

  480 => 'Original transaction not located, or time-out exceeded',
  501 => 'Original transaction not located, or time-out exceeded',
  502 => 'Original transaction not located, or time-out exceeded',
  503 => 'Original transaction not located, or time-out exceeded',

  904 => 'Merchant not registered at FUC',
  909 => 'System error',
  912 => 'Issuer not available',
  913 => 'Duplicate transmission',
  916 => 'Amount too low',
  928 => 'Time-out exceeded',
  940 => 'Transaction cancelled previously',
  941 => 'Authorization operation already cancelled',
  942 => 'Original authorization declined',
  943 => 'Different details from origin transaction',
  944 => 'Session error',
  945 => 'Duplicate transmission',
  946 => 'Cancellation of transaction while in progress',
  947 => 'Duplicate tranmission while in progress',
  949 => 'POS Inoperative',
  950 => 'Refund not possible',
  9064 => 'Card number incorrect',
  9078 => 'No payment method available',
  9093 => 'Non-existent card',
  9218 => 'Recursive transaction in bad gateway',
  9253 => 'Check-digit incorrect',
  9256 => 'Preauth not allowed for merchant',
  9257 => 'Preauth not allowed for card',
  9261 => 'Operating limit exceeded',
  9912 => 'Issuer not available',
  9913 => 'Confirmation error',
  9914 => 'KO Confirmation'
}
THREE_DS_V1 =

Expected values as per documentation

'1.0.2'
THREE_DS_V2 =
'2.1.0'

Constants inherited from Gateway

Gateway::CREDIT_DEPRECATION_MESSAGE, Gateway::RECURRING_DEPRECATION_MESSAGE, Gateway::STANDARD_ERROR_CODE

Instance Attribute Summary

Attributes inherited from Gateway

#options

Instance Method Summary collapse

Methods inherited from Gateway

#add_field_to_post_if_present, #add_fields_to_post_if_present, #card_brand, card_brand, #generate_unique_id, inherited, #supported_countries, supported_countries, supported_countries=, supports?, #supports_network_tokenization?, #supports_scrubbing?, #test?

Methods included from CreditCardFormatting

#expdate, #format

Methods included from PostsData

included, #raw_ssl_request, #ssl_get, #ssl_post, #ssl_request

Constructor Details

#initialize(options = {}) ⇒ RedsysGateway

Creates a new instance

Redsys requires a login and secret_key, and optionally also accepts a non-default terminal.

Options

  • :login – The Redsys Merchant ID (REQUIRED)

  • :secret_key – The Redsys Secret Key. (REQUIRED)

  • :terminal – The Redsys Terminal. Defaults to 1. (OPTIONAL)

  • :testtrue or false. Defaults to false. (OPTIONAL)

  • :signature_algorithm“sha256” Defaults to “sha1”. (OPTIONAL)



190
191
192
193
194
195
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 190

def initialize(options = {})
  requires!(options, :login, :secret_key)
  options[:terminal] ||= 1
  options[:signature_algorithm] ||= 'sha1'
  super
end

Instance Method Details

#authorize(money, payment, options = {}) ⇒ Object



216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 216

def authorize(money, payment, options = {})
  requires!(options, :order_id)

  data = {}
  add_action(data, :authorize, options)
  add_amount(data, money, options)
  add_order(data, options[:order_id])
  add_payment(data, payment)
  add_external_mpi_fields(data, options)
  add_three_ds_data(data, options) if options[:execute_threed]
  add_stored_credential_options(data, options)
  data[:description] = options[:description]
  data[:store_in_vault] = options[:store]
  data[:sca_exemption] = options[:sca_exemption]
  data[:sca_exemption_direct_payment_enabled] = options[:sca_exemption_direct_payment_enabled]

  commit data, options
end

#capture(money, authorization, options = {}) ⇒ Object



235
236
237
238
239
240
241
242
243
244
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 235

def capture(money, authorization, options = {})
  data = {}
  add_action(data, :capture)
  add_amount(data, money, options)
  order_id, = split_authorization(authorization)
  add_order(data, order_id)
  data[:description] = options[:description]

  commit data, options
end

#purchase(money, payment, options = {}) ⇒ Object



197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 197

def purchase(money, payment, options = {})
  requires!(options, :order_id)

  data = {}
  add_action(data, :purchase, options)
  add_amount(data, money, options)
  add_order(data, options[:order_id])
  add_payment(data, payment)
  add_external_mpi_fields(data, options)
  add_three_ds_data(data, options) if options[:execute_threed]
  add_stored_credential_options(data, options)
  data[:description] = options[:description]
  data[:store_in_vault] = options[:store]
  data[:sca_exemption] = options[:sca_exemption]
  data[:sca_exemption_direct_payment_enabled] = options[:sca_exemption_direct_payment_enabled]

  commit data, options
end

#refund(money, authorization, options = {}) ⇒ Object



257
258
259
260
261
262
263
264
265
266
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 257

def refund(money, authorization, options = {})
  data = {}
  add_action(data, :refund)
  add_amount(data, money, options)
  order_id, = split_authorization(authorization)
  add_order(data, order_id)
  data[:description] = options[:description]

  commit data, options
end

#scrub(transcript) ⇒ Object



283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 283

def scrub(transcript)
  transcript.
    gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
    gsub(%r((%3CDS_MERCHANT_PAN%3E)\d+(%3C%2FDS_MERCHANT_PAN%3E))i, '\1[FILTERED]\2').
    gsub(%r((%3CDS_MERCHANT_CVV2%3E)\d+(%3C%2FDS_MERCHANT_CVV2%3E))i, '\1[FILTERED]\2').
    gsub(%r((<DS_MERCHANT_PAN>)\d+(</DS_MERCHANT_PAN>))i, '\1[FILTERED]\2').
    gsub(%r((<DS_MERCHANT_PAN>)\d+(</DS_MERCHANT_PAN>))i, '\1[FILTERED]\2').
    gsub(%r((<DS_MERCHANT_CVV2>)\d+(</DS_MERCHANT_CVV2>))i, '\1[FILTERED]\2').
    gsub(%r((&lt;DS_MERCHANT_CVV2&gt;)\d+(&lt;/DS_MERCHANT_CVV2&gt;))i, '\1[FILTERED]\2').
    gsub(%r((DS_MERCHANT_CVV2)%2F%3E%0A%3C%2F)i, '\1[BLANK]').
    gsub(%r((DS_MERCHANT_CVV2)%2F%3E%3C)i, '\1[BLANK]').
    gsub(%r((DS_MERCHANT_CVV2%3E)(%3C%2FDS_MERCHANT_CVV2))i, '\1[BLANK]\2').
    gsub(%r((<DS_MERCHANT_CVV2>)(</DS_MERCHANT_CVV2>))i, '\1[BLANK]\2').
    gsub(%r((DS_MERCHANT_CVV2%3E)\++(%3C%2FDS_MERCHANT_CVV2))i, '\1[BLANK]\2').
    gsub(%r((<DS_MERCHANT_CVV2>)\s+(</DS_MERCHANT_CVV2>))i, '\1[BLANK]\2')
end

#supports_scrubbingObject



279
280
281
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 279

def supports_scrubbing
  true
end

#verify(creditcard, options = {}) ⇒ Object



268
269
270
271
272
273
274
275
276
277
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 268

def verify(creditcard, options = {})
  if options[:sca_exemption_behavior_override] == 'endpoint_and_ntid'
    purchase(0, creditcard, options)
  else
    MultiResponse.run(:use_first_response) do |r|
      r.process { authorize(100, creditcard, options) }
      r.process(:ignore_result) { void(r.authorization, options) }
    end
  end
end

#void(authorization, options = {}) ⇒ Object



246
247
248
249
250
251
252
253
254
255
# File 'lib/active_merchant/billing/gateways/redsys.rb', line 246

def void(authorization, options = {})
  data = {}
  add_action(data, :cancel)
  order_id, amount, currency = split_authorization(authorization)
  add_amount(data, amount, currency: currency)
  add_order(data, order_id)
  data[:description] = options[:description]

  commit data, options
end