Active_merchant_ideal

ATTENTION: transition period with a new certificate (ING only)

Recently ING issued a new iDEAL certificate, which should be in production before May 23 2011. See Wijzigen van een acquiring certificaat in iDEAL Advanced. However ING is not able to say exactly when this migration will take place. This means there will be a transition period in which it’s uncertain which iDEAL certificate is needed.

Luckily Roel van Dijk (Voormedia BV) has written a gem/patch, so you can use the old and the new certificate during this transition period.

See active_merchant_ideal_multicert

Description:

iDEAL payment gateway for ActiveMerchant.

What is iDEAL?

iDEAL is a set of standards developed to facilitate online payments through the online banking applications that most Dutch banks provide.

If a consumer already has online banking with ABN AMRO, Fortis, ING/Postbank, Rabobank, or SNS Bank, they can make payments using iDEAL in a way that they are already familiar with.

See http://ideal.nl and http://idealdesk.com for more information.

Merchant account

In order to use iDEAL you will need to get an iDEAL merchant account from your bank. Every bank offers ‘complete payment’ services, which can obfuscate the right choice. The payment product that you will want to get, in order to use this gateway class, is a bare bones iDEAL account.

• ING/Postbank: iDEAL Advanced
• ABN AMRO: iDEAL Zelfbouw
• Fortis: ? (Unknown)
• Rabobank: Rabo iDEAL Professional. (Unverified)
• SNS Bank: Not yet available

If you implement tests for other banks, if they require such acceptance tests, please do submit a patch or contact me directly: frank@dovadi.com.

Install active_merchant_ideal:

As a gem:

sudo gem install active_merchant_ideal 

Add the following to your Gemfile:

gem 'active_merchant_ideal'

As a plugin:

./script/plugin install git://github.com/dovadi/active_merchant_ideal.git

Generate private keys and certificates

Messages to, and from, the acquirer, are all signed in order to prove their authenticity. This means that you will have to have a certificate to sign your messages going to the acquirer and you will need to have the certificate of the acquirer to verify its signed messages.

The latter can be downloaded from your acquirer after registration. The former, however, can be a certificate signed by a CA authority or a self-signed certificate.

To create a self-signed certificate follow these steps:

• /usr/bin/openssl genrsa -des3 -out private_key.pem -passout pass:the_passphrase 1024
• /usr/bin/openssl req -x509 -new -key private_key.pem -passin pass:the_passphrase -days 3650 -out private_certificate.cer

Substitute _the_passphrase__ with your own passphrase.

With the ING bank you upload your private certificate with your iDEAL Dashboard. Be aware that there are two dashboards, one dashboard for the test environment and one dashboard for the production environment!

For more information see:

• http://en.wikipedia.org/wiki/Certificate_authority
• http://en.wikipedia.org/wiki/Self-signed_certificate

Test

Test the gem

You can run the tests from this gem with (inside the active_merchant_ideal directory):

 bundle install
 bundle exec rake test

Run the remote tests (For ING BANK and Rabobank only)

• Create .active_merchant directory in your own home directory
• Copy test/fixtures.yml to the .active_merchant directory
• Fill in your own merchant id, passphrase and the correct locations to your private key and certificates.
• For running the seven prescribed remote test transactions (ING bank and Rabobank) which are needed to activate the iDEAL account use

 bundle exec rake test:remote

Compatibility

Active_merchant_ideal is tested with Ruby 1.8.7 and 1.9.2.

Example (Rails)

First configure the gateway

Put the following code in, for instance, an initializer:

ActiveMerchant::Billing::IdealGateway.acquirer = :ing # Other banks preloaded are :abnamro and :rabobank
ActiveMerchant::Billing::IdealGateway.merchant_id = '00123456789'
ActiveMerchant::Billing::IdealGateway.passphrase = 'the_private_key_passphrase'

# CERTIFICATE_ROOT points to a directory where the key and certificates are located
ActiveMerchant::Billing::IdealGateway.private_key_file = File.join(CERTIFICATE_ROOT, 'private_key.pem')
ActiveMerchant::Billing::IdealGateway.private_certificate_file = File.join(CERTIFICATE_ROOT, 'private_certificate.cer')
ActiveMerchant::Billing::IdealGateway.ideal_certificate_file = File.join(CERTIFICATE_ROOT, 'ideal.cer')

View

Give the consumer a list of available issuer options:

gateway = ActiveMerchant::Billing::IdealGateway.new
issuers = gateway.issuers.list
sorted_issuers = issuers.sort_by { |issuer| issuer[:name] }
select('purchase', 'issuer_id', issuers.map { |issuer| [issuer[:name], issuer[:id]] })

Could become:

<select name="purchase[issuer_id]">
  <option value="1006" selected="selected">ABN AMRO Bank</option>
  <option value="1017">Asr bank</option>
  <option value="1003">Postbank</option>
  <option value="1005">Rabobank</option>
  <option value="1023">Van Lanschot</option>
</select>

Controller

First you’ll need to setup a transaction and redirect the consumer there so she can make the payment:

 class PurchasesController < ActionController::Base
   def create
     purchase = @user.purchases.build(:price => 1000) # €10.00 in cents.
     purchase.save(false) # We want an id for the URL.

     purchase_options = {
       :issuer_id => params[:purchase][:issuer_id],
       :order_id => purchase.id,
       :return_url => purchase_url(purchase),
       :description => 'A Dutch windmill'
     }

     # Save the purchase instance so that the consumer can return to its resource url to finish the transaction.
     purchase.update_attributes!(purchase_options)

     gateway = ActiveMerchant::Billing::IdealGateway.new
     transaction_response = gateway.setup_purchase(purchase.price, purchase_options)
     if transaction_response.success?

       # Store the transaction_id that the acquirer has created to identify the transaction.
       purchase.update_attributes!(:transaction_id => transaction_response.transaction_id)

       # Redirect the consumer to the issuer’s payment page.
       redirect_to transaction_response.service_url
     end
   end
 end

After the consumer is done with the payment she will be redirected to the :return_url. It’s now your responsibility as merchant to check if the payment has been made:

 class PurchasesController < ActionController::Base
   def show
     gateway = ActiveMerchant::Billing::IdealGateway.new
     transaction_status = gateway.capture(@purchase.transaction_id)

     if transaction_status.success?
       @purchase.update_attributes!(:paid => true)
       flash[:notice] = "Congratulations, you are now the proud owner of a Dutch windmill!"
     end
   end
 end

History

In 2006 an iDEAL payment library was written in Ruby for a web shop build in Rails for selling mobile phone credits. It was basically a translation of the PHP example given by the iDEAL organization (see iDEAL Advanced Integration Manual PHP). Is was released as the ideal-on-rails library (see http://dev.dovadi.com/projects/ideal).

In 2007 this code was refactored as a patch for the ActiveMerchant library, this was mainly done by Fingertips for a client project. This patch was never accepted due to the fact it was too different (and maybe too obscure) from the ‘normal’ credit card gateways.

In 2009 Fingertips forked the ActiveMerchant library and added an iDEAL gateway (presumable based on the first ActiveMerchant patch) to a new ideal branch.

In 2010 this code was extracted and converted into a separate gem, so it can be more easily used in combination with the latest version of ActiveMerchant. This library is just an extraction, nothing more and nothing less. There are no fundamental changes between the code from the ideal branch and the code of this gem. Later that year Sernin van de Krol added support for ABN AMRO.

Maintainer

This gem is maintained by Agile Dovadi BV, contact Frank Oxener