our $VERSION = '0.01';
+use constant SUCCESS_CODES => qw(2000 90000 900P1);
+
use constant CARD_TYPES => {
VI => 'Visa',
MC => 'MasterCard',
- AX => 'American Express',
+ AX => 'American Express', # FIXME: AM?
NN => 'Discover',
+ # JB?
};
$self->path('/process.cgi');
$self->build_subs(qw(
- receipt_number sales_order_number
- cardholder card_type
- total_amount
+ receipt_number sales_number uuid guid
+ date
+ card_type cardholder
+ total_amount taxes
avs_response cvv2_response
));
+
+ # Just in case someone tries to call taxes() *before* submit()
+ $self->taxes( {} );
}
-# OnlinePayment's remap_fields is buggy, so we simply rewrite it
+# OnlinePayment's get_fields now filters out undefs in 3.x. :(
#
-sub remap_fields {
- my ($self, %map) = @_;
+sub get_fields {
+ my ($self, @fields) = @_;
- my %content = $self->content();
- foreach (keys %map) {
- $content{$map{$_}} = delete $content{$_};
- }
- $self->content(%content);
+ my %content = $self->content;
+
+ my %new = map +($_ => $content{$_}), @fields;
+
+ return %new;
}
# Combine get_fields and remap_fields for convenience
$self->remap_fields(reverse %map);
my %data = $self->get_fields(keys %map);
- foreach (values %data) {
- $_ = '' unless defined;
- }
-
return %data;
}
# Convert a single product into a product string
#
sub prod_string {
- my ($self, $currency, $taxes, %data) = @_;
+ my ($self, $currency, %data) = @_;
croak "Missing amount in product" unless defined $data{amount};
my @flags = ($currency);
- $taxes = uc $data{taxes} if defined $data{taxes};
- foreach (split ' ' => $taxes) {
+ foreach (split ' ' => uc($data{taxes} || '')) {
croak "Unknown tax code $_" unless /^(GST|PST|HST)$/;
push @flags, $_;
}
croak 'Unsupported action'
unless $content{action} =~ /^Normal Authori[zs]ation$/i;
- $content{currency} ||= 'CAD';
- $content{currency} = uc $content{currency};
+ $content{currency} = uc($content{currency} || 'CAD');
croak "Unknown currency code ", $content{currency}
unless $content{currency} =~ /^(CAD|USD)$/;
- $content{taxes} ||= '';
- $content{taxes} = uc $content{taxes};
+ $content{taxes} = uc($content{taxes} || '');
my %data = $self->get_remap_fields(qw(
- xxxCardNumber card_number
+ xxxCard_Number card_number
xxxName name
xxxCompany company
$data{MerchantNumber} = $self->merchant_id;
- $data{xxxCardNumber} =~ tr/ //d;
+ $data{xxxCard_Number} =~ tr/- //d;
+ $data{xxxCard_Number} =~ s/^[^3-6]/4/ if $self->test_transaction;
my ($y, $m) = $self->parse_expdate($content{exp_date});
$data{xxxCCYear} = sprintf '%.4u' => $y;
if (ref $content{description}) {
$data{Products} = join '|' => map $self->prod_string(
- $content{currency},
- $content{taxes},
- %$_),
- @{ $content{description} };
+ $content{currency},
+ taxes => $content{taxes},
+ %$_),
+ @{ $content{description} };
} else {
$self->required_fields(qw(amount));
$data{Products} = $self->prod_string(
$content{currency},
- $content{taxes},
- amount => $content{amount},
+ taxes => $content{taxes},
+ amount => $content{amount},
description => $content{description},
);
}
xml_out(\%data,
- NoAttr => 1,
- RootName => 'TranxRequest',
- XMLDecl => '<?xml version="1.0" encoding="utf-8" standalone="yes"?>',
+ NoAttr => 1,
+ NumericEscape => 2,
+ RootName => 'TranxRequest',
+ SuppressEmpty => undef,
+ XMLDecl => '<?xml version="1.0" encoding="iso-8859-1" standalone="yes"?>',
);
}
while (my ($k, $v) = each %map) {
no strict 'refs';
- $self->$v($data->{$k});
+ $self->$k($data->{$v});
}
}
+sub extract_taxes {
+ my ($self, $response) = @_;
+
+ my %taxes;
+
+ my $products = $response->{Products};
+ return unless $products;
+
+ foreach my $node (@$products) {
+ my $flags = $node->{flags};
+ if ($flags &&
+ grep($_ eq '{TAX}', @$flags) &&
+ grep($_ eq '{CALCULATED}', @$flags))
+ {
+ $taxes{ $node->{code} } = $node->{subtotal};
+ }
+ }
+
+ return %taxes;
+}
+
# Parse the server's response and set various fields
#
sub parse_response {
my ($self, $response) = @_;
$self->server_response($response);
+
+ local $/ = "\n"; # Make sure to avoid bug #17687
$response = xml_in($response,
ForceArray => [qw(product flag)],
SuppressEmpty => undef,
);
- my $code = $self->result_code($response->{Page});
- $self->is_success($code eq '2000' || $code eq '90000' || $code eq '900P1');
-
- $self->infuse($response, qw(
- ReceiptNumber receipt_number
- SalesOrderNumber sales_order_number
- xxxName cardholder
- CardType card_type
- Page result_code
- ApprovalCode authorization
- Verbiage error_message
- TotalAmount total_amount
- AVSResponseCode avs_response
- CVV2ResponseCode cvv2_response
- ));
+ $self->infuse($response,
+ result_code => 'Page',
+ error_message => 'Verbiage',
+ authorization => 'ApprovalCode',
+ avs_response => 'AVSResponseCode',
+ cvv2_response => 'CVV2ResponseCode',
+
+ receipt_number => 'ReceiptNumber',
+ sales_number => 'SalesOrderNumber',
+ uuid => 'GUID',
+ guid => 'GUID',
+
+ date => 'Date',
+ cardholder => 'xxxName',
+ card_type => 'CardType',
+ total_amount => 'TotalAmount',
+ );
+
+ $self->is_success(scalar grep $self->result_code eq $_, SUCCESS_CODES);
+
+ # Completely undocumented field that sometimes override <Verbiage>
+ $self->error_message($response->{Error}) if $response->{Error};
+
+ # Delete error_message if transaction was successful
+ $self->error_message(undef) if $self->is_success;
$self->card_type(CARD_TYPES->{$self->card_type});
- $self->{products_raw} = $response->{Products};
+ $self->taxes( { $self->extract_taxes($response) } );
return $self;
}
undef,
make_form(
xxxRequestMode => 'X',
- xxxRequestData => Encode::encode_utf8(
- $self->to_xml
- ),
+ xxxRequestData => $self->to_xml,
)
);
croak 'Error connecting to server' unless $page;
croak 'Server responded, but not in XML' unless $page =~ /^<\?xml/;
+ # The response is marked UTF-8, but it's really Latin-1. Sigh.
+ $page =~ s/^(<\?xml.*?) encoding="utf-8"/$1 encoding="iso-8859-1"/si;
+
$self->parse_response($page);
}
$txn->content(
action => 'Normal Authorization',
- type => 'Visa',
- card_number => '0000000000000000',
+ type => 'Visa', # Optional
+ card_number => '4111 1111 1111 1111',
exp_date => '2004-07',
- cvv2 => '000', # Optional
+ cvv2 => '000', # Optional
name => "Fr\x{e9}d\x{e9}ric Bri\x{e8}re",
company => '',
phone => '(555) 555-1212',
email => 'fbriere@fbriere.net',
- description => 'Online purchase',
amount => 49.95,
currency => 'CAD',
taxes => 'GST PST',
+ description => 'Test transaction',
);
$txn->submit;
=head1 DESCRIPTION
-Business::OnlinePayment::InternetSecure is an implementation of
-L<Business::OnlinePayment> that allows for processing online credit card
-payments through Internet Secure.
+C<Business::OnlinePayment::InternetSecure> is an implementation of
+C<Business::OnlinePayment> that allows for processing online credit card
+payments through InternetSecure.
See L<Business::OnlinePayment> for more information about the generic
Business::OnlinePayment interface.
=head1 CREATOR
-Object creation is done via L<Business::OnlinePayment>; see its manpage for
-details. The I<merchant_id> processor option is required, and corresponds
-to the merchant ID assigned to you by Internet Secure.
+Object creation is done via C<Business::OnlinePayment>; see its manpage for
+details. The B<merchant_id> processor option is required, and corresponds
+to the merchant ID assigned to you by InternetSecure.
=head1 METHODS
-(See L<Business::OnlinePayment> for more methods.)
-
-=head2 Before order submission
+=head2 Transaction setup and transmission
=over 4
=item content( CONTENT )
-Sets up the data prior to a transaction (overwriting any previous data by the
-same occasion). CONTENT is an associative array (hash), containing some of
-the following fields:
+Sets up the data prior to a transaction. CONTENT is an associative array
+(hash), containing some of the following fields:
=over 4
=item action (required)
What to do with the transaction. Only C<Normal Authorization> is supported
-for the moment.
+at the moment.
=item type
=item card_number (required)
-Credit card number. Spaces are allowed, and will be automatically removed.
+Credit card number. Spaces and dashes are automatically removed.
=item exp_date (required)
-Credit card expiration date. Since L<Business::OnlinePayment> does not specify
+Credit card expiration date. Since C<Business::OnlinePayment> does not specify
any syntax, this module is rather lax regarding what it will accept. The
-recommended syntax is I<YYYY-MM>, but forms such as I<MM/YYYY> or I<MMYY> are
+recommended syntax is C<YYYY-MM>, but forms such as C<MM/YYYY> or C<MMYY> are
allowed as well.
=item cvv2
=item description
-A short description of the purchase. See L<"Products list syntax"> for
+A short description of the transaction. See L<"Products list syntax"> for
an alternate syntax that allows a list of products to be specified.
-=item amount
+=item amount (usually required)
+
+Total amount to be billed, excluding taxes if they are to be added separately
+by InternetSecure.
-Total amount to be billed, excluding taxes if they are to be added separately.
-This field is required if B<description> is a string, and should be left
-undefined if B<description> contains a list of products, as outlined in
-L<"Products list syntax">.
+This field is required if B<description> is a string, but should be left
+undefined if B<description> contains a list of products instead, as outlined
+in L<"Products list syntax">.
=item currency
=item taxes
-Taxes to be added automatically. These should not be included in B<amount>;
-they will be automatically added by Internet Secure later on.
+Taxes to be added automatically to B<amount> by InternetSecure.
-Available taxes are C<GST>, C<PST> and C<HST>. Taxes can be combined by
-separating them with spaces, such as C<GST HST>.
+Available taxes are C<GST>, C<PST> and C<HST>. Multiple taxes can specified
+by concatenating them with spaces, such as C<GST HST>.
=item name / company / address / city / state / zip / country / phone / email
-Facultative customer information. B<state> should be either a postal
-abbreviation or a two-letter code taken from ISO 3166-2, and B<country> should
-be a two-letter code taken from ISO 3166-1.
+Customer information. B<country> should be a two-letter code taken from ISO
+3166-1.
=back
+=item submit()
+
+Submit the transaction to InternetSecure.
+
=back
-=head2 After order submission
+=head2 Post-submission methods
=over 4
-=item receipt_number() / sales_order_number()
+=item is_success()
+
+Returns true if the transaction was submitted successfully.
+
+=item result_code()
+
+Response code returned by InternetSecure.
+
+=item error_message()
+
+Error message if the transaction was unsuccessful; C<undef> otherwise. (You
+should not rely on this to test whether a transaction was successful; use
+B<is_success>() instead.)
+
+=item receipt_number()
+
+Receipt number (a string, actually) of this transaction, unique to all
+InternetSecure transactions.
+
+=item sales_number()
+
+Sales order number of this transaction. This is a number, unique to each
+merchant, which is incremented by 1 each time.
+
+=item uuid()
+
+Universally Unique Identifier associated to this transaction. This is a
+128-bit value returned as a 36-character string such as
+C<f81d4fae-7dec-11d0-a765-00a0c91e6bf6>. See RFC 4122 for more details on
+UUIDs.
+
+B<guid>() is provided as an alias to this method.
+
+=item authorization()
-Receipt number and sales order number of submitted order.
+Authorization code for this transaction.
+
+=item avs_response() / cvv2_response()
+
+Results of the AVS and CVV2 checks. See the InternetSecure documentation for
+the list of possible values.
+
+=item date()
+
+Date and time of the transaction. Format is C<YYYY/MM/DD hh:mm:ss>.
=item total_amount()
Total amount billed for this order, including taxes.
+=item taxes()
+
+Returns a I<reference> to a hash that maps tax names (such as C<GST>) to the
+amount that was billed for each.
+
=item cardholder()
Cardholder's name. This is currently a mere copy of the B<name> field passed
-to B<submit()>.
+to B<submit>().
=item card_type()
=back
-=item avs_response() / cvv2_response()
-
-Results of the AVS and CVV2 checks. See the Internet Secure documentation for
-the list of possible values.
=back
=head2 Products list syntax
-Optionally, the B<description> field of B<content()> can contain a reference
+Optionally, the B<description> field of B<content>() can contain a reference
to an array of products, instead of a simple string. Each element of this
array represents a different product, and must be a reference to a hash with
the following fields:
=item quantity
-Ordered quantity of this product. This can be a decimal value.
+Ordered quantity of this product.
=item sku
=item taxes
Taxes that should be automatically added to this product. If specified, this
-overrides the B<taxes> field passed to B<content()>.
+overrides the B<taxes> field passed to B<content>().
=back
-When using a products list, the B<amount> field passed to B<content()> should
+When using a products list, the B<amount> field passed to B<content>() should
be left undefined.
=head2 Character encoding
-Since communication to/from Internet Secure is encoded with UTF-8, all Unicode
+Since communication to/from InternetSecure is encoded with UTF-8, all Unicode
characters are theoretically available when submitting information via
-B<submit()>. (Further restrictions may be imposed by Internet Secure itself.)
+B<submit>(). (Further restrictions may be imposed by InternetSecure itself.)
-When using non-ASCII characters, all data provided to B<submit()> should either
+When using non-ASCII characters, all data provided to B<submit>() should either
be in the current native encoding (typically latin-1, unless it was modified
via the C<encoding> pragma), or be decoded via the C<Encode> module.
-Conversely, all data returned after calling B<submit()> will be automatically
+Conversely, all data returned after calling B<submit>() will be automatically
decoded.
-=head2 products_raw
-
-...
-
-
=head1 EXPORT
None by default.
=head1 AUTHOR
-Frederic Briere, E<lt>fbriere@fbriere.netE<gt>
+Frédéric Brière, E<lt>fbriere@fbriere.netE<gt>
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2006 by Frederic Briere
+Copyright (C) 2006 by Frédéric Brière
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.4 or,