X-Git-Url: http://git.freeside.biz/gitweb/?p=Business-OnlinePayment-InternetSecure.git;a=blobdiff_plain;f=InternetSecure.pm;h=9bae9e8a80255f15b2d52dab2664c4ac3120d93b;hp=dec9ee9d12ead97c0b669d95fefca33b601832da;hb=601b33ac01d6fbb72208f603d2f1793b3f5c7ff1;hpb=a9053abd282a2c574bb03833db29b39ed5cac14b diff --git a/InternetSecure.pm b/InternetSecure.pm index dec9ee9..9bae9e8 100755 --- a/InternetSecure.pm +++ b/InternetSecure.pm @@ -15,12 +15,14 @@ use base qw(Business::OnlinePayment Exporter); our $VERSION = '0.01'; +use constant SUCCESS_CODES => qw(2000 90000 900P1); + use constant CARD_TYPES => { - VI => 'Visa', + AM => 'American Express', + JB => 'JCB', MC => 'MasterCard', - AX => 'American Express', # FIXME: AM? NN => 'Discover', - # JB? + VI => 'Visa', }; @@ -37,12 +39,15 @@ sub set_defaults { $self->path('/process.cgi'); $self->build_subs(qw( - receipt_number sales_number + receipt_number sales_number uuid guid date - card_type - total_amount + card_type cardholder + total_amount tax_amounts avs_response cvv2_response )); + + # Just in case someone tries to call tax_amounts() *before* submit() + $self->tax_amounts( {} ); } # OnlinePayment's get_fields now filters out undefs in 3.x. :( @@ -57,18 +62,6 @@ sub get_fields { return %new; } -# OnlinePayment's remap_fields is buggy, so we simply rewrite it -# -sub remap_fields { - my ($self, %map) = @_; - - my %content = $self->content(); - foreach (keys %map) { - $content{$map{$_}} = delete $content{$_}; - } - $self->content(%content); -} - # Combine get_fields and remap_fields for convenience # sub get_remap_fields { @@ -115,9 +108,16 @@ sub prod_string { my @flags = ($currency); - foreach (split ' ' => uc($data{taxes} || '')) { - croak "Unknown tax code $_" unless /^(GST|PST|HST)$/; - push @flags, $_; + my @taxes; + if (ref $data{taxes}) { + @taxes = @{ $data{taxes} }; + } elsif ($data{taxes}) { + @taxes = split ' ' => $data{taxes}; + } + + foreach (@taxes) { + croak "Unknown tax code $_" unless /^(GST|PST|HST)$/i; + push @flags, uc $_; } if ($self->test_transaction) { @@ -142,9 +142,10 @@ sub to_xml { $self->required_fields(qw(action card_number exp_date)); - croak 'Unsupported transaction type' - if $content{type} && $content{type} !~ - /^(Visa|MasterCard|American Express|Discover)$/i; + croak "Unsupported transaction type: $content{type}" + if $content{type} && + ! grep lc($content{type}) eq lc($_), + values %{+CARD_TYPES}; croak 'Unsupported action' unless $content{action} =~ /^Normal Authori[zs]ation$/i; @@ -153,8 +154,6 @@ sub to_xml { croak "Unknown currency code ", $content{currency} unless $content{currency} =~ /^(CAD|USD)$/; - $content{taxes} = uc($content{taxes} || ''); - my %data = $self->get_remap_fields(qw( xxxCard_Number card_number @@ -181,7 +180,7 @@ sub to_xml { $data{MerchantNumber} = $self->merchant_id; - $data{xxxCard_Number} =~ tr/ //d; + $data{xxxCard_Number} =~ tr/- //d; $data{xxxCard_Number} =~ s/^[^3-6]/4/ if $self->test_transaction; my ($y, $m) = $self->parse_expdate($content{exp_date}); @@ -212,13 +211,14 @@ sub to_xml { ); } - xml_out(\%data, + # The encode() makes sure to a) strip off non-Latin-1 characters, and + # b) turn off the utf8 flag, which confuses XML::Simple + encode('ISO-8859-1', xml_out(\%data, NoAttr => 1, - NumericEscape => 2, RootName => 'TranxRequest', SuppressEmpty => undef, - XMLDecl => '', - ); + XMLDecl => '', + )); } # Map the various fields from the response, and put their values into our @@ -229,16 +229,39 @@ sub infuse { while (my ($k, $v) = each %map) { no strict 'refs'; - $self->$v($data->{$k}); + $self->$k($data->{$v}); } } +sub extract_tax_amounts { + my ($self, $response) = @_; + + my %tax_amounts; + + my $products = $response->{Products}; + return unless $products; + + foreach my $node (@$products) { + my $flags = $node->{flags}; + if ($flags && + grep($_ eq '{TAX}', @$flags) && + grep($_ eq '{CALCULATED}', @$flags)) + { + $tax_amounts{ $node->{code} } = $node->{subtotal}; + } + } + + return %tax_amounts; +} + # Parse the server's response and set various fields # sub parse_response { my ($self, $response) = @_; $self->server_response($response); + + local $/ = "\n"; # Make sure to avoid bug #17687 $response = xml_in($response, ForceArray => [qw(product flag)], @@ -247,28 +270,35 @@ sub parse_response { SuppressEmpty => undef, ); - my $code = $self->result_code($response->{Page}); - $self->is_success($code eq '2000' || $code eq '90000' || $code eq '900P1'); - - $self->infuse($response, qw( - ReceiptNumber receipt_number - SalesOrderNumber sales_number - Date date - CardType card_type - Page result_code - ApprovalCode authorization - Verbiage error_message - TotalAmount total_amount - AVSResponseCode avs_response - CVV2ResponseCode cvv2_response - )); + $self->infuse($response, + result_code => 'Page', + error_message => 'Verbiage', + authorization => 'ApprovalCode', + avs_response => 'AVSResponseCode', + cvv2_response => 'CVV2ResponseCode', + + receipt_number => 'ReceiptNumber', + sales_number => 'SalesOrderNumber', + uuid => 'GUID', + guid => 'GUID', + + date => 'Date', + cardholder => 'xxxName', + card_type => 'CardType', + total_amount => 'TotalAmount', + ); + $self->is_success(scalar grep $self->result_code eq $_, SUCCESS_CODES); + # Completely undocumented field that sometimes override $self->error_message($response->{Error}) if $response->{Error}; + + # Delete error_message if transaction was successful + $self->error_message(undef) if $self->is_success; $self->card_type(CARD_TYPES->{$self->card_type}); - $self->{products_raw} = $response->{Products}; + $self->tax_amounts( { $self->extract_tax_amounts($response) } ); return $self; } @@ -294,6 +324,9 @@ sub submit { croak 'Error connecting to server' unless $page; croak 'Server responded, but not in XML' unless $page =~ /^<\?xml/; + # The response is marked UTF-8, but it's really Latin-1. Sigh. + $page =~ s/^(<\?xml.*?) encoding="utf-8"/$1 encoding="iso-8859-1"/si; + $self->parse_response($page); } @@ -317,10 +350,10 @@ Business::OnlinePayment::InternetSecure - InternetSecure backend for Business::O $txn->content( action => 'Normal Authorization', - type => 'Visa', - card_number => '0000000000000000', + type => 'Visa', # Optional + card_number => '4111 1111 1111 1111', exp_date => '2004-07', - cvv2 => '000', # Optional + cvv2 => '000', # Optional name => "Fr\x{e9}d\x{e9}ric Bri\x{e8}re", company => '', @@ -332,10 +365,10 @@ Business::OnlinePayment::InternetSecure - InternetSecure backend for Business::O phone => '(555) 555-1212', email => 'fbriere@fbriere.net', - description => 'Online purchase', amount => 49.95, currency => 'CAD', taxes => 'GST PST', + description => 'Test transaction', ); $txn->submit; @@ -348,8 +381,8 @@ Business::OnlinePayment::InternetSecure - InternetSecure backend for Business::O =head1 DESCRIPTION -Business::OnlinePayment::InternetSecure is an implementation of -L that allows for processing online credit card +C is an implementation of +C that allows for processing online credit card payments through InternetSecure. See L for more information about the generic @@ -357,31 +390,27 @@ Business::OnlinePayment interface. =head1 CREATOR -Object creation is done via L; see its manpage for -details. The I processor option is required, and corresponds +Object creation is done via C; see its manpage for +details. The B processor option is required, and corresponds to the merchant ID assigned to you by InternetSecure. =head1 METHODS -(Other methods are also available -- see L for more -details.) - -=head2 Before order submission +=head2 Transaction setup and transmission =over 4 =item content( CONTENT ) -Sets up the data prior to a transaction (overwriting any previous data by the -same occasion). CONTENT is an associative array (hash), containing some of -the following fields: +Sets up the data prior to a transaction. CONTENT is an associative array +(hash), containing some of the following fields: =over 4 =item action (required) What to do with the transaction. Only C is supported -for the moment. +at the moment. =item type @@ -397,19 +426,21 @@ Transaction type, being one of the following: =item - Discover +=item - JCB + =back (This is actually ignored for the moment, and can be left blank or undefined.) =item card_number (required) -Credit card number. Spaces are allowed, and will be automatically removed. +Credit card number. Spaces and dashes are automatically removed. =item exp_date (required) -Credit card expiration date. Since L does not specify +Credit card expiration date. Since C does not specify any syntax, this module is rather lax regarding what it will accept. The -recommended syntax is I, but forms such as I or I are +recommended syntax is C, but forms such as C or C are allowed as well. =item cvv2 @@ -424,7 +455,7 @@ Code (CVC2) or Card Identification number (CID), depending on the card issuer. =item description -A short description of the purchase. See L<"Products list syntax"> for +A short description of the transaction. See L<"Products list syntax"> for an alternate syntax that allows a list of products to be specified. =item amount (usually required) @@ -443,27 +474,47 @@ C (default) or C. =item taxes -Taxes to be added automatically to B by InternetSecure. +Taxes to be added automatically to B by InternetSecure. Available +taxes are C, C and C. -Available taxes are C, C and C. Multiple taxes can specified -by concatenating them with spaces, such as C. +This argument can either be a single string of taxes concatenated with spaces +(such as C), or a reference to an array of taxes (such as C<[ "GST", +"PST" ]>). =item name / company / address / city / state / zip / country / phone / email -Customer information. B should be a two-letter code taken from ISO +Customer information. B should be a two-letter code taken from ISO 3166-1. =back +=item submit() + +Submit the transaction to InternetSecure. + =back -=head2 After order submission +=head2 Post-submission methods =over 4 +=item is_success() + +Returns true if the transaction was submitted successfully. + +=item result_code() + +Response code returned by InternetSecure. + +=item error_message() + +Error message if the transaction was unsuccessful; C otherwise. (You +should not rely on this to test whether a transaction was successful; use +B() instead.) + =item receipt_number() -Receipt number of this transaction; this is actually a string, unique to all +Receipt number (a string, actually) of this transaction, unique to all InternetSecure transactions. =item sales_number() @@ -471,6 +522,24 @@ InternetSecure transactions. Sales order number of this transaction. This is a number, unique to each merchant, which is incremented by 1 each time. +=item uuid() + +Universally Unique Identifier associated to this transaction. This is a +128-bit value returned as a 36-character string such as +C. See RFC 4122 for more details on +UUIDs. + +B() is provided as an alias to this method. + +=item authorization() + +Authorization code for this transaction. + +=item avs_response() / cvv2_response() + +Results of the AVS and CVV2 checks. See the InternetSecure documentation for +the list of possible values. + =item date() Date and time of the transaction. Format is C. @@ -479,6 +548,17 @@ Date and time of the transaction. Format is C. Total amount billed for this order, including taxes. +=item tax_amounts() + +Returns a I to a hash that maps taxes, which were listed under the +B argument to B(), to the amount that was calculated by +InternetSecure. + +=item cardholder() + +Cardholder's name. This is currently a mere copy of the B field passed +to B(). + =item card_type() Type of the credit card used for the submitted order, being one of the @@ -494,16 +574,9 @@ following: =item - Discover -=back +=item - JCB -=item avs_response() / cvv2_response() - -Results of the AVS and CVV2 checks. See the InternetSecure documentation for -the list of possible values. - -=item products_raw() - -... +=back =back @@ -513,14 +586,14 @@ the list of possible values. =head2 Products list syntax -Optionally, the B field of B can contain a reference +Optionally, the B field of B() can contain a reference to an array of products, instead of a simple string. Each element of this array represents a different product, and must be a reference to a hash with the following fields: =over 4 -=item amount +=item amount (required) Unit price of this product. @@ -539,25 +612,23 @@ Description of this product =item taxes Taxes that should be automatically added to this product. If specified, this -overrides the B field passed to B. +overrides the B field passed to B(). =back -When using a products list, the B field passed to B should +When using a products list, the B field passed to B() should be left undefined. =head2 Character encoding -Since communication to/from InternetSecure is encoded with UTF-8, all Unicode -characters are theoretically available when submitting information via -B. (Further restrictions may be imposed by InternetSecure itself.) +When using non-ASCII characters, all data provided to B() should +have been decoded beforehand via the C module, unless your data is in +ISO-8859-1 and you haven't meddled with the C pragma. (Please +don't.) -When using non-ASCII characters, all data provided to B should either -be in the current native encoding (typically latin-1, unless it was modified -via the C pragma), or be decoded via the C module. -Conversely, all data returned after calling B will be automatically -decoded. +InternetSecure currently does not handle characters outside of ISO-8859-1, so +these will be replaced with C before being transmitted. =head1 EXPORT