package Business::OnlinePayment::PayflowPro;
use strict;
-use vars qw($VERSION);
-use Carp qw(croak);
-use base qw(Business::OnlinePayment);
+use vars qw($VERSION $DEBUG);
+use Carp qw(carp croak);
+use CGI;
+use Digest::MD5;
+use Business::OnlinePayment::HTTPS 0.06;
-# Payflow Pro SDK
-use PFProAPI qw( pfpro );
+use base qw(Business::OnlinePayment::HTTPS);
-$VERSION = '0.05';
+$VERSION = '0.07_04';
$VERSION = eval $VERSION;
+$DEBUG = 0;
+
+sub request_id {
+ my $self = shift;
+ my $md5 = Digest::MD5->new();
+ $md5->add( $$, time(), rand(time) );
+ return $md5->hexdigest();
+}
+
+sub debug {
+ my $self = shift;
+
+ if (@_) {
+ my $level = shift || 0;
+ if ( ref($self) ) {
+ $self->{"__DEBUG"} = $level;
+ }
+ else {
+ $DEBUG = $level;
+ }
+ $Business::OnlinePayment::HTTPS::DEBUG = $level;
+ }
+ return ref($self) ? ( $self->{"__DEBUG"} || $DEBUG ) : $DEBUG;
+}
sub set_defaults {
my $self = shift;
+ my %opts = @_;
+
+ # standard B::OP methods/data
+ #$self->server("payflow.verisign.com");
+ $self->server("payflowpro.verisign.com");
+ $self->port("443");
+ $self->path("/transaction");
+
+ $self->build_subs(qw(
+ partner vendor client_certification_id
+ headers test_server
+ cert_path
+ order_number avs_code cvv2_response
+ response_page response_code response_headers
+ ));
+
+ # module specific data
+ if ( $opts{debug} ) {
+ $self->debug( $opts{debug} );
+ delete $opts{debug};
+ }
- $self->server('payflow.verisign.com');
- $self->port('443');
+ $self->test_server( "pilot-payflowpro.verisign.com" );
- $self->build_subs(qw(
- vendor partner cert_path order_number avs_code cvv2_code
- ));
}
-sub map_fields {
- my($self) = @_;
+sub _map_fields {
+ my ($self) = @_;
my %content = $self->content();
#ACTION MAP
- my %actions = ('normal authorization' => 'S', # Sale transaction
- 'credit' => 'C', # Credit (refund)
- 'authorization only' => 'A', # Authorization
- 'post authorization' => 'D', # Delayed Capture
- 'void' => 'V', # Void
- );
- $content{'action'} = $actions{lc($content{'action'})} || $content{'action'};
+ my %actions = (
+ 'normal authorization' => 'S', # Sale transaction
+ 'credit' => 'C', # Credit (refund)
+ 'authorization only' => 'A', # Authorization
+ 'post authorization' => 'D', # Delayed Capture
+ 'void' => 'V', # Void
+ );
+
+ $content{'action'} = $actions{ lc( $content{'action'} ) }
+ || $content{'action'};
# TYPE MAP
- my %types = ('visa' => 'C',
- 'mastercard' => 'C',
- 'american express' => 'C',
- 'discover' => 'C',
- 'cc' => 'C',
- #'check' => 'ECHECK',
- );
- $content{'type'} = $types{lc($content{'type'})} || $content{'type'};
- $self->transaction_type($content{'type'});
+ my %types = (
+ 'visa' => 'C',
+ 'mastercard' => 'C',
+ 'american express' => 'C',
+ 'discover' => 'C',
+ 'cc' => 'C',
+
+ #'check' => 'ECHECK',
+ );
+
+ $content{'type'} = $types{ lc( $content{'type'} ) } || $content{'type'};
+
+ $self->transaction_type( $content{'type'} );
# stuff it back into %content
$self->content(%content);
}
-sub remap_fields {
- my($self,%map) = @_;
-
+sub _revmap_fields {
+ my ( $self, %map ) = @_;
my %content = $self->content();
- foreach(keys %map) {
- $content{$map{$_}} = $content{$_};
+ foreach ( keys %map ) {
+ $content{$_} =
+ ref( $map{$_} )
+ ? ${ $map{$_} }
+ : $content{ $map{$_} };
}
$self->content(%content);
}
-sub revmap_fields {
- my($self, %map) = @_;
- my %content = $self->content();
- foreach(keys %map) {
-# warn "$_ = ". ( ref($map{$_})
-# ? ${ $map{$_} }
-# : $content{$map{$_}} ). "\n";
- $content{$_} = ref($map{$_})
- ? ${ $map{$_} }
- : $content{$map{$_}};
+sub expdate_mmyy {
+ my $self = shift;
+ my $expiration = shift;
+ my $expdate_mmyy;
+ if ( defined($expiration) and $expiration =~ /^(\d+)\D+\d*(\d{2})$/ ) {
+ my ( $month, $year ) = ( $1, $2 );
+ $expdate_mmyy = sprintf( "%02d", $month ) . $year;
}
- $self->content(%content);
+ return defined($expdate_mmyy) ? $expdate_mmyy : $expiration;
}
sub submit {
- my($self) = @_;
+ my ($self) = @_;
- $self->map_fields();
+ $self->_map_fields();
my %content = $self->content;
- my($month, $year, $zip);
-
if ( $self->transaction_type() ne 'C' ) {
- croak("PayflowPro can't (yet?) handle transaction type: " .
- $self->transaction_type());
+ croak( "PayflowPro can't (yet?) handle transaction type: "
+ . $self->transaction_type() );
}
- if ( defined($content{'expiration'}) && length($content{'expiration'}) ) {
- $content{'expiration'} =~ /^(\d+)\D+\d*(\d{2})$/
- or croak "unparsable expiration $content{expiration}";
+ my $expdate_mmyy = $self->expdate_mmyy( $content{"expiration"} );
+ my $zip = $content{'zip'};
+ $zip =~ s/[^[:alnum:]]//g;
+
+ $self->server( $self->test_server ) if $self->test_transaction;
+
+ my $vendor = $self->vendor;
+ my $partner = $self->partner;
+
+ $self->_revmap_fields(
+
+ # BUG?: VENDOR B::OP:PayflowPro < 0.05 backward compatibility. If
+ # vendor not set use login although test indicate undef vendor is ok
+ VENDOR => $vendor ? \$vendor : 'login',
+ PARTNER => \$partner,
+ USER => 'login',
+ PWD => 'password',
+ TRXTYPE => 'action',
+ TENDER => 'type',
+ ORIGID => 'order_number',
+ COMMENT1 => 'description',
+ COMMENT2 => 'invoice_number',
+
+ ACCT => 'card_number',
+ CVV2 => 'cvv2',
+ EXPDATE => \$expdate_mmyy, # MM/YY from 'expiration'
+ AMT => 'amount',
+
+ FIRSTNAME => 'first_name',
+ LASTNAME => 'last_name',
+ NAME => 'name',
+ EMAIL => 'email',
+ COMPANYNAME => 'company',
+ STREET => 'address',
+ CITY => 'city',
+ STATE => 'state',
+ ZIP => \$zip, # 'zip' with non-alnums removed
+ COUNTRY => 'country',
+ );
- ( $month, $year ) = ( $1, $2 );
- $month = '0'. $month if $month =~ /^\d$/;
+ my @required = qw( TRXTYPE TENDER PARTNER VENDOR USER PWD );
+ if ( $self->transaction_type() eq 'C' ) { # credit card
+ if ( $content{'action'} =~ /^[CDV]$/
+ && defined( $content{'ORIGID'} )
+ && length( $content{'ORIGID'} ) )
+ {
+ push @required, qw(ORIGID);
+ }
+ else {
+
+ # never get here, we croak above if transaction_type ne 'C'
+ push @required, qw(AMT ACCT EXPDATE);
+ }
}
+ $self->required_fields(@required);
- ( $zip = $content{'zip'} ) =~ s/\D//g;
-
- $self->server('test-payflow.verisign.com') if $self->test_transaction;
+ my %params = $self->get_fields(
+ qw(
+ VENDOR PARTNER USER PWD TRXTYPE TENDER ORIGID COMMENT1 COMMENT2
+ ACCT CVV2 EXPDATE AMT
+ FIRSTNAME LASTNAME NAME EMAIL COMPANYNAME
+ STREET CITY STATE ZIP COUNTRY
+ )
+ );
- $self->revmap_fields(
- # (BUG?) VENDOR B::OP:PayflowPro < 0.05 backward compatibility. If
- # vendor not set use login (although test indicate undef vendor is ok)
- VENDOR => $self->vendor ? \( $self->vendor ) : 'login',
- PARTNER => \( $self->partner ),
- USER => 'login',
- PWD => 'password',
- TRXTYPE => 'action',
- TENDER => 'type',
- ORIGID => 'order_number',
- COMMENT1 => 'description',
- COMMENT2 => 'invoice_number',
+ # get header data, get request_id from %content if defined for ease of use
+ my %req_headers = %{ $self->headers || {} };
+ if ( defined $content{"request_id"} ) {
+ $req_headers{"X-VPS-Request-ID"} = $content{"request_id"};
+ }
+ unless ( defined( $req_headers{"X-VPS-Request-ID"} ) ) {
+ $req_headers{"X-VPS-Request-ID"} = $self->request_id();
+ }
- ACCT => 'card_number',
- CVV2 => 'cvv2',
- EXPDATE => \( $month.$year ), # MM/YY from 'expiration'
- AMT => 'amount',
+ unless ( defined( $req_headers{"X-VPS-VIT-Client-Certification-Id"} ) ) {
+ $req_headers{"X-VPS-VIT-Client-Certification-Id"} =
+ $self->client_certification_id;
+ }
- FIRSTNAME => 'first_name',
- LASTNAME => 'last_name',
- NAME => 'name',
- EMAIL => 'email',
- COMPANYNAME => 'company',
- STREET => 'address',
- CITY => 'city',
- STATE => 'state',
- ZIP => \$zip, # 'zip' with non-numbers removed
- COUNTRY => 'country',
+ my %options = (
+ "Content-Type" => "text/namevalue",
+ "headers" => \%req_headers,
);
- my @required = qw( TRXTYPE TENDER PARTNER VENDOR USER PWD );
- if ( $self->transaction_type() eq 'C' ) { #credit card
- if ( $content{'action'} =~ /^[CDV]$/
- && defined($content{'ORIGID'})
- && length($content{'ORIGID'})
- )
- {
- push @required, qw(ORIGID);
- } else {
- # not currently supported, we croak above if transaction_type ne 'C'
- push @required, qw(AMT ACCT EXPDATE);
- }
- }
- $self->required_fields(@required);
+ my ( $page, $resp, %resp_headers ) =
+ $self->https_post( \%options, \%params );
- my %params = $self->get_fields(qw(
- VENDOR PARTNER USER PWD TRXTYPE TENDER ORIGID COMMENT1 COMMENT2
- ACCT CVV2 EXPDATE AMT
- FIRSTNAME LASTNAME NAME EMAIL COMPANYNAME STREET CITY STATE ZIP COUNTRY
- ));
+ $self->response_code( $resp );
+ $self->response_page( $page );
+ $self->response_headers( \%resp_headers );
- $ENV{'PFPRO_CERT_PATH'} = $self->cert_path;
- my( $response, $resultstr ) = pfpro( \%params, $self->server, $self->port );
- # PNREF (aka transaction id) is set on success and failure
- $self->order_number( $response->{'PNREF'} );
+ # $page should contain name=value[[&name=value]...] pairs
+ my $cgi = CGI->new("$page");
# AVS and CVS values may be set on success or failure
my $avs_code;
- if ( exists $response->{AVSADDR} || exists $response->{AVSZIP} ) {
- if ( $response->{AVSADDR} eq 'Y' && $response->{AVSZIP} eq 'Y' ) {
- $avs_code = 'Y';
- } elsif ( $response->{AVSADDR} eq 'Y' ) {
- $avs_code = 'A';
- } elsif ( $response->{AVSZIP} eq 'Y' ) {
- $avs_code = 'Z';
- } elsif ( $response->{AVSADDR} eq 'N' || $response->{AVSZIP} eq 'N' ) {
- $avs_code = 'N';
- } else {
- $avs_code = '';
- }
+ if ( defined $cgi->param("AVSADDR") or defined $cgi->param("AVSZIP") ) {
+ if ( $cgi->param("AVSADDR") eq "Y" && $cgi->param("AVSZIP") eq "Y" ) {
+ $avs_code = "Y";
+ }
+ elsif ( $cgi->param("AVSADDR") eq "Y" ) {
+ $avs_code = "A";
+ }
+ elsif ( $cgi->param("AVSZIP") eq "Y" ) {
+ $avs_code = "Z";
+ }
+ elsif ( $cgi->param("AVSADDR") eq "N" or $cgi->param("AVSZIP") eq "N" )
+ {
+ $avs_code = "N";
+ }
+ else {
+ $avs_code = "";
+ }
}
$self->avs_code($avs_code);
- $self->cvv2_code($response->{'CVV2MATCH'});
- $self->result_code($response->{'RESULT'});
- $self->error_message($response->{'RESPMSG'});
- $self->authorization($response->{'AUTHCODE'});
+ $self->cvv2_response( $cgi->param("CVV2MATCH") );
+ $self->result_code( $cgi->param("RESULT") );
+ $self->order_number( $cgi->param("PNREF") );
+ $self->error_message( $cgi->param("RESPMSG") );
+ $self->authorization( $cgi->param("AUTHCODE") );
# RESULT must be an explicit zero, not just numerically equal
- if ( $response->{'RESULT'} eq '0' ) {
- $self->is_success(1);
- } else {
- $self->is_success(0);
+ if ( $cgi->param("RESULT") eq "0" ) {
+ $self->is_success(1);
+ }
+ else {
+ $self->is_success(0);
}
}
'PayflowPro',
'vendor' => 'your_vendor',
'partner' => 'your_partner',
- 'cert_path' => '/path/to/your/certificate/file/', # just the dir
+ 'client_certification_id' => 'assigned_certification_id',
);
# See the module documentation for details of content()
expiration => '12/09',
cvv2 => '123',
order_number => 'string',
+ request_id => 'unique_identifier_for_transaction',
);
$tx->submit();
print(
"Card processed successfully: ", $tx->authorization, "\n",
"order number: ", $tx->order_number, "\n",
- "CVV2 code: ", $tx->cvv2_code, "\n",
+ "CVV2 response: ", $tx->cvv2_response, "\n",
"AVS code: ", $tx->avs_code, "\n",
);
}
See L<Business::OnlinePayment> for details on the interface this
modules supports.
+=head1 Standard methods
+
+=over 4
+
+=item set_defaults()
+
+This method sets the 'server' attribute to 'payflowpro.verisign.com' and
+the port attribute to '443'. This method also sets up the
+L</Module specific methods> described below.
+
+=item submit()
+
+=back
+
+=head1 Unofficial methods
+
+This module provides the following methods which are not officially part of the
+standard Business::OnlinePayment interface (as of 3.00_06) but are nevertheless
+supported by multiple gateways modules and expected to be standardized soon:
+
+=over 4
+
+=item L<order_number()|/order_number()>
+
+=item L<avs_code()|/avs_code()>
+
+=item L<cvv2_response()|/cvv2_response()>
+
+=back
+
=head1 Module specific methods
This module provides the following methods which are not currently
=over 4
-=item vendor()
+=item L<expdate_mmyy()|/expdate_mmyy()>
-=item partner()
+=item L<requeset_id()/request_id()>
-=item cert_path()
+=item L<debug()|/debug()>
-=item L<order_number()|/order_number()>
+=back
-=item L<avs_code()|/avs_code()>
+=head2 Deprecated methods
+
+The following methods are deprecated and may be removed in a future
+release. Values for vendor and partner should now be set as arguments to
+Business::OnlinePayment->new(). The value for cert_path was used to support
+passing a path to PFProAPI.pm (a Perl module/SDK from Verisign/Paypal) which is
+no longer used.
-=item L<cvv2_code()|/cvv2_code()>
+=over 4
+
+=item vendor()
+
+=item partner()
+
+=item cert_path()
=back
=item server
-payflow.verisign.com or test-payflow.verisign.com if
+payflowpro.verisign.com or pilot-payflowpro.verisign.com if
test_transaction() is TRUE
=item port
STREET => 'address',
CITY => 'city',
STATE => 'state',
- ZIP => \$zip, # 'zip' with non-numbers removed
+ ZIP => \$zip, # 'zip' with non-alphanumerics removed
COUNTRY => 'country',
The required Payflow Pro parameters for credit card transactions are:
N - no match
undef - AVS values not available
-=head2 cvv2_code()
+=head2 cvv2_response()
-The cvv2_code() method returns the CVV2MATCH field, which is a
+The cvv2_response() method returns the CVV2MATCH field, which is a
response message returned with the transaction result.
+=head2 expdate_mmyy()
+
+The expdate_mmyy() method takes a single scalar argument (typically
+the value in $content{expiration}) and attempts to parse and format
+and put the date in MMYY format as required by PayflowPro
+specification. If unable to parse the expiration date simply leave it
+as is and let the PayflowPro system attempt to handle it as-is.
+
+=head2 request_id()
+
+The request_id() method uses Digest::MD5 to attempt to generate a
+request_id for a transaction. It is recommended that you specify your
+own unique request_id for each transaction in %content. A request_id
+is REQUIRED by the PayflowPro processor.
+
+=head2 debug()
+
+Enable or disble debugging. The value specified here will also set
+$Business::OnlinePayment::HTTPS::DEBUG in submit() to aid in
+troubleshooting problems.
+
=head1 COMPATIBILITY
This module implements an interface to the Payflow Pro Perl API, which
can be downloaded at https://manager.paypal.com/ with a valid login.
-=head1 AUTHOR
+=head1 AUTHORS
Ivan Kohler <ivan-payflowpro@420.am>
+Phil Lobbes E<lt>phil at perkpartners.comE<gt>
+
Based on Business::OnlinePayment::AuthorizeNet written by Jason Kohles.
=head1 SEE ALSO
projects / Business-OnlinePayment-PayflowPro.git / blobdiff