Class: OffsitePayments::Integrations::AuthorizeNetSim::Notification

Inherits:

Notification

• Object
• Notification
• OffsitePayments::Integrations::AuthorizeNetSim::Notification

Defined in:

lib/offsite_payments/integrations/authorize_net_sim.rb

Overview

# Example: parser = AuthorizeNetSim::Notification.new(request.raw_post) passed = parser.complete?

order = Order.find_by_order_number(parser.invoice_num)

unless order

@message = 'Error--unable to find your transaction! Please contact us directly.'
return render :partial => 'authorize_net_sim_payment_response'

end

if order.total != parser.gross.to_f

logger.error "Authorize.Net sim said they paid for #{parser.gross} and it should have been #{order.total}!"
passed = false

end

# Theoretically, Authorize.net will never pass us the same transaction # ID twice, but we can double check that… by using # parser.transaction_id, and checking against previous orders’ transaction # id’s (which you can save when the order is completed).… unless parser.acknowledge MD5_HASH_SET_IN_AUTHORIZE_NET, AUTHORIZE_LOGIN

passed = false
logger.error "ALERT POSSIBLE FRAUD ATTEMPT either that or you haven't setup your md5 hash setting right in #{__FILE__}
  because a transaction came back from Authorize.Net with the wrong hash value--rejecting!"

end

unless parser.cavv_matches? and parser.avs_code_matches?

logger.error 'Warning--non matching CC!' + params.inspect
# Could fail them here, as well (recommended)...

end

if passed

# Set up your session, and render something that will redirect them to
# your site, most likely.

else

# Render failure or redirect them to your site where you will render failure

end

Direct Known Subclasses

FirstData::Notification

Instance Attribute Summary

Attributes inherited from Notification

#params, #raw

Instance Method Summary

• #acknowledge(md5_hash_set_in_authorize_net, authorize_net_login_name) ⇒ Object

  Called to request back and check if it was a valid request.

• #all_custom_values_passed_in_and_now_passed_back_to_us ⇒ Object

  If you pass any values to authorize that aren’t its expected, it will pass them back to you verbatim, returned by this method.

• #auth_code ⇒ Object
• #avs_code ⇒ Object

  avs [address verification] code A = Address (Street) matches, ZIP does not B = Address information not provided for AVS check E = AVS error G = Non-U.S.

• #avs_code_matches? ⇒ Boolean

  Returns true if their address completely matched [Y or X, P from #avs_code, which mean ‘add+zip match’, ‘address + 9-zip match’, and not applicable, respectively].

• #billing_address ⇒ Object

  Passes a hash of the address the user entered in at Authorize.Net.

• #cavv_matches? ⇒ Boolean

  Check if #cavv_response == ”, ‘2’, ‘8’ one of those [non failing] [blank means no validated, 2 is passed, 8 is passed issuer available].

• #cavv_response ⇒ Object

  cavv_response–‘cardholder authentication verification response code’–most likely not use for SIM Blank or not present = CAVV not validated 0 = CAVV not validated because erroneous data was submitted 1 = CAVV failed validation 2 = CAVV passed validation 3 = CAVV validation could not be performed; issuer attempt incomplete 4 = CAVV validation could not be performed; issuer system error 5 = Reserved for future use 6 = Reserved for future use 7 = CAVV attempt – failed validation – issuer available (U.S.-issued card/non-U.S acquirer) 8 = CAVV attempt – passed validation – issuer available (U.S.-issued card/non-U.S. acquirer) 9 = CAVV attempt – failed validation – issuer.

• #complete? ⇒ Boolean

  Payment is complete – returns true if x_response_code == ‘1’.

• #customer_id ⇒ Object
• #cvv2_resp_code ⇒ Object

  cvv2 response M = Match N = No Match P = Not Processed S = Should have been present U = Issuer unable to process request.

• #cvv2_resp_code_matches? ⇒ Boolean

  check if #cvv2_resp_code == ‘m’ for Match.

• #description ⇒ Object
• #duty ⇒ Object
• #freight ⇒ Object (also: #shipping)

  Shipping we sent them.

• #gross ⇒ Object

  The money amount we received in X.2 decimal.

• #invoice_num ⇒ Object

  Invoice num we passed in as invoice_num to them.

• #item_id ⇒ Object

  Alias for invoice number–this is the only id they pass back to us that we passed to them, except customer id is also passed back.

• #method ⇒ Object

  Payment method used–almost always CC (for credit card).

• #method_available ⇒ Object

  Ff our payment method is available.

• #payer_email ⇒ Object

  End-user’s email.

• #po_num ⇒ Object
• #received_at ⇒ Object

  When was this payment was received by the client.

• #receiver_email ⇒ Object

  They don’t pass merchant email back to us – unimplemented – always returns nil.

• #response_code_as_ruby_symbol ⇒ Object

  Returns the response code as a symbol.

• #response_reason_code ⇒ Object

  The response reason text’s numeric id [equivalent–just a number].

• #response_reason_text ⇒ Object
• #response_subcode ⇒ Object

  ‘used internally by their gateway’.

• #security_key ⇒ Object

  md5 hash used internally.

• #ship_to_address ⇒ Object
• #status ⇒ Object

  #method_available alias.

• #tax ⇒ Object

  Tax amount we sent them.

• #tax_exempt ⇒ Object

  They pass back a tax_exempt value.

• #test? ⇒ Boolean

  Was this a test transaction?.

• #transaction_id ⇒ Object

  They return this number to us [it’s unique to Authorize.net].

• #transaction_type ⇒ Object

  Transaction type (probably going to be auth_capture, since that’s all we set it as).

• #unescape(val) ⇒ Object

  :nodoc:.

Methods inherited from Notification

#amount, #empty!, #gross_cents, #initialize, #iso_currency, #valid_sender?

Constructor Details

This class inherits a constructor from OffsitePayments::Notification

Instance Method Details

#acknowledge(md5_hash_set_in_authorize_net, authorize_net_login_name) ⇒ Object

Called to request back and check if it was a valid request. Authorize.net passes us back a hash that includes a hash of our ‘unique’ MD5 value that we set within their system.

Example: acknowledge(‘my secret md5 hash that I set within Authorize.Net’, ‘authorize_login’)

Note this is somewhat unsafe unless you actually set that md5 hash to something (defaults to ” in their system).

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 563

def acknowledge(md5_hash_set_in_authorize_net, authorize_net_login_name)
  Digest::MD5.hexdigest(md5_hash_set_in_authorize_net + authorize_net_login_name + params['x_trans_id'] + gross) == params['x_MD5_Hash'].downcase
end

#all_custom_values_passed_in_and_now_passed_back_to_us ⇒ Object

If you pass any values to authorize that aren’t its expected, it will pass them back to you verbatim, returned by this method. custom values:

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 355

def all_custom_values_passed_in_and_now_passed_back_to_us
  all = {}
  params.each do |key, value|
    if key[0..1] != 'x_'
      all[key] = unescape value
    end
  end
  all
end

#auth_code ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 310

def auth_code
  unescape params['x_auth_code']
end

#avs_code ⇒ Object

avs [address verification] code A = Address (Street) matches, ZIP does not B = Address information not provided for AVS check E = AVS error G = Non-U.S. Card Issuing Bank N = No Match on Address (Street) or ZIP P = AVS not applicable for this transaction R = Retry – System unavailable or timed out S = Service not supported by issuer U = Address information is unavailable W = Nine digit ZIP matches, Address (Street) does not X = Address (Street) and nine digit ZIP match Y = Address (Street) and five digit ZIP match Z = Five digit ZIP matches Address (Street) does not

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 433

def avs_code
  params['x_avs_code']
end

#avs_code_matches? ⇒ Boolean

Returns true if their address completely matched [Y or X, P from #avs_code, which mean ‘add+zip match’, ‘address + 9-zip match’, and not applicable, respectively].

Returns:

• (Boolean)

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 440

def avs_code_matches?
  return ['Y', 'X', 'P'].include? params['x_avs_code']
end

#billing_address ⇒ Object

Passes a hash of the address the user entered in at Authorize.Net

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 298

def billing_address
  all = {}
  [:fax, :city, :company, :last_name, :country, :zip, :first_name, :address, :email, :state].each do |key_out|
    all[key_out] = unescape params['x_' + key_out.to_s]
  end
  all
end

#cavv_matches? ⇒ Boolean

Check if #cavv_response == ”, ‘2’, ‘8’ one of those [non failing] [blank means no validated, 2 is passed, 8 is passed issuer available]

Returns:

• (Boolean)

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 497

def cavv_matches?
  ['','2','8'].include? cavv_response
end

#cavv_response ⇒ Object

cavv_response–‘cardholder authentication verification response code’–most likely not use for SIM Blank or not present = CAVV not validated 0 = CAVV not validated because erroneous data was submitted 1 = CAVV failed validation 2 = CAVV passed validation 3 = CAVV validation could not be performed; issuer attempt incomplete 4 = CAVV validation could not be performed; issuer system error 5 = Reserved for future use 6 = Reserved for future use 7 = CAVV attempt – failed validation – issuer available (U.S.-issued card/non-U.S acquirer) 8 = CAVV attempt – passed validation – issuer available (U.S.-issued card/non-U.S. acquirer) 9 = CAVV attempt – failed validation – issuer

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 490

def cavv_response
  params['x_cavv_response']
end

#complete? ⇒ Boolean

Payment is complete – returns true if x_response_code == ‘1’

Returns:

• (Boolean)

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 502

def complete?
  params["x_response_code"] == '1'
end

#customer_id ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 306

def customer_id
  unescape params['x_cust_id']
end

#cvv2_resp_code ⇒ Object

cvv2 response M = Match N = No Match P = Not Processed S = Should have been present U = Issuer unable to process request

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 452

def cvv2_resp_code
  params['x_cvv2_resp_code']
end

#cvv2_resp_code_matches? ⇒ Boolean

check if #cvv2_resp_code == ‘m’ for Match. otherwise false

Returns:

• (Boolean)

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 457

def cvv2_resp_code_matches?
  return ['M'].include? cvv2_resp_code
end

#description ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 375

def description
  unescape params['x_description']
end

#duty ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 365

def duty
  unescape params['x_duty']
end

#freight ⇒ Object Also known as: shipping

Shipping we sent them.

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 370

def freight
  unescape params['x_freight']
end

#gross ⇒ Object

The money amount we received in X.2 decimal. Returns a string

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 540

def gross
  unescape params['x_amount']
end

#invoice_num ⇒ Object

Invoice num we passed in as invoice_num to them.

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 348

def invoice_num
  item_id
end

#item_id ⇒ Object

Alias for invoice number–this is the only id they pass back to us that we passed to them, except customer id is also passed back.

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 508

def item_id
  unescape params['x_invoice_num']
end

#method ⇒ Object

Payment method used–almost always CC (for credit card).

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 338

def method
  unescape params['x_method']
end

#method_available ⇒ Object

Ff our payment method is available. Almost always “true”.

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 343

def method_available
  params['x_method_available']
end

#payer_email ⇒ Object

End-user’s email

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 524

def payer_email
  unescape params['x_email']
end

#po_num ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 314

def po_num
 unescape params['x_po_num']
end

#received_at ⇒ Object

When was this payment was received by the client. –unimplemented – always returns nil

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 519

def received_at
  nil
end

#receiver_email ⇒ Object

They don’t pass merchant email back to us – unimplemented – always returns nil

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 530

def receiver_email
  nil
end

#response_code_as_ruby_symbol ⇒ Object

Returns the response code as a symbol. => :approved, ‘2’ => :declined, ‘3’ => :error, ‘4’ => :held_for_review

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 381

def response_code_as_ruby_symbol
  map = {'1' => :approved, '2' => :declined, '3' => :error, '4' => :held_for_review}
  map[params['x_response_code']]
end

#response_reason_code ⇒ Object

The response reason text’s numeric id [equivalent–just a number]

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 391

def response_reason_code
  unescape params['x_response_reason_code']
end

#response_reason_text ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 386

def response_reason_text
  unescape params['x_response_reason_text']
end

#response_subcode ⇒ Object

‘used internally by their gateway’

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 396

def response_subcode
  params['x_response_subcode']
end

#security_key ⇒ Object

md5 hash used internally

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 535

def security_key
  params['x_MD5_Hash']
end

#ship_to_address ⇒ Object

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 318

def ship_to_address
 all = {}
  [:city, :last_name, :first_name, :country, :zip, :address].each do |key_out|
    all[key_out] = unescape params['x_ship_to_' + key_out.to_s]
  end
  all
end

#status ⇒ Object

#method_available alias

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 550

def status
  complete?
end

#tax ⇒ Object

Tax amount we sent them.

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 327

def tax
  unescape params['x_tax']
end

#tax_exempt ⇒ Object

They pass back a tax_exempt value.

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 401

def tax_exempt
  params['x_tax_exempt']
end

#test? ⇒ Boolean

Was this a test transaction?

Returns:

• (Boolean)

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 545

def test?
  params['x_test_request'] == 'true'
end

#transaction_id ⇒ Object

They return this number to us [it’s unique to Authorize.net].

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 513

def transaction_id
  params['x_trans_id']
end

#transaction_type ⇒ Object

Transaction type (probably going to be auth_capture, since that’s all we set it as).

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 333

def transaction_type
  unescape params['x_type']
end

#unescape(val) ⇒ Object

:nodoc:

# File 'lib/offsite_payments/integrations/authorize_net_sim.rb', line 289

def unescape(val) #:nodoc:
  if val
    CGI::unescape val
  else
    val
  end
end