Class: ActiveMerchant::Billing::StripeGateway

Inherits:
Gateway
  • Object
show all
Defined in:
lib/active_merchant/billing/gateways/stripe.rb

Overview

This gateway uses an older version of the Stripe API. To utilize the updated Payment Intents API, integrate with the StripePaymentIntents gateway

Direct Known Subclasses

StripePaymentIntentsGateway, WebpayGateway

Defined Under Namespace

Classes: StripePaymentToken

Constant Summary collapse

AVS_CODE_TRANSLATOR =
{
  'line1: pass, zip: pass' => 'Y',
  'line1: pass, zip: fail' => 'A',
  'line1: pass, zip: unchecked' => 'B',
  'line1: fail, zip: pass' => 'Z',
  'line1: fail, zip: fail' => 'N',
  'line1: unchecked, zip: pass' => 'P',
  'line1: unchecked, zip: unchecked' => 'I'
}
CVC_CODE_TRANSLATOR =
{
  'pass' => 'M',
  'fail' => 'N',
  'unchecked' => 'P'
}
DEFAULT_API_VERSION =
'2020-08-27'
STANDARD_ERROR_CODE_MAPPING =
{
  'incorrect_number' => STANDARD_ERROR_CODE[:incorrect_number],
  'invalid_number' => STANDARD_ERROR_CODE[:invalid_number],
  'invalid_expiry_month' => STANDARD_ERROR_CODE[:invalid_expiry_date],
  'invalid_expiry_year' => STANDARD_ERROR_CODE[:invalid_expiry_date],
  'invalid_cvc' => STANDARD_ERROR_CODE[:invalid_cvc],
  'expired_card' => STANDARD_ERROR_CODE[:expired_card],
  'incorrect_cvc' => STANDARD_ERROR_CODE[:incorrect_cvc],
  'incorrect_zip' => STANDARD_ERROR_CODE[:incorrect_zip],
  'card_declined' => STANDARD_ERROR_CODE[:card_declined],
  'call_issuer' => STANDARD_ERROR_CODE[:call_issuer],
  'processing_error' => STANDARD_ERROR_CODE[:processing_error],
  'incorrect_pin' => STANDARD_ERROR_CODE[:incorrect_pin],
  'test_mode_live_card' => STANDARD_ERROR_CODE[:test_mode_live_card],
  'pickup_card' => STANDARD_ERROR_CODE[:pickup_card],
  'amount_too_small' => STANDARD_ERROR_CODE[:invalid_amount]
}
BANK_ACCOUNT_HOLDER_TYPE_MAPPING =
{
  'personal' => 'individual',
  'business' => 'company'
}
MINIMUM_AUTHORIZE_AMOUNTS =
{
  'USD' => 100,
  'CAD' => 100,
  'GBP' => 60,
  'EUR' => 100,
  'DKK' => 500,
  'NOK' => 600,
  'SEK' => 600,
  'CHF' => 100,
  'AUD' => 100,
  'JPY' => 100,
  'MXN' => 2000,
  'SGD' => 100,
  'HKD' => 800
}

Constants inherited from Gateway

Gateway::CREDIT_DEPRECATION_MESSAGE, Gateway::RECURRING_DEPRECATION_MESSAGE, Gateway::STANDARD_ERROR_CODE

Instance Attribute Summary

Attributes inherited from Gateway

#options

Instance Method Summary collapse

Methods inherited from Gateway

#add_field_to_post_if_present, #add_fields_to_post_if_present, card_brand, #card_brand, #generate_unique_id, inherited, supported_countries, #supported_countries, supported_countries=, supports?, #test?

Methods included from CreditCardFormatting

#expdate, #format

Methods included from PostsData

included, #raw_ssl_request, #ssl_get, #ssl_post, #ssl_request

Constructor Details

#initialize(options = {}) ⇒ StripeGateway

Returns a new instance of StripeGateway.



76
77
78
79
80
81
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 76

def initialize(options = {})
  requires!(options, :login)
  @api_key = options[:login]
  @fee_refund_api_key = options[:fee_refund_login]
  super
end

Instance Method Details

#authorize(money, payment, options = {}) ⇒ Object



83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 83

def authorize(money, payment, options = {})
  if ach?(payment)
    direct_bank_error = 'Direct bank account transactions are not supported for authorize.'
    return Response.new(false, direct_bank_error)
  end

  MultiResponse.run do |r|
    if payment.is_a?(ApplePayPaymentToken)
      r.process { tokenize_apple_pay_token(payment) }
      payment = StripePaymentToken.new(r.params['token']) if r.success?
    end
    r.process do
      post = create_post_for_auth_or_purchase(money, payment, options)
      add_application_fee(post, options) if emv_payment?(payment)
      post[:capture] = 'false'
      commit(:post, 'charges', post, options)
    end
  end.responses.last
end

#capture(money, authorization, options = {}) ⇒ Object



129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 129

def capture(money, authorization, options = {})
  post = {}

  if emv_tc_response = options.delete(:icc_data)
    # update the charge with emv data if card present
    update = {}
    update[:card] = { emv_approval_data: emv_tc_response }
    commit(:post, "charges/#{CGI.escape(authorization)}", update, options)
  else
    add_application_fee(post, options)
    add_amount(post, money, options)
    add_exchange_rate(post, options)
  end

  commit(:post, "charges/#{CGI.escape(authorization)}/capture", post, options)
end

#delete_latest_test_external_account(account) ⇒ Object

Helper method to prevent hitting the external_account limit from remote test runs



303
304
305
306
307
308
309
310
311
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 303

def ()
  return unless test?

  auth_header = { 'Authorization' => 'Basic ' + Base64.strict_encode64(options[:login].to_s + ':').strip }
  url = "#{live_url}accounts/#{CGI.escape()}/external_accounts"
  accounts_response = JSON.parse(ssl_get("#{url}?limit=100", auth_header))
  to_delete = accounts_response['data'].reject { |ac| ac['default_for_currency'] }
  ssl_request(:delete, "#{url}/#{to_delete.first['id']}", nil, auth_header)
end

#purchase(money, payment, options = {}) ⇒ Object

To create a charge on a card or a token, call

purchase(money, card_hash_or_token, { ... })

To create a charge on a customer, call

purchase(money, nil, { :customer => id, ... })


110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 110

def purchase(money, payment, options = {})
  if ach?(payment)
    direct_bank_error = 'Direct bank account transactions are not supported. Bank accounts must be stored and verified before use.'
    return Response.new(false, direct_bank_error)
  end

  MultiResponse.run do |r|
    if payment.is_a?(ApplePayPaymentToken)
      r.process { tokenize_apple_pay_token(payment) }
      payment = StripePaymentToken.new(r.params['token']) if r.success?
    end
    r.process do
      post = create_post_for_auth_or_purchase(money, payment, options)
      post[:card][:processing_method] = 'quick_chip' if quickchip_payment?(payment)
      commit(:post, 'charges', post, options)
    end
  end.responses.last
end

#refund(money, identification, options = {}) ⇒ Object



155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 155

def refund(money, identification, options = {})
  post = {}
  add_amount(post, money, options)
  post[:refund_application_fee] = true if options[:refund_application_fee]
  post[:reverse_transfer] = options[:reverse_transfer] if options[:reverse_transfer]
  post[:metadata] = options[:metadata] if options[:metadata]
  post[:reason] = options[:reason] if options[:reason]
  post[:expand] = [:charge]

  response = commit(:post, "charges/#{CGI.escape(identification)}/refunds", post, options)

  if response.success? && options[:refund_fee_amount] && options[:refund_fee_amount].to_s != '0'
    charge = api_request(:get, "charges/#{CGI.escape(identification)}", nil, options)

    if application_fee = charge['application_fee']
      fee_refund_options = {
        currency: options[:currency], # currency isn't used by Stripe here, but we need it for #add_amount
        key: @fee_refund_api_key
      }
      refund_application_fee(options[:refund_fee_amount].to_i, application_fee, fee_refund_options)
    end
  end

  response
end

#refund_application_fee(money, identification, options = {}) ⇒ Object



189
190
191
192
193
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 189

def refund_application_fee(money, identification, options = {})
  post = {}
  add_amount(post, money, options)
  commit(:post, "application_fees/#{CGI.escape(identification)}/refunds", post, options)
end

#scrub(transcript) ⇒ Object



281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 281

def scrub(transcript)
  transcript.
    gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
    gsub(%r((Authorization: Bearer )\w+), '\1[FILTERED]').
    gsub(%r((&?three_d_secure\[cryptogram\]=)[\w=]*(&?)), '\1[FILTERED]\2').
    gsub(%r(((\[card\]|card)\[cryptogram\]=)[^&]+(&?)), '\1[FILTERED]\3').
    gsub(%r(((\[card\]|card)\[cvc\]=)\d+), '\1[FILTERED]').
    gsub(%r(((\[card\]|card)\[emv_approval_data\]=)[^&]+(&?)), '\1[FILTERED]\3').
    gsub(%r(((\[card\]|card)\[emv_auth_data\]=)[^&]+(&?)), '\1[FILTERED]\3').
    gsub(%r(((\[card\]|card)\[encrypted_pin\]=)[^&]+(&?)), '\1[FILTERED]\3').
    gsub(%r(((\[card\]|card)\[encrypted_pin_key_id\]=)[\w=]+(&?)), '\1[FILTERED]\3').
    gsub(%r(((\[card\]|card)\[number\]=)\d+), '\1[FILTERED]').
    gsub(%r(((\[card\]|card)\[swipe_data\]=)[^&]+(&?)), '\1[FILTERED]\3').
    gsub(%r(((\[bank_account\]|bank_account)\[account_number\]=)\d+), '\1[FILTERED]').
    gsub(%r(((\[payment_method_data\]|payment_method_data)\[card\]\[token\]=)[^&]+(&?)), '\1[FILTERED]\3')
end

#store(payment, options = {}) ⇒ Object

Note: creating a new credit card will not change the customer’s existing default credit card (use :set_default => true)



196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 196

def store(payment, options = {})
  params = {}
  post = {}

  if payment.is_a?(ApplePayPaymentToken)
    token_exchange_response = tokenize_apple_pay_token(payment)
    params = { card: token_exchange_response.params['token']['id'] } if token_exchange_response.success?
  elsif payment.is_a?(StripePaymentToken)
    add_payment_token(params, payment, options)
  elsif payment.is_a?(Check)
    bank_token_response = (payment)
    return bank_token_response unless bank_token_response.success?

    params = { source: bank_token_response.params['token']['id'] }
  else
    add_creditcard(params, payment, options)
  end

  post[:validate] = options[:validate] unless options[:validate].nil?
  post[:description] = options[:description] if options[:description]
  post[:email] = options[:email] if options[:email]

  if options[:account]
    (post, params, payment)
    commit(:post, "accounts/#{CGI.escape(options[:account])}/external_accounts", post, options)
  elsif options[:customer]
    MultiResponse.run(:first) do |r|
      # The /cards endpoint does not update other customer parameters.
      r.process { commit(:post, "customers/#{CGI.escape(options[:customer])}/cards", params, options) }

      post[:default_card] = r.params['id'] if options[:set_default] && r.success? && !r.params['id'].blank?

      r.process { update_customer(options[:customer], post.merge(expand: [:sources])) } if post.count > 0
    end
  else
    post[:expand] = [:sources]
    commit(:post, 'customers', post.merge(params), options)
  end
end

#supports_network_tokenization?Boolean

Returns:

  • (Boolean)


298
299
300
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 298

def supports_network_tokenization?
  true
end

#supports_scrubbing?Boolean

Returns:

  • (Boolean)


277
278
279
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 277

def supports_scrubbing?
  true
end

#tokenize_apple_pay_token(apple_pay_payment_token, options = {}) ⇒ Object



256
257
258
259
260
261
262
263
264
265
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 256

def tokenize_apple_pay_token(apple_pay_payment_token, options = {})
  token_response = api_request(:post, "tokens?pk_token=#{CGI.escape(apple_pay_payment_token.payment_data.to_json)}")
  success = !token_response.key?('error')

  if success && token_response.key?('id')
    Response.new(success, nil, token: token_response)
  else
    Response.new(success, token_response['error']['message'])
  end
end

#unstore(identification, options = {}, deprecated_options = {}) ⇒ Object



244
245
246
247
248
249
250
251
252
253
254
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 244

def unstore(identification, options = {}, deprecated_options = {})
  customer_id, card_id = identification.split('|')

  if options.kind_of?(String)
    ActiveMerchant.deprecated 'Passing the card_id as the 2nd parameter is deprecated. The response authorization includes both the customer_id and the card_id.'
    card_id ||= options
    options = deprecated_options
  end

  commit(:delete, "customers/#{CGI.escape(customer_id)}/cards/#{CGI.escape(card_id)}", nil, options)
end

#update(customer_id, card_id, options = {}) ⇒ Object



236
237
238
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 236

def update(customer_id, card_id, options = {})
  commit(:post, "customers/#{CGI.escape(customer_id)}/cards/#{CGI.escape(card_id)}", options, options)
end

#update_customer(customer_id, options = {}) ⇒ Object



240
241
242
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 240

def update_customer(customer_id, options = {})
  commit(:post, "customers/#{CGI.escape(customer_id)}", options, options)
end

#verify(payment, options = {}) ⇒ Object



181
182
183
184
185
186
187
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 181

def verify(payment, options = {})
  MultiResponse.run(:use_first_response) do |r|
    r.process { authorize(auth_minimum_amount(options), payment, options) }
    options[:idempotency_key] = nil
    r.process(:ignore_result) { void(r.authorization, options) }
  end
end

#verify_credentialsObject



267
268
269
270
271
272
273
274
275
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 267

def verify_credentials
  begin
    ssl_get(live_url + 'charges/nonexistent', headers)
  rescue ResponseError => e
    return false if e.response.code.to_i == 401
  end

  true
end

#void(identification, options = {}) ⇒ Object



146
147
148
149
150
151
152
153
# File 'lib/active_merchant/billing/gateways/stripe.rb', line 146

def void(identification, options = {})
  post = {}
  post[:reverse_transfer] = options[:reverse_transfer] if options[:reverse_transfer]
  post[:metadata] = options[:metadata] if options[:metadata]
  post[:reason] = options[:reason] if options[:reason]
  post[:expand] = [:charge]
  commit(:post, "charges/#{CGI.escape(identification)}/refunds", post, options)
end