class OffsitePayments::Integrations::AuthorizeNetSim::Notification

# Example: parser = AuthorizeNetSim::Notification.new(request.raw_post) passed = parser.complete?

order = Order.find_by_order_number(parser.invoice_num)

unless order

@message = 'Error--unable to find your transaction! Please contact us directly.'
return render :partial => 'authorize_net_sim_payment_response'

end

if order.total != parser.gross.to_f

logger.error "Authorize.Net sim said they paid for #{parser.gross} and it should have been #{order.total}!"
passed = false

end

# Theoretically, Authorize.net will never pass us the same transaction # ID twice, but we can double check that… by using # parser.transaction_id, and checking against previous orders’ transaction # id’s (which you can save when the order is completed).… unless parser.acknowledge MD5_HASH_SET_IN_AUTHORIZE_NET, AUTHORIZE_LOGIN

passed = false
logger.error "ALERT POSSIBLE FRAUD ATTEMPT either that or you haven't setup your md5 hash setting right in #{__FILE__}
  because a transaction came back from Authorize.Net with the wrong hash value--rejecting!"

end

unless parser.cavv_matches? and parser.avs_code_matches?

logger.error 'Warning--non matching CC!' + params.inspect
# Could fail them here, as well (recommended)...

end

if passed

# Set up your session, and render something that will redirect them to
# your site, most likely.

else

# Render failure or redirect them to your site where you will render failure

end

Public Instance Methods

acknowledge(md5_hash_set_in_authorize_net, authorize_net_login_name) click to toggle source

Called to request back and check if it was a valid request. Authorize.net passes us back a hash that includes a hash of our ‘unique’ MD5 value that we set within their system.

Example: acknowledge(‘my secret md5 hash that I set within Authorize.Net’, ‘authorize_login’)

Note this is somewhat unsafe unless you actually set that md5 hash to something (defaults to ” in their system).

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 563
def acknowledge(md5_hash_set_in_authorize_net, authorize_net_login_name)
  Digest::MD5.hexdigest(md5_hash_set_in_authorize_net + authorize_net_login_name + params['x_trans_id'] + gross) == params['x_MD5_Hash'].downcase
end
all_custom_values_passed_in_and_now_passed_back_to_us() click to toggle source

If you pass any values to authorize that aren’t its expected, it will pass them back to you verbatim, returned by this method. custom values:

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 355
def all_custom_values_passed_in_and_now_passed_back_to_us
  all = {}
  params.each do |key, value|
    if key[0..1] != 'x_'
      all[key] = unescape value
    end
  end
  all
end
auth_code() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 310
def auth_code
  unescape params['x_auth_code']
end
avs_code() click to toggle source

avs [address verification] code A = Address (Street) matches, ZIP does not B = Address information not provided for AVS check E = AVS error G = Non-U.S. Card Issuing Bank N = No Match on Address (Street) or ZIP P = AVS not applicable for this transaction R = Retry – System unavailable or timed out S = Service not supported by issuer U = Address information is unavailable W = Nine digit ZIP matches, Address (Street) does not X = Address (Street) and nine digit ZIP match Y = Address (Street) and five digit ZIP match Z = Five digit ZIP matches Address (Street) does not

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 433
def avs_code
  params['x_avs_code']
end
avs_code_matches?() click to toggle source

Returns true if their address completely matched [Y or X, P from avs_code, which mean ‘add+zip match’, ‘address + 9-zip match’, and not applicable, respectively].

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 440
def avs_code_matches?
  return ['Y', 'X', 'P'].include? params['x_avs_code']
end
billing_address() click to toggle source

Passes a hash of the address the user entered in at Authorize.Net

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 298
def billing_address
  all = {}
  [:fax, :city, :company, :last_name, :country, :zip, :first_name, :address, :email, :state].each do |key_out|
    all[key_out] = unescape params['x_' + key_out.to_s]
  end
  all
end
cavv_matches?() click to toggle source

Check if cavv_response == ”, ‘2’, ‘8’ one of those [non failing] [blank means no validated, 2 is passed, 8 is passed issuer available]

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 497
def cavv_matches?
  ['','2','8'].include? cavv_response
end
cavv_response() click to toggle source

cavv_response–‘cardholder authentication verification response code’–most likely not use for SIM Blank or not present = CAVV not validated 0 = CAVV not validated because erroneous data was submitted 1 = CAVV failed validation 2 = CAVV passed validation 3 = CAVV validation could not be performed; issuer attempt incomplete 4 = CAVV validation could not be performed; issuer system error 5 = Reserved for future use 6 = Reserved for future use 7 = CAVV attempt – failed validation – issuer available (U.S.-issued card/non-U.S acquirer) 8 = CAVV attempt – passed validation – issuer available (U.S.-issued card/non-U.S. acquirer) 9 = CAVV attempt – failed validation – issuer

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 490
def cavv_response
  params['x_cavv_response']
end
complete?() click to toggle source

Payment is complete – returns true if x_response_code == ‘1’

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 502
def complete?
  params["x_response_code"] == '1'
end
customer_id() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 306
def customer_id
  unescape params['x_cust_id']
end
cvv2_resp_code() click to toggle source

cvv2 response M = Match N = No Match P = Not Processed S = Should have been present U = Issuer unable to process request

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 452
def cvv2_resp_code
  params['x_cvv2_resp_code']
end
cvv2_resp_code_matches?() click to toggle source

check if cvv2_resp_code == ‘m’ for Match. otherwise false

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 457
def cvv2_resp_code_matches?
  return ['M'].include? cvv2_resp_code
end
description() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 375
def description
  unescape params['x_description']
end
duty() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 365
def duty
  unescape params['x_duty']
end
freight() click to toggle source

Shipping we sent them.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 370
def freight
  unescape params['x_freight']
end
Also aliased as: shipping
gross() click to toggle source

The money amount we received in X.2 decimal. Returns a string

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 540
def gross
  unescape params['x_amount']
end
invoice_num() click to toggle source

Invoice num we passed in as invoice_num to them.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 348
def invoice_num
  item_id
end
item_id() click to toggle source

Alias for invoice number–this is the only id they pass back to us that we passed to them, except customer id is also passed back.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 508
def item_id
  unescape params['x_invoice_num']
end
method() click to toggle source

Payment method used–almost always CC (for credit card).

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 338
def method
  unescape params['x_method']
end
method_available() click to toggle source

Ff our payment method is available. Almost always “true”.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 343
def method_available
  params['x_method_available']
end
payer_email() click to toggle source

End-user’s email

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 524
def payer_email
  unescape params['x_email']
end
po_num() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 314
def po_num
 unescape params['x_po_num']
end
received_at() click to toggle source

When was this payment was received by the client. –unimplemented – always returns nil

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 519
def received_at
  nil
end
receiver_email() click to toggle source

They don’t pass merchant email back to us – unimplemented – always returns nil

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 530
def receiver_email
  nil
end
response_code_as_ruby_symbol() click to toggle source

Returns the response code as a symbol. {‘1’ => :approved, ‘2’ => :declined, ‘3’ => :error, ‘4’ => :held_for_review}

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 381
def response_code_as_ruby_symbol
  map = {'1' => :approved, '2' => :declined, '3' => :error, '4' => :held_for_review}
  map[params['x_response_code']]
end
response_reason_code() click to toggle source

The response reason text’s numeric id [equivalent–just a number]

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 391
def response_reason_code
  unescape params['x_response_reason_code']
end
response_reason_text() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 386
def response_reason_text
  unescape params['x_response_reason_text']
end
response_subcode() click to toggle source

‘used internally by their gateway’

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 396
def response_subcode
  params['x_response_subcode']
end
security_key() click to toggle source

md5 hash used internally

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 535
def security_key
  params['x_MD5_Hash']
end
ship_to_address() click to toggle source
# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 318
def ship_to_address
 all = {}
  [:city, :last_name, :first_name, :country, :zip, :address].each do |key_out|
    all[key_out] = unescape params['x_ship_to_' + key_out.to_s]
  end
  all
end
shipping()
Alias for: freight
status() click to toggle source

method_available alias

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 550
def status
  complete?
end
tax() click to toggle source

Tax amount we sent them.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 327
def tax
  unescape params['x_tax']
end
tax_exempt() click to toggle source

They pass back a tax_exempt value.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 401
def tax_exempt
  params['x_tax_exempt']
end
test?() click to toggle source

Was this a test transaction?

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 545
def test?
  params['x_test_request'] == 'true'
end
transaction_id() click to toggle source

They return this number to us [it’s unique to Authorize.net].

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 513
def transaction_id
  params['x_trans_id']
end
transaction_type() click to toggle source

Transaction type (probably going to be auth_capture, since that’s all we set it as).

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 333
def transaction_type
  unescape params['x_type']
end

Private Instance Methods

parse(post) click to toggle source

Take the posted data and move the relevant data into a hash.

# File lib/offsite_payments/integrations/authorize_net_sim.rb, line 570
def parse(post)
  @raw = post
  post.split('&').each do |line|
    key, value = *line.scan( %r{^(\w+)\=(.*)$} ).flatten
    params[key] = value
  end
end