Revision history for Perl extension Business::OnlinePayment::PayflowPro.
+0.07
+ [0.07_03 Tue Mar 13 18:26:12 EDT 2007]
+ - add "shortcut" param 'client_certification_id' (can be
+ passed as an argument for B::OP->new() which will set the
+ X-VPS-VIT-CLIENT-CERTIFICATION-ID header
+ [0.07_02 Tue Mar 13 12:32:57 EDT 2007]
+ - made generic method for deprecating cert_path, etc.
+ - doc'd vendor() and partner() as deprecated but will not put
+ out warnings on those (B::OP new() behavior would make this annoying)
+ - shortened code for the custom methods (we are not using build_subs())
+ - use path() again as "/commit" is not needed/used by PayflowPro HTTPS
+ - removed code in submit() related to "/commit"
+ - set param("test_server") so the test server name can be changed
+ [0.07_01 Mon Mar 12 01:56:58 EDT 2007]
+ - rewrite/updates for new B::OP::PayflowPro using HTTP protocol
+ - no longer using PFProAPI.pm (from Verisign/PayPal)
+ - cert_path() is now deprecated
+ - rewrite/updates for new B::OP::PayflowPro using HTTP protocol
+ - no longer use PFProAPI.pm from Verisign/PayPal
+ - now using name-value pair transactions
+ - require: CGI to parse name-value pair responses from server
+ - require: Digest::MD5 to generate (hopefully) unique
+ request_id which is required by PayflowPro HTTP protocol
+ - new methods: request_id(), param(), debug(), expdate_mmyy()
+ - renamed internal methods to start with an underscore
+ - removed unused remap_fields() method
+ - if unable to parse expiration given in %content no longer croak,
+ but let PayflowPro servers attempt to deal with the value as-is
+ - submit() now two phased per PFP HTTP protocol
+ - X-VPS-VIT-CLIENT-CERTIFICATION-ID is required (supposedly
+ this is a temporary requirement from PayPal)
+ - request_id() method will generate a hopefully unique id using
+ Digest::MD5 for use in the X-VPS-REQUEST-ID HTTP header. A
+ 'request_id' key may be passed in %content to specify an ID
+ - path() is not used as the PFP HTTP protocol uses two
+ different URLs (step 1) /transaction, (step 2) /commit
+ - patches to B::OP::HTTPS were required to support needed
+ functionality
+ - debug() sets $Business::OnlinePayment::HTTPS::DEBUG for debugging
+
+0.06 Thu Mar 1 10:01:33 EST 2007
+ - zip now allows alphanumerics for non-US zips
+
0.05 Mon Jan 22 00:58:04 EST 2007
[Jan 22 2007 by Phil Lobbes <phil at perkpartners.com>]
- Test cases: new tests and cleanup of existing tests
package Business::OnlinePayment::PayflowPro;
use strict;
-use vars qw($VERSION);
-use Carp qw(croak);
-use base qw(Business::OnlinePayment);
+use vars qw($VERSION $DEBUG);
+use Carp qw(carp croak);
+use CGI;
+use Digest::MD5;
-# Payflow Pro SDK
-use PFProAPI qw( pfpro );
+use base qw(Business::OnlinePayment::HTTPS);
-$VERSION = '0.05';
+$VERSION = '0.07_03';
$VERSION = eval $VERSION;
+$DEBUG = 0;
+
+sub request_id {
+ my $self = shift;
+ my $md5 = Digest::MD5->new();
+ $md5->add( $$, time(), rand(time) );
+ return $md5->hexdigest();
+}
+
+sub param {
+ my $self = shift;
+ my @args = @_;
+
+ $self->{__PARAM} ||= {};
+ my $param = $self->{__PARAM};
+
+ if (@args) {
+ if ( @args % 2 == 0 ) {
+ %$param = ( %$param, @args );
+ }
+ elsif ( @args == 1 ) {
+ my $arg = shift;
+ if ( ref($arg) eq "HASH" ) {
+ %$param = ( %$param, %$arg );
+ return keys %$arg;
+ }
+ else {
+ return $param->{$arg};
+ }
+ }
+ else {
+ croak("param: invalid arguments: @_\n");
+ }
+ }
+ else {
+ return ( keys %$param );
+ }
+}
+
+sub debug {
+ my $self = shift;
+
+ if (@_) {
+ my $level = shift || 0;
+ if ( ref($self) ) {
+ $self->{"__DEBUG"} = $level;
+ }
+ else {
+ $DEBUG = $level;
+ }
+ $Business::OnlinePayment::HTTPS::DEBUG = $level;
+ }
+ return ref($self) ? ( $self->{"__DEBUG"} || $DEBUG ) : $DEBUG;
+}
+
+sub _deprecate {
+ my $self = shift;
+ carp( "method '", __PACKAGE__, "::$_[0]' is deprecated" );
+ return $self->param(@_);
+}
+
+# NOTE: for bigger picture perhaps we get rid of build_subs() some day
+# and instead use something like param() as a standard method?
+
+# deprecated methods:
+sub cert_path { return shift->_deprecate( "cert_path", @_ ); }
+
+# custom methods:
+sub avs_code { return shift->param( "avs_code", @_ ); }
+sub cvv2_code { return shift->param( "cvv2_code", @_ ); }
+sub order_number { return shift->param( "order_number", @_ ); }
+sub partner { return shift->param( "partner", @_ ); }
+sub vendor { return shift->param( "vendor", @_ ); }
sub set_defaults {
my $self = shift;
+ my %opts = @_;
- $self->server('payflow.verisign.com');
- $self->port('443');
+ # standard B::OP methods/data
+ $self->server("payflow.verisign.com");
+ $self->port("443");
+ $self->path("/transaction");
- $self->build_subs(
- qw(
- vendor partner cert_path order_number avs_code cvv2_code
- )
+ # module specific data
+ if ( $opts{debug} ) {
+ $self->debug( $opts{debug} );
+ delete $opts{debug};
+ }
+
+ $self->param(
+ "test_server" => "pilot-payflowpro.verisign.com",
+ %opts,
);
}
-sub map_fields {
+sub _map_fields {
my ($self) = @_;
my %content = $self->content();
'american express' => 'C',
'discover' => 'C',
'cc' => 'C',
+
#'check' => 'ECHECK',
);
$self->content(%content);
}
-sub remap_fields {
- my ( $self, %map ) = @_;
-
- my %content = $self->content();
- foreach ( keys %map ) {
- $content{ $map{$_} } = $content{$_};
- }
- $self->content(%content);
-}
-
-sub revmap_fields {
+sub _revmap_fields {
my ( $self, %map ) = @_;
my %content = $self->content();
foreach ( keys %map ) {
$self->content(%content);
}
+sub expdate_mmyy {
+ my $self = shift;
+ my $expiration = shift;
+ my $expdate_mmyy;
+ if ( defined($expiration) and $expiration =~ /^(\d+)\D+\d*(\d{2})$/ ) {
+ my ( $month, $year ) = ( $1, $2 );
+ $expdate_mmyy = sprintf( "%02d", $month ) . $year;
+ }
+ return defined($expdate_mmyy) ? $expdate_mmyy : $expiration;
+}
+
sub submit {
my ($self) = @_;
- $self->map_fields();
+ $self->_map_fields();
my %content = $self->content;
- my ( $month, $year, $zip );
-
if ( $self->transaction_type() ne 'C' ) {
croak( "PayflowPro can't (yet?) handle transaction type: "
. $self->transaction_type() );
}
- if ( defined( $content{'expiration'} ) && length( $content{'expiration'} ) )
- {
- $content{'expiration'} =~ /^(\d+)\D+\d*(\d{2})$/
- or croak "unparsable expiration $content{expiration}";
+ my $expdate_mmyy = $self->expdate_mmyy( $content{"expiration"} );
+ my $zip = $content{'zip'};
+ $zip =~ s/[^[:alnum:]]//g;
- ( $month, $year ) = ( $1, $2 );
- $month = '0' . $month if $month =~ /^\d$/;
- }
+ $self->server( $self->param("test_server") ) if $self->test_transaction;
- ( $zip = $content{'zip'} ) =~ s/\D//g;
+ my $vendor = $self->param("vendor");
+ my $partner = $self->param("partner");
- $self->server('test-payflow.verisign.com') if $self->test_transaction;
+ $self->_revmap_fields(
- $self->revmap_fields(
+ # BUG?: VENDOR B::OP:PayflowPro < 0.05 backward compatibility. If
+ # vendor not set use login although test indicate undef vendor is ok
+ VENDOR => $vendor ? \$vendor : 'login',
+ PARTNER => \$partner,
+ USER => 'login',
+ PWD => 'password',
+ TRXTYPE => 'action',
+ TENDER => 'type',
+ ORIGID => 'order_number',
+ COMMENT1 => 'description',
+ COMMENT2 => 'invoice_number',
- # (BUG?) VENDOR B::OP:PayflowPro < 0.05 backward compatibility. If
- # vendor not set use login (although test indicate undef vendor is ok)
- VENDOR => $self->vendor ? \( $self->vendor ) : 'login',
- PARTNER => \( $self->partner ),
- USER => 'login',
- PWD => 'password',
- TRXTYPE => 'action',
- TENDER => 'type',
- ORIGID => 'order_number',
- COMMENT1 => 'description',
- COMMENT2 => 'invoice_number',
-
- ACCT => 'card_number',
- CVV2 => 'cvv2',
- EXPDATE => \( $month . $year ), # MM/YY from 'expiration'
- AMT => 'amount',
+ ACCT => 'card_number',
+ CVV2 => 'cvv2',
+ EXPDATE => \$expdate_mmyy, # MM/YY from 'expiration'
+ AMT => 'amount',
FIRSTNAME => 'first_name',
LASTNAME => 'last_name',
STREET => 'address',
CITY => 'city',
STATE => 'state',
- ZIP => \$zip, # 'zip' with non-numbers removed
+ ZIP => \$zip, # 'zip' with non-alnums removed
COUNTRY => 'country',
);
push @required, qw(ORIGID);
}
else {
+
# never get here, we croak above if transaction_type ne 'C'
push @required, qw(AMT ACCT EXPDATE);
}
)
);
- $ENV{'PFPRO_CERT_PATH'} = $self->cert_path;
- my ( $response, $resultstr ) =
- pfpro( \%params, $self->server, $self->port );
+ # get header data, get request_id from %content if defined for ease of use
+ my %req_headers = %{ $self->param("headers") || {} };
+ if ( defined $content{"request_id"} ) {
+ $req_headers{"X-VPS-REQUEST-ID"} = $content{"request_id"};
+ }
+ unless ( defined( $req_headers{"X-VPS-REQUEST-ID"} ) ) {
+ $req_headers{"X-VPS-REQUEST-ID"} = $self->request_id();
+ }
+ unless ( defined( $req_headers{"X-VPS-VIT-CLIENT-CERTIFICATION-ID"} ) ) {
+ $req_headers{"X-VPS-VIT-CLIENT-CERTIFICATION-ID"} =
+ $self->param("client_certification_id");
+ }
+
+ my %options = (
+ "Content-Type" => "text/namevalue",
+ "headers" => \%req_headers,
+ );
+
+ my ( $page, $resp, %resp_headers ) =
+ $self->https_post( \%options, \%params );
+
+ $self->param(
+ "transaction_response" => {
+ page => $page,
+ response => $resp,
+ headers => \%resp_headers,
+ },
+ );
+
+ # $page should contain name=value[[&name=value]...] pairs
+ my $cgi = CGI->new("$page");
# AVS and CVS values may be set on success or failure
my $avs_code;
- if ( exists $response->{AVSADDR} || exists $response->{AVSZIP} ) {
- if ( $response->{AVSADDR} eq 'Y' && $response->{AVSZIP} eq 'Y' ) {
- $avs_code = 'Y';
+ if ( defined $cgi->param("AVSADDR") or defined $cgi->param("AVSZIP") ) {
+ if ( $cgi->param("AVSADDR") eq "Y" && $cgi->param("AVSZIP") eq "Y" ) {
+ $avs_code = "Y";
}
- elsif ( $response->{AVSADDR} eq 'Y' ) {
- $avs_code = 'A';
+ elsif ( $cgi->param("AVSADDR") eq "Y" ) {
+ $avs_code = "A";
}
- elsif ( $response->{AVSZIP} eq 'Y' ) {
- $avs_code = 'Z';
+ elsif ( $cgi->param("AVSZIP") eq "Y" ) {
+ $avs_code = "Z";
}
- elsif ( $response->{AVSADDR} eq 'N' || $response->{AVSZIP} eq 'N' ) {
- $avs_code = 'N';
+ elsif ( $cgi->param("AVSADDR") eq "N" or $cgi->param("AVSZIP") eq "N" )
+ {
+ $avs_code = "N";
}
else {
- $avs_code = '';
+ $avs_code = "";
}
}
$self->avs_code($avs_code);
- $self->cvv2_code( $response->{'CVV2MATCH'} );
- $self->result_code( $response->{'RESULT'} );
- $self->order_number( $response->{'PNREF'} );
- $self->error_message( $response->{'RESPMSG'} );
- $self->authorization( $response->{'AUTHCODE'} );
+ $self->cvv2_code( $cgi->param("CVV2MATCH") );
+ $self->result_code( $cgi->param("RESULT") );
+ $self->order_number( $cgi->param("PNREF") );
+ $self->error_message( $cgi->param("RESPMSG") );
+ $self->authorization( $cgi->param("AUTHCODE") );
# RESULT must be an explicit zero, not just numerically equal
- if ( $response->{'RESULT'} eq '0' ) {
+ if ( $cgi->param("RESULT") eq "0" ) {
$self->is_success(1);
}
else {
'PayflowPro',
'vendor' => 'your_vendor',
'partner' => 'your_partner',
- 'cert_path' => '/path/to/your/certificate/file/', # just the dir
+ 'client_certification_id' => 'assigned_certification_id',
);
# See the module documentation for details of content()
expiration => '12/09',
cvv2 => '123',
order_number => 'string',
+ request_id => 'unique_identifier_for_transaction',
);
$tx->submit();
See L<Business::OnlinePayment> for details on the interface this
modules supports.
+=head1 Standard methods
+
+=over 4
+
+=item set_defaults()
+
+This method sets the 'server' attribute to 'payflow.verisign.com' and
+the port attribute to '443'. This method also sets up the
+L</Module specific methods> described below.
+
+=item submit()
+
+=back
+
=head1 Module specific methods
This module provides the following methods which are not currently
=over 4
-=item vendor()
-
-=item partner()
-
-=item cert_path()
-
=item L<order_number()|/order_number()>
=item L<avs_code()|/avs_code()>
=item L<cvv2_code()|/cvv2_code()>
+=item L<expdate_mmyy()|/expdate_mmyy()>
+
+=item L<requeset_id()/request_id()>
+
+=item L<param()|/param()>
+
+=item L<debug()|/debug()>
+
+=back
+
+=head2 Deprecated methods
+
+The following methods are deprecated and may be removed in the next
+release. Values for vendor and partner should now be set using the
+param() method or as arguments to Business::OnlinePayment->new(). The
+value for cert_path was used to support passing a path to PFProAPI.pm
+(a Perl module/SDK from Verisign/Paypal) which is no longer used.
+
+=over 4
+
+=item vendor()
+
+=item partner()
+
+=item cert_path()
+
=back
=head1 Settings
STREET => 'address',
CITY => 'city',
STATE => 'state',
- ZIP => \$zip, # 'zip' with non-numbers removed
+ ZIP => \$zip, # 'zip' with non-alphanumerics removed
COUNTRY => 'country',
The required Payflow Pro parameters for credit card transactions are:
The cvv2_code() method returns the CVV2MATCH field, which is a
response message returned with the transaction result.
+=head2 expdate_mmyy()
+
+The expdate_mmyy() method takes a single scalar argument (typically
+the value in $content{expiration}) and attempts to parse and format
+and put the date in MMYY format as required by PayflowPro
+specification. If unable to parse the expiration date simply leave it
+as is and let the PayflowPro system attempt to handle it as-is.
+
+=head2 request_id()
+
+The request_id() method uses Digest::MD5 to attempt to generate a
+request_id for a transaction. It is recommended that you specify your
+own unique request_id for each transaction in %content. A request_id
+is REQUIRED by the PayflowPro processor.
+
+=head2 param()
+
+The param() method is used to get/set object parameters. The param()
+method may be called in several different ways:
+
+Get the value of 'myparam':
+
+ my $value_or_reference = $self->param('myparam');
+
+Get a list of all parameters that exist:
+
+ my @params = $self->param();
+
+Set multiple parameters at the same time:
+
+ $self->param(
+ 'key1' => 'val1',
+ 'key2' => 'val2',
+ );
+
+=head2 debug()
+
+Enable or disble debugging. The value specified here will also set
+$Business::OnlinePayment::HTTPS::DEBUG in submit() to aid in
+troubleshooting problems.
+
=head1 COMPATIBILITY
This module implements an interface to the Payflow Pro Perl API, which
can be downloaded at https://manager.paypal.com/ with a valid login.
-=head1 AUTHOR
+=head1 AUTHORS
Ivan Kohler <ivan-payflowpro@420.am>
+Phil Lobbes E<lt>phil at perkpartners.comE<gt>
+
Based on Business::OnlinePayment::AuthorizeNet written by Jason Kohles.
=head1 SEE ALSO
my $runinfo =
"to test set environment variables:"
- . " (required) PFPRO_VENDOR PFPRO_USER PFPRO_PWD;"
+ . " (required) PFPRO_VENDOR PFPRO_USER PFPRO_PWD and CLIENTCERTID (for X-VPS-VIT-CLIENT-CERTIFICATION-ID); "
. " (optional) PFPRO_PARTNER PFPRO_CERT_PATH";
plan(
);
my %opts = (
- "vendor" => $ENV{PFPRO_VENDOR},
- "partner" => $ENV{PFPRO_PARTNER} || "verisign",
- "cert_path" => $ENV{PFPRO_CERT_PATH} || ".",
+ "debug" => 0,
+ "vendor" => $ENV{PFPRO_VENDOR},
+ "partner" => $ENV{PFPRO_PARTNER} || "verisign",
+ ( $ENV{PFPRO_CERT_PATH} ? ( "cert_path" => $ENV{PFPRO_CERT_PATH} ) : () ),
+ (
+ $ENV{CLIENTCERTID} ? (
+ headers => {
+ "X-VPS-VIT-CLIENT-CERTIFICATION-ID" => $ENV{CLIENTCERTID},
+
+ # "X-VPS-REQUEST-ID" => $self->request_id(),
+ # "X-VPS-CLIENT-TIMEOUT" => , # default 45 seconds
+ # "X-VPS-VIT-CLIENT-DURATION" => , # commit request
+ }
+ )
+ : ()
+ ),
);
my %content = (
);
# IF first 3 chars of STREET >= 667 THEN AVSADDR == "X" (and AVSZIP="X")
+ $tx = new Business::OnlinePayment( "PayflowPro", %opts );
$tx->content( %content, "address" => "700 Any street" );
tx_check(
$tx,
);
# IF ZIP <= 50001 and >= 99999 THEN AVSZIP == "N"
+ $tx = new Business::OnlinePayment( "PayflowPro", %opts );
$tx->content( %content, "zip" => "99999" );
tx_check(
$tx,
);
# Both AVSADDR and AVSZIP == "N"
+ $tx = new Business::OnlinePayment( "PayflowPro", %opts );
$tx->content( %content, "address" => "500 Any street", "zip" => "99999" );
tx_check(
$tx,
);
# IF CVV2 >= 601 THEN CVV2MATCH == "X"
+ $tx = new Business::OnlinePayment( "PayflowPro", %opts );
$tx->content( %content, "cvv2" => "601" );
tx_check(
$tx,
$tx->test_transaction(1);
$tx->submit;
- is( $tx->is_success, $o{is_success}, $o{desc} . ": " . tx_info($tx) );
- is( $tx->result_code, $o{result_code}, "result_code(): RESULT" );
- like( $tx->order_number, qr/^\w{12}/, "order_number() / PNREF" );
+ is( $tx->is_success, $o{is_success}, "$o{desc}: " . tx_info($tx) );
+ is( $tx->result_code, $o{result_code}, "result_code(): RESULT" );
is( $tx->error_message, $o{error_message}, "error_message() / RESPMSG" );
is( $tx->authorization, $o{authorization}, "authorization() / AUTHCODE" );
is( $tx->avs_code, $o{avs_code}, "avs_code() / AVSADDR and AVSZIP" );
is( $tx->cvv2_code, $o{cvv2_code}, "cvv2_code() / CVV2MATCH" );
+ like( $tx->order_number, qr/^\w{12}/, "order_number() / PNREF" );
}
sub tx_info {