public static CreditCardPaymentResult DoSale(string ccNum, string csc, CreditCardPaymentMethod cc, decimal amount, string description, string comment1, string comment2, string ip, string userAgent)
{
return DoSale(ccNum, csc, cc, amount, description, comment1, comment2, ip, userAgent, null);
}
public static CreditCardPaymentResult DoSaleByReference(CreditCardPaymentMethod cc, decimal amount, string description, string comment1, string comment2, string ip, string userAgent)
{
CreditCardPaymentResult result = new CreditCardPaymentResult();
result.TransactionDate = DateTime.UtcNow;
result.TransactionType = "S";
result.Amount = amount;
result.PayflowRequestID = PayPal.Payments.Common.Utility.PayflowUtility.RequestId;
result.IP = ip;
// Create PayflowConnectionData object
PayPal.Payments.DataObjects.PayflowConnectionData pfCnn = new PayPal.Payments.DataObjects.PayflowConnectionData(_payflowHost, _payflowPort, _payflowTimeout, _proxyHost, _proxyPort, _proxyLogon, _proxyPassword);
// Prepare user credentials
PayPal.Payments.DataObjects.UserInfo user = new PayPal.Payments.DataObjects.UserInfo(_payflowUser, _payflowMerchant, _payflowPartner, _payflowPassword);
// Prepare invoice
PayPal.Payments.DataObjects.Invoice invoice = new PayPal.Payments.DataObjects.Invoice();
invoice.Amt = new PayPal.Payments.DataObjects.Currency((decimal)amount);
invoice.Comment1 = comment1;
invoice.Comment2 = comment2;
invoice.Desc = description;
invoice.CustomerInfo = new PayPal.Payments.DataObjects.CustomerInfo();
invoice.CustomerInfo.CustId = cc.ExternalType + "-" + cc.ExternalID;
invoice.CustomerInfo.CustIP = cc.IP;
invoice.CustomerInfo.CustCode = cc.ExternalType + "-" + cc.ExternalID;
invoice.BrowserInfo = new PayPal.Payments.DataObjects.BrowserInfo();
invoice.BrowserInfo.BrowserUserAgent = userAgent;
invoice.BillTo = new PayPal.Payments.DataObjects.BillTo();
invoice.BillTo.FirstName = cc.FirstName;
invoice.BillTo.LastName = cc.LastName;
invoice.BillTo.Street = cc.Address1;
invoice.BillTo.BillToStreet2 = cc.Address2;
invoice.BillTo.City = cc.City;
invoice.BillTo.State = cc.State;
invoice.BillTo.Zip = cc.Zip;
invoice.BillTo.BillToCountry = cc.CountryID.ToString();
invoice.BillTo.Email = cc.Email;
invoice.BillTo.BillToPhone2 = cc.MobilePhone;
invoice.ShipTo = invoice.BillTo.Copy();
// Prepare credit card information
PayPal.Payments.DataObjects.CreditCard creditCard = new PayPal.Payments.DataObjects.CreditCard("", cc.CcExpDate.ToString("MMyy"));
creditCard.Name = (invoice.BillTo.FirstName + " " + invoice.BillTo.LastName).Trim();
PayPal.Payments.DataObjects.CardTender cardTender = new PayPal.Payments.DataObjects.CardTender(creditCard);
// Prepare reference transaction
PayPal.Payments.Transactions.ReferenceTransaction refTran = new PayPal.Payments.Transactions.ReferenceTransaction("S", cc.LastApprovedTransactionID, user, pfCnn, invoice, cardTender, result.PayflowRequestID);
// Submit the transaction and receive the response from Payflow server
PayPal.Payments.DataObjects.Response response = refTran.SubmitTransaction();
// Assign response values to the result object
if (response != null && response.TransactionResponse != null)
{
result.TransactionID = ReplaceNullWithEmptyString(response.TransactionResponse.Pnref);
result.OriginalTransactionID = ReplaceNullWithEmptyString(response.TransactionResponse.OrigPnref);
result.ResultCode = response.TransactionResponse.Result;
result.ResponseMessage = ReplaceNullWithEmptyString(response.TransactionResponse.RespMsg);
result.AuthorizationCode = ReplaceNullWithEmptyString(response.TransactionResponse.AuthCode);
result.AvsMatch = ReplaceNullWithEmptyString(response.TransactionResponse.AVSAddr) + ReplaceNullWithEmptyString(response.TransactionResponse.AVSZip);
result.CscMatch = ReplaceNullWithEmptyString(response.TransactionResponse.CVV2Match);
result.InternationalAvs = ReplaceNullWithEmptyString(response.TransactionResponse.IAVS);
}
return result;
}
/// <summary>
/// Process AUTHORIZATION or SALE transaction using new credit card number by checking ccNumHash of previous cards used by the same customer.
/// </summary>
/// <returns>PaymentID which can be used to lookup the detailed results in the Payments table. If an error occurred, the returned PaymentID will be 0.</returns>
public int ProcessPaymentUsingActualCcNum(string externalType, int externalID, int subscriptionID, Constants.Enumerators.TransactionType transactionType, Constants.Enumerators.PaymentType paymentType, int ccType, string ccNum, DateTime expDate, string csc,
decimal amount, string description, string firstName, string lastName, string company, string email, string address1, string address2,
string city, string state, string province, string zip, int countryID, string phone, string mobilePhone,
string ip, string userAgent, string surferID, ref CreditCardPaymentResult result)
{
try
{
// Validate input data
if (ccType != 1 && ccType != 2 && ccType != 3)
throw new CreditCardServiceException("Invalid credit card type.");
if (!Regex.IsMatch(ccNum, @"^\d{13,19}$"))
throw new CreditCardServiceException("Invalid credit card number format.");
if (expDate < DateTime.UtcNow)
throw new CreditCardServiceException("Invalid expiration date.");
if (!Regex.IsMatch(csc, @"^\d{3,4}$"))
throw new CreditCardServiceException("Invalid card security code format.");
if (amount < MIN_AMOUNT || amount >= MAX_AMOUNT)
throw new CreditCardServiceException("Invalid deposit amount.");
// Calculate brute-force-resistant ccNumHash using SHA256 with long secret salt
// and large number of iterations
string ccNumHash = GetCreditCardNumberHash(ccNum);
string ccLast4 = ccNum.Substring(ccNum.Length - 4);
string ccFirst6 = ccNum.Substring(0, 6);
// Velocity limit to prevent brute forcing
int velocityLimitCode = GetVelocityLimitCode(externalType, externalID, ccNumHash, ip, userAgent, surferID);
if (velocityLimitCode != 0)
throw new CreditCardServiceException(string.Format("Transaction cannot be processed. Please contact Customer Support and reference code [{0}].", velocityLimitCode));
CreditCardPaymentMethod existingCc = CreditCardService.GetCreditCardByCcNumHash(externalType, externalID, ccNumHash);
// Pass externalType and externalID to Payflow in comment1 field
string comment1 = externalType + "-" + externalID;
string comment2 = subscriptionID.ToString();
CreditCardPaymentMethod updatedCc = new CreditCardPaymentMethod(externalType, externalID, ccType, ccNumHash, ccLast4, expDate,
firstName, lastName, company, email, address1, address2,
city, state, province, zip, countryID, phone, mobilePhone, ip);
updatedCc.PaymentMethodID = existingCc.PaymentMethodID;
// Current ccNum is NOT yet associated with the current externalID
if (existingCc.PaymentMethodID == 0)
{
// Create new credit card record with AuthPending status
// Save credit card information
updatedCc.PaymentMethodID = CreditCardService.AddCreditCard(updatedCc);
if (updatedCc.PaymentMethodID == 0)
throw new CreditCardServiceException("Provided credit card could not be added to your account. Please contact Customer Support.");
}
else
{
// Update credit card payment method information
CreditCardService.UpdateCreditCard(updatedCc);
}
if (transactionType == Constants.Enumerators.TransactionType.Sale)
{
// Perform sale transaction using the actual ccNum
result = StripePaymentHelper.DoSale(ccNum, csc, updatedCc, amount, description, comment1, comment2, ip, userAgent);
}
else
{
// Perform authorization transaction using the actual ccNum
result = StripePaymentHelper.DoAuthorization(ccNum, csc, updatedCc, amount, description, comment1, comment2, ip, userAgent);
}
result.PaymentType = (int)paymentType;
// Add credit card payment
// This call will save the payment result and insert register record, etc.
result.SubscriptionID = subscriptionID;
result.Description = description;
result.PaymentID = CreditCardService.AddCreditCardPayment(updatedCc, result);
// Check the ResultFinal and void the transaction (both Sale and Auth) if it was AVSFailed or CSCFailed
VoidInvalidApprovedPayment(result, externalType, externalID, ip, userAgent);
// Return paymentID
return result.PaymentID;
}
catch (CreditCardServiceException e)
{
throw (Exception)e;
}
catch (Exception e)
{
LogError("ProcessPaymentUsingActualCcNum", e);
throw new Exception("Error processing transaction.");
}
}
public static CreditCardPaymentMethod ConvertToCreditCard(DataRow dr)
{
CreditCardPaymentMethod cc = new CreditCardPaymentMethod();
cc.PaymentMethodID = Convert.ToInt32(dr["PaymentMethodID"]);
cc.ExternalType = Convert.ToString(dr["ExternalType"]);
cc.ExternalID = Convert.ToInt32(dr["ExternalID"]);
cc.PaymentMethodType = (Constants.Enumerators.PaymentMethodType)Convert.ToInt32(dr["Type"]);
cc.Status = (Constants.Enumerators.PaymentMethodStatus)Convert.ToInt32(dr["Status"]);
cc.IsPrimary = Convert.ToBoolean(dr["IsPrimary"]);
cc.IsBackup = Convert.ToBoolean(dr["IsBackup"]);
cc.CcType = (Constants.Enumerators.CreditCardType)Convert.ToInt32(dr["CcType"]);
cc.CcNumHash = dr["CcNumHash"].ToString();
cc.CcLast4 = dr["CcLast4"].ToString();
cc.CcExpDate = Convert.ToDateTime(dr["CcExpDate"]);
cc.FirstName = dr["FirstName"].ToString();
cc.LastName = dr["LastName"].ToString();
cc.Company = dr["Company"].ToString();
cc.Email = dr["Email"].ToString();
cc.Address1 = dr["Address1"].ToString();
cc.Address2 = dr["Address2"].ToString();
cc.City = dr["City"].ToString();
cc.State = dr["State"].ToString();
cc.Province = dr["Province"].ToString();
cc.Zip = dr["Zip"].ToString();
cc.CountryID = Convert.ToInt32(dr["CountryID"]);
cc.Country = dr["Country"].ToString();
cc.Phone = dr["Phone"].ToString();
cc.MobilePhone = dr["MobilePhone"].ToString();
cc.CscMatch = dr["CscMatch"].ToString();
cc.AvsMatch = dr["AvsMatch"].ToString();
cc.InternationalAvs = dr["InternationalAvs"].ToString();
cc.DateValidated = Convert.ToDateTime(dr["DateValidated"]);
cc.DateSignatureReceived = Convert.ToDateTime(dr["DateSignatureReceived"]);
cc.DateAdded = Convert.ToDateTime(dr["DateAdded"]);
cc.DateModified = Convert.ToDateTime(dr["DateModified"]);
cc.LastApprovedTransactionID = dr["LastApprovedTransactionID"].ToString();
cc.LastApprovedTransactionDate = Convert.ToDateTime(dr["LastApprovedTransactionDate"]);
cc.IssuingBankInfo = dr["IssuingBankInfo"].ToString();
cc.IP = dr["IP"].ToString();
cc.IPCountry = dr["IPCountry"].ToString();
return cc;
}
public static int AddCreditCardPayment(CreditCardPaymentMethod cc, CreditCardPaymentResult result)
{
return CreditCardData.AddCreditCardPayment(cc, result);
}
public static int AddCreditCard(CreditCardPaymentMethod cc)
{
return CreditCardData.AddCreditCard(cc);
}
public static bool UpdateCreditCardIssuingBankInfo(CreditCardPaymentMethod cc, string issuingBankInfo)
{
return CreditCardData.UpdateCreditCardIssuingBankInfo(cc, issuingBankInfo);
}
public static bool UpdateCreditCard(CreditCardPaymentMethod cc)
{
return CreditCardData.UpdateCreditCard(cc);
}
public static CreditCardPayment ConvertToCreditCardPayment(DataRow dr)
{
CreditCardPayment payment = new CreditCardPayment();
payment.PaymentID = Convert.ToInt32(dr["PaymentID"]);
payment.ExternalType = Convert.ToString(dr["ExternalType"]);
payment.ExternalID = Convert.ToInt32(dr["ExternalID"]);
CreditCardPaymentMethod cc = new CreditCardPaymentMethod();
cc.ExternalType = payment.ExternalType;
cc.ExternalID = payment.ExternalID;
cc.PaymentMethodID = Convert.ToInt32(dr["PaymentMethodID"]);
try { cc.FirstName = dr["FirstName"].ToString(); }
catch { }
try { cc.LastName = dr["LastName"].ToString(); }
catch { }
try { cc.Company = dr["Company"].ToString(); }
catch { }
try { cc.Email = dr["Email"].ToString(); }
catch { }
try { cc.Address1 = dr["Address1"].ToString(); }
catch { }
try { cc.Address2 = dr["Address2"].ToString(); }
catch { }
try { cc.City = dr["City"].ToString(); }
catch { }
try { cc.State = dr["State"].ToString(); }
catch { }
try { cc.Province = dr["Province"].ToString(); }
catch { }
try { cc.Zip = dr["Zip"].ToString(); }
catch { }
try { cc.CountryID = Convert.ToInt32(dr["CountryID"]); }
catch { }
try { cc.Country = dr["Country"].ToString(); }
catch { }
try { cc.Phone = dr["Phone"].ToString(); }
catch { }
try { cc.MobilePhone = dr["MobilePhone"].ToString(); }
catch { }
payment.PaymentMethodUsed = cc;
CreditCardPaymentResult ctr = new CreditCardPaymentResult();
try { ctr.TransactionDate = Convert.ToDateTime(dr["TransactionDate"]); }
catch { }
try { ctr.PaymentType = Convert.ToInt32(dr["PaymentType"]); }
catch { }
try { ctr.TransactionType = dr["TransactionType"].ToString(); }
catch { }
try { ctr.Amount = Convert.ToDecimal(dr["Amount"]); }
catch { }
try { ctr.TransactionID = dr["TransactionID"].ToString(); }
catch { }
try { ctr.ResultFinal = (Constants.Enumerators.PaymentResultFinal)Enum.Parse(typeof(Constants.Enumerators.PaymentResultFinal), dr["ResultFinal"].ToString(), true); }
catch { }
try { ctr.SubscriptionID = Convert.ToInt32(dr["SubscriptionID"]); }
catch { }
try { ctr.Description = dr["Description"].ToString(); }
catch { }
try { ctr.CscMatch = dr["CscMatch"].ToString(); }
catch { }
try { ctr.AvsMatch = dr["AvsMatch"].ToString(); }
catch { }
try { ctr.InternationalAvs = dr["InternationalAvs"].ToString(); }
catch { }
try { ctr.IP = dr["IP"].ToString(); }
catch { }
try { ctr.IPCountry = dr["IPCountry"].ToString(); }
catch { }
try { payment.TransactionResult = ctr; }
catch { }
try { payment.CaptureTransactionID = dr["CaptureTransactionID"].ToString(); }
catch { }
try { payment.CaptureTransactionDate = Convert.ToDateTime(dr["CaptureTransactionDate"]); }
catch { }
return payment;
}
