public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse) { String result = "Error"; AuthorizationCode = String.Empty; AuthorizationResult = String.Empty; AuthorizationTransID = String.Empty; AVSResult = String.Empty; TransactionCommandOut = String.Empty; TransactionResponse = String.Empty; String sOrderNumber = OrderNumber.ToString(); if (AppLogic.AppConfigBool("eSelectPlus.randomizeOrderNumberForTesting") && !useLiveTransactions) { Random r = new Random(); sOrderNumber = "r" + r.Next(0, 9999999); } String crypt = AppLogic.AppConfig("eSelectPlus.crypt"); String sAmount = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal); if (sAmount.StartsWith(".")) { sAmount = "0" + sAmount; } String signedPARes = String.Empty; CustomerSession cSession = new CustomerSession(CustomerID); if (cSession["3Dsecure.PaRes"].Length != 0) { signedPARes = cSession["3Dsecure.PaRes"]; // After grabbing it, clear out the session PaRes so it won't be re-used ever again. cSession["3Dsecure.PaRes"] = String.Empty; } String CardNumber = UseBillingAddress.CardNumber.Trim(); String expire_date = CommonLogic.IIF(UseBillingAddress.CardExpirationYear.PadLeft(2, '0').Length > 2, UseBillingAddress.CardExpirationYear.PadLeft(2, '0').Substring(2, 2), UseBillingAddress.CardExpirationYear.PadLeft(2, '0')) + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0'); int CardTypeID = DB.GetSqlN("select CardTypeID N from CreditCardType where CardType = " + DB.SQuote(UseBillingAddress.CardType)); bool Try3DSecure = CommonLogic.IntegerIsInIntegerList(CardTypeID, AppLogic.AppConfig("3DSECURE.CreditCardTypeIDs")); if (Try3DSecure) { if (signedPARes == String.Empty) { // check for enrollment string reqXID = sOrderNumber.PadLeft(20, '0'); // must be 20 chars esp.txn reqTxn = new esp.txn(); reqTxn.xid = reqXID; reqTxn.amount = sAmount; reqTxn.pan = CardNumber; reqTxn.expdate = expire_date; reqTxn.MD = sOrderNumber; reqTxn.merchantUrl = string.Format("{0}{1}", AppLogic.GetStoreHTTPLocation(useSsl: true, includeScriptLocation: true, noVirtualNoSlash: true), DependencyResolver.Current.GetService <UrlHelper>().Action( actionName: ActionNames.ThreeDSecureReturn, controllerName: ControllerNames.ThreeDSecure)); reqTxn.accept = CommonLogic.ServerVariables("HTTP_ACCEPT"); reqTxn.userAgent = CommonLogic.ServerVariables("HTTP_USER_AGENT"); string resultMPI = sendRequestMPI(useLiveTransactions, reqTxn); esp.MpiResponse respMPI = null; if (resultMPI != null) { respMPI = DeserializeResponseMPI(resultMPI); } if (respMPI != null) { TransactionResponse = XmlCommon.PrettyPrintXml(resultMPI); if (respMPI.message == "Y") { // enrolled, must authenticate cSession["3DSecure.CustomerID"] = CustomerID.ToString(); cSession["3DSecure.OrderNumber"] = sOrderNumber; cSession["3DSecure.MD"] = sOrderNumber; cSession["3DSecure.ACSUrl"] = respMPI.ACSUrl; cSession["3DSecure.paReq"] = respMPI.PaReq; cSession["3DSecure.XID"] = reqXID; cSession.UpdateCustomerSession(null, null); result = AppLogic.ro_3DSecure; // This is what triggers the 3D Secure IFRAME to be used. return(result); } else if (respMPI.message == "N") { // not enrolled crypt = "6"; } else if (respMPI.message == "U") { // non-participating card type crypt = "7"; } } } else { // this is round two for authenticated buyers esp.acs reqACS = new esp.acs(); reqACS.MD = sOrderNumber; reqACS.PaRes = signedPARes; string resultMPI = sendRequestMPI(useLiveTransactions, reqACS); esp.MpiResponse respMPI = null; if (resultMPI != null) { respMPI = DeserializeResponseMPI(resultMPI); } if (respMPI != null) { TransactionResponse = XmlCommon.PrettyPrintXml(resultMPI); if (respMPI.message == "Y") { // fully authenticated CAVV = respMPI.cavv; crypt = "5"; } else if (respMPI.message == "A") { // attempted to verify CAVV = respMPI.cavv; crypt = "6"; } else if (respMPI.message == "N") { // failed to verify return("Authentication failed. Please try again or choose a different payment method."); } if (CAVV.Length != 0) { // encode it to store in the session, it will be decoded before being saved to the database byte[] str = Encoding.UTF8.GetBytes("MPI=" + respMPI.message + ", CAVV=" + CAVV); cSession["3DSecure.LookupResult"] = Convert.ToBase64String(str); } } } } esp.billing bill = new AspDotNetStorefrontGateways.Processors.esp.billing(); bill.first_name = UseBillingAddress.FirstName; bill.last_name = UseBillingAddress.LastName; bill.company_name = UseBillingAddress.Company; bill.address = UseBillingAddress.Address1; bill.city = UseBillingAddress.City; bill.province = UseBillingAddress.State; bill.postal_code = UseBillingAddress.Zip; bill.country = UseBillingAddress.Country; bill.phone_number = UseBillingAddress.Phone; esp.shipping ship = null; if (UseShippingAddress != null) { ship = new esp.shipping(); ship.first_name = UseShippingAddress.FirstName; ship.last_name = UseShippingAddress.LastName; ship.company_name = UseShippingAddress.Company; ship.address = UseShippingAddress.Address1; ship.city = UseShippingAddress.City; ship.province = UseShippingAddress.State; ship.postal_code = UseShippingAddress.Zip; ship.country = UseShippingAddress.Country; ship.phone_number = UseShippingAddress.Phone; } esp.cust_info cst = new esp.cust_info(); cst.billing = bill; cst.shipping = ship; cst.email = UseBillingAddress.EMail; esp.avs_info avs = null; if (AppLogic.AppConfigBool("eSelectPlus.includeAVS")) { avs = new esp.avs_info(); int iSpace = UseBillingAddress.Address1.IndexOf(" "); if (iSpace > 0) { avs.avs_street_number = UseBillingAddress.Address1.Substring(0, iSpace); avs.avs_street_name = UseBillingAddress.Address1.Substring(iSpace + 1); } else { avs.avs_street_name = UseBillingAddress.Address1; } avs.avs_zipcode = UseBillingAddress.Zip; } esp.cvd_info cvd = null; if (CardExtraCode.Trim().Length != 0) { cvd = new esp.cvd_info(); cvd.cvd_indicator = "1"; cvd.cvd_value = CardExtraCode.Trim(); } object oReqItem = null; if (TransactionMode == TransactionModeEnum.auth) { if (CAVV.Length != 0) { esp.cavv_preauth cavvPreAuth = new esp.cavv_preauth(); cavvPreAuth.order_id = sOrderNumber; cavvPreAuth.cust_id = CustomerID.ToString(); cavvPreAuth.amount = sAmount; cavvPreAuth.pan = CardNumber; cavvPreAuth.expdate = expire_date; cavvPreAuth.cavv = CAVV; cavvPreAuth.avs_info = avs; cavvPreAuth.cvd_info = cvd; cavvPreAuth.cust_info = cst; oReqItem = cavvPreAuth; } else { esp.preauth preAuthTxn = new esp.preauth(); preAuthTxn.order_id = sOrderNumber; preAuthTxn.cust_id = CustomerID.ToString(); preAuthTxn.amount = sAmount; preAuthTxn.pan = CardNumber; preAuthTxn.expdate = expire_date; preAuthTxn.avs_info = avs; preAuthTxn.cvd_info = cvd; preAuthTxn.cust_info = cst; preAuthTxn.crypt_type = crypt; oReqItem = preAuthTxn; } } else { if (CAVV.Length != 0) { esp.cavv_purchase cavvPurchase = new esp.cavv_purchase(); cavvPurchase.order_id = sOrderNumber; cavvPurchase.cust_id = CustomerID.ToString(); cavvPurchase.amount = sAmount; cavvPurchase.pan = CardNumber; cavvPurchase.expdate = expire_date; cavvPurchase.cavv = CAVV; cavvPurchase.avs_info = avs; cavvPurchase.cvd_info = cvd; cavvPurchase.cust_info = cst; oReqItem = cavvPurchase; } else { esp.purchaseTxn purchaseTxn = new esp.purchaseTxn(); purchaseTxn.order_id = sOrderNumber; purchaseTxn.cust_id = CustomerID.ToString(); purchaseTxn.amount = sAmount; purchaseTxn.pan = CardNumber; purchaseTxn.expdate = expire_date; purchaseTxn.crypt_type = crypt; purchaseTxn.avs_info = avs; purchaseTxn.cvd_info = cvd; purchaseTxn.cust_info = cst; oReqItem = purchaseTxn; } } try { string sResponse = sendRequest(useLiveTransactions, oReqItem); esp.response resp = null; if (sResponse != null) { resp = DeserializeResponse(sResponse); if (resp != null) { TransactionResponse = XmlCommon.PrettyPrintXml(sResponse); esp.receipt respReceipt = (esp.receipt)resp.receipt[0]; result = respReceipt.Message; AuthorizationCode = respReceipt.AuthCode; if (AuthorizationCode == null) { AuthorizationCode = String.Empty; } try { AuthorizationResult = (System.Int32.Parse(respReceipt.ResponseCode).ToString()); if (AuthorizationResult == null) { AuthorizationResult = String.Empty; } } catch { AuthorizationResult = String.Empty; } AuthorizationTransID = respReceipt.TransID; if (AuthorizationTransID == null || AuthorizationTransID == "null") { AuthorizationTransID = String.Empty; } AVSResult = respReceipt.AvsResultCode; if (AVSResult == null || AVSResult == "null") { AVSResult = String.Empty; } if (respReceipt.CvdResultCode != null && respReceipt.CvdResultCode != "null") { AVSResult += ", CVD Result: " + respReceipt.CvdResultCode; } if (AuthorizationResult != String.Empty && System.Int32.Parse(AuthorizationResult) < 50) { result = AppLogic.ro_OK; if (crypt != AppLogic.AppConfig("eSelectPlus.crypt")) { // we need to store the crypt if it is not the default value // this gets parsed elsewhere so don't modify unless you know what you are doing AuthorizationCode += ", " + cryptLabel + crypt; } } else { result = AppLogic.GetString("gw.moneris.code." + AuthorizationResult, UseBillingAddress.SkinID, UseBillingAddress.LocaleSetting); if (result == "gw.moneris.code." + AuthorizationResult) { result = "Card not accepted. Please try again or choose a different payment method."; } } } else { // failed to Deserialize result = "System error. Unexpected response from payment gateway."; } } else { // failed to communicate result = "System error. Failed to communicate to payment gateway."; return(result); } } catch { result = "System error. Communications to payment gateway aborted unexpectedly."; } if (result != AppLogic.ro_OK && TransactionResponse.Length == 0) { TransactionResponse = result; } return(result); }
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, AspDotNetStorefrontCore.Address UseBillingAddress, String CardExtraCode, AspDotNetStorefrontCore.Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse) { AVSResult = "N/A"; AuthorizationResult = "N/A"; AuthorizationCode = "N/A"; AuthorizationTransID = "N/A"; TransactionCommandOut = "N/A"; TransactionResponse = String.Empty; String signedPARes = String.Empty; String result = AppLogic.ro_OK; CustomerSession cSession = new CustomerSession(CustomerID); if (cSession["3Dsecure.PaRes"].Length != 0) { signedPARes = cSession["3Dsecure.PaRes"]; // After grabbing it, clear out the session PaRes so it won't be re-used ever again. cSession["3Dsecure.PaRes"] = String.Empty; } Configuration conf = new Configuration(); conf.KeysDirectory = AppLogic.AppConfig("CYBERSOURCE.keysDirectory"); conf.KeyFilename = AppLogic.AppConfig("CYBERSOURCE.keyFilename"); conf.MerchantID = AppLogic.AppConfig("CYBERSOURCE.merchantID"); conf.ServerURL = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("CYBERSOURCE.LiveURL"), AppLogic.AppConfig("CYBERSOURCE.TestURL")); if (AppLogic.AppConfigBool("CYBERSOURCE.UsePIT")) { conf.ServerURL = AppLogic.AppConfig("CYBERSOURCE.PITURL"); } RequestMessage request = new RequestMessage(); request.clientApplication = "AspDotNetStorefront"; request.clientApplicationVersion = AppLogic.AppConfig("StoreVersion"); request.clientApplicationUser = CustomerID.ToString(); request.merchantReferenceCode = "Order # " + OrderNumber.ToString() + " " + Localization.ToNativeDateTimeString(System.DateTime.Now); int CardTypeID = DB.GetSqlN("select CardTypeID N from CreditCardType where CardType = " + DB.SQuote(UseBillingAddress.CardType)); bool Try3DSecure = CommonLogic.IntegerIsInIntegerList(CardTypeID, AppLogic.AppConfig("3DSECURE.CreditCardTypeIDs")); if (Try3DSecure) { if (signedPARes == String.Empty) { request.payerAuthEnrollService = new PayerAuthEnrollService(); request.payerAuthEnrollService.run = "true"; if (AppLogic.AppConfig("CYBERSOURCE.paCountryCode") != "") { request.payerAuthEnrollService.countryCode = AppLogic.AppConfig("CYBERSOURCE.paCountryCode"); } if (AppLogic.AppConfig("CYBERSOURCE.paMerchantName") != "") { request.payerAuthEnrollService.merchantName = AppLogic.AppConfig("CYBERSOURCE.paMerchantName"); } if (AppLogic.AppConfig("CYBERSOURCE.paMerchantURL") != "") { request.payerAuthEnrollService.merchantURL = AppLogic.AppConfig("CYBERSOURCE.paMerchantURL"); } request.payerAuthEnrollService.httpAccept = CommonLogic.ServerVariables("HTTP_ACCEPT"); request.payerAuthEnrollService.httpUserAgent = CommonLogic.ServerVariables("HTTP_USER_AGENT"); } else { request.payerAuthValidateService = new PayerAuthValidateService(); request.payerAuthValidateService.signedPARes = signedPARes; request.payerAuthValidateService.run = "true"; } } request.ccAuthService = new CCAuthService(); request.ccAuthService.run = "true"; if (CAVV.Trim().Length != 0) { // only gets set as a result of 3D Secure processing if (GetCardTypeFieldValue(UseBillingAddress.CardType) == "002") { // for MasterCard request.ccAuthService.xid = XID; request.ccAuthService.cavv = CAVV; } } request.merchantID = AppLogic.AppConfig("CYBERSOURCE.merchantID"); if (TransactionMode == TransactionModeEnum.authcapture) { request.ccCaptureService = new CCCaptureService(); request.ccCaptureService.run = "true"; } BillTo billTo = new BillTo(); billTo.firstName = UseBillingAddress.FirstName; billTo.lastName = UseBillingAddress.LastName; billTo.company = UseBillingAddress.Company; billTo.street1 = UseBillingAddress.Address1; billTo.street2 = UseBillingAddress.Address2; billTo.city = UseBillingAddress.City; billTo.state = UseBillingAddress.State; billTo.postalCode = UseBillingAddress.Zip; billTo.country = AppLogic.GetCountryTwoLetterISOCode(UseBillingAddress.Country); billTo.phoneNumber = UseBillingAddress.Phone.PadRight(6, '1'); billTo.email = CommonLogic.IIF(UseBillingAddress.EMail.Length > 2, UseBillingAddress.EMail, "*****@*****.**"); billTo.ipAddress = CommonLogic.CustomerIpAddress(); request.billTo = billTo; if (UseShippingAddress != null) { ShipTo ShipTo = new ShipTo(); ShipTo.firstName = UseShippingAddress.FirstName; ShipTo.lastName = UseShippingAddress.LastName; ShipTo.company = UseShippingAddress.Company; ShipTo.street1 = UseShippingAddress.Address1; ShipTo.street2 = UseShippingAddress.Address2; ShipTo.city = UseShippingAddress.City; ShipTo.state = UseShippingAddress.State; ShipTo.postalCode = UseShippingAddress.Zip; ShipTo.country = AppLogic.GetCountryTwoLetterISOCode(UseShippingAddress.Country); ShipTo.phoneNumber = UseShippingAddress.Phone.PadRight(6, '1'); ShipTo.email = CommonLogic.IIF(UseShippingAddress.EMail.Length > 2, UseShippingAddress.EMail, "*****@*****.**"); request.shipTo = ShipTo; } Card card = new Card(); card.accountNumber = UseBillingAddress.CardNumber; if (CardExtraCode.Trim().Length != 0) { card.cvIndicator = "1"; card.cvNumber = CardExtraCode; } else { card.cvIndicator = "0"; } if (!String.IsNullOrEmpty(UseBillingAddress.CardStartDate) && UseBillingAddress.CardStartDate != "00") { card.startMonth = UseBillingAddress.CardStartDate.Substring(0, 2); card.startYear = UseBillingAddress.CardStartDate.Substring(4, 2); } if (UseBillingAddress.CardIssueNumber.Length != 0) { card.issueNumber = UseBillingAddress.CardIssueNumber; } card.expirationMonth = UseBillingAddress.CardExpirationMonth; card.expirationYear = UseBillingAddress.CardExpirationYear; if (Try3DSecure) { card.cardType = GetCardTypeFieldValue(UseBillingAddress.CardType); if (card.cardType == "000") { return(" Error in configuration. Card type " + UseBillingAddress.CardType + " is not recognized by the gateway."); } } request.card = card; request.item = new Item[1]; Item the_item = new Item(); the_item.id = "0"; the_item.unitPrice = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal); request.item[0] = the_item; PurchaseTotals ptotal = new PurchaseTotals(); ptotal.currency = Localization.StoreCurrency(); // Currency REQUIRED ptotal.grandTotalAmount = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal); // Not needed - can use instead of item price, I think it's better.. request.purchaseTotals = ptotal; // Neccessary result = "ERROR: "; try { ReplyMessage reply = SoapClient.RunTransaction(conf, request); if (Try3DSecure && request.payerAuthEnrollService != null) { if (request.payerAuthEnrollService.run == "true") { // we have some data that needs stored string LookupResult = String.Empty; if (reply.payerAuthEnrollReply != null && reply.payerAuthEnrollReply.paReq != null && reply.payerAuthEnrollReply.paReq.Length > 0) { // will be null if card not enrolled // the paReq comes back encoded, Streamline requires it to be decoded. string sPAReq = CommonLogic.UnzipBase64DataToString(reply.payerAuthEnrollReply.paReq); LookupResult += "paReq=" + XmlCommon.PrettyPrintXml(sPAReq) + System.Environment.NewLine; } if (reply.payerAuthEnrollReply != null && reply.payerAuthEnrollReply.proofXML != null) { /**************************************************************** * Store the complete proofXML whenever it is * * returned. If you ever need to show proof of * * enrollment checking, you will need to parse the string * * for the information required by the card association. * ****************************************************************/ LookupResult += "proofXML data ="; LookupResult += System.Environment.NewLine + XmlCommon.PrettyPrintXml(reply.payerAuthEnrollReply.proofXML); } if (LookupResult != String.Empty) { // encode it to store in the session, it will be decoded before being saved to the database byte[] str = Encoding.UTF8.GetBytes(LookupResult); cSession["3DSecure.LookupResult"] = Convert.ToBase64String(str); } } } if (reply.decision == "REJECT" && reply.reasonCode == "475") { // card enrolled, must perform 3D Secure processing (reasonCode == 475) cSession["3DSecure.CustomerID"] = CustomerID.ToString(); cSession["3DSecure.OrderNumber"] = OrderNumber.ToString(); cSession["3DSecure.MD"] = OrderNumber.ToString(); cSession["3DSecure.ACSUrl"] = reply.payerAuthEnrollReply.acsURL; cSession["3DSecure.paReq"] = reply.payerAuthEnrollReply.paReq; cSession["3DSecure.XID"] = reply.payerAuthEnrollReply.xid; cSession.UpdateCustomerSession(null, null); result = AppLogic.ro_3DSecure; // This is what triggers the 3D Secure IFRAME to be used. return(result); } if (reply.decision == "ACCEPT" || reply.decision == "REVIEW") { result = AppLogic.ro_OK; if (AppLogic.TransactionModeIsAuthCapture()) { AVSResult = reply.ccAuthReply.avsCode; AuthorizationResult = reply.ccCaptureReply.reasonCode; AuthorizationCode = reply.ccAuthReply.authorizationCode; AuthorizationTransID = reply.requestID; } else { AVSResult = reply.ccAuthReply.avsCode; AuthorizationResult = reply.reasonCode; AuthorizationCode = reply.ccAuthReply.authorizationCode; AuthorizationTransID = reply.requestID; } if (signedPARes.Length > 0) { if (reply.payerAuthValidateReply != null) { if (reply.payerAuthValidateReply.ucafAuthenticationData != null) { // MasterCard SecureCode AuthorizationResult += System.Environment.NewLine + "CAVV: " + reply.payerAuthValidateReply.ucafAuthenticationData; AuthorizationResult += System.Environment.NewLine + "ECI: " + reply.payerAuthValidateReply.ucafCollectionIndicator; } else { // Visa VBV AuthorizationResult += System.Environment.NewLine + "CAVV: " + reply.payerAuthValidateReply.cavv; AuthorizationResult += System.Environment.NewLine + "ECI: " + reply.payerAuthValidateReply.eci; } } AuthorizationResult += System.Environment.NewLine + "signedPARes: "; // Streamline requires saving the decoded PARes to the database string sPARes = CommonLogic.UnzipBase64DataToString(signedPARes); // zap the signature since it is long and we don't need it String t1 = "<Signature "; String t2 = "</Signature>"; String sig = t1 + CommonLogic.ExtractToken(sPARes, t1, t2) + t2; AuthorizationResult += System.Environment.NewLine + XmlCommon.PrettyPrintXml(sPARes.Replace(sig, "")); } } else { result = "Your transaction was NOT approved, reason code: " + reply.reasonCode + ". "; if (reply.reasonCode == "476" && reply.payerAuthValidateReply != null) { result += reply.payerAuthValidateReply.authenticationStatusMessage + ". Please try another payment method."; } else { result += GetReasonCodeDescription(reply.reasonCode); if (reply.missingField != null) { foreach (string fieldname in reply.missingField) { result += "[" + fieldname + "]"; } } if (reply.invalidField != null) { foreach (string fieldname in reply.invalidField) { result += "[" + fieldname + "]"; } } } } } catch (SignException se) { result += "Error calling Cybersource gateway. Please retry your order in a few minutes or select another checkout payment option. " + String.Format("Failed to sign the request with error code {0} and message {1}.", DB.SQuote(se.ErrorCode.ToString()), DB.SQuote(se.Message)); } catch (SoapHeaderException she) { result += String.Format("A SOAP header exception was returned with fault code {0} and message {1}.", DB.SQuote(she.Code.ToString()), DB.SQuote(she.Message)); } catch (SoapBodyException sbe) { result += String.Format("A SOAP body exception was returned with fault code {0} and message {1}.", DB.SQuote(sbe.Code.ToString()), DB.SQuote(sbe.Message)); } catch (WebException we) { result += String.Format("Failed to get a response with status {0} and mmessage {1}", DB.SQuote(we.Status.ToString()), DB.SQuote(we.Message)); } catch (Exception ex) { // See requirements at the top of this file. result += "Error calling Cybersource gateway. Please retry your order in a few minutes or select another checkout payment option."; result += " Error message: Make sure the required components for Cybersource are installed on the server. " + ex.Message; result += " <> " + ex.ToString(); } return(result); }