Upstream anet fixes

Author: eileenmcnaughton

vendor/omnipay/authorizenet/README.md

@@ -36,9 +36,46 @@ The following gateways are provided by this package:
 * AuthorizeNet_SIM
 * AuthorizeNet_DPM
 
+In addition, `Accept.JS` is supported by the AIM driver. More details are provided below.
+
 For general usage instructions, please see the main [Omnipay](https://github.com/thephpleague/omnipay)
 repository.
 
+## Accept.JS
+
+This gateway uses a JacaScript script to tokenize credit card details at the front end,
+i.e. in the payment form.
+Just the tokenized version of the credit card is then sent back to the merchant site,
+where it is used as a proxy for the credit card.
+
+The card is tokenized into two values returned in `opaqueData` object from Accept.JS:
+
+* dataDescriptor - the type of opaque data, e.g. "COMMON.ACCEPT.INAPP.PAYMENT"
+* dataValue - the value for the opaque data, e.g. "eyJjb2RlIjoiNT... {256 characters} ...idiI6IjEuMSJ9"
+
+These two values must be POSTed back to the merchant application, usually as a part of the payment form.
+Make sure the raw credit card details are NOT posted back to your site.
+How this is handled is beyond this short note, but examples are always welcome in the documentation.
+
+On the server, the tokenized detailt are passed into the `payment` or `authorize` request object.
+You will still need to pass in the `CreditCard` object, as that contains details of the payee and
+recipient, but just leave the credit card details of that object blank. For example:
+
+```php
+// $gateway is an instantiation of the AIM driver.
+// $dataDescriptor and $dataValue come from the paymentr form at the front end.
+
+$request = $gateway->purchase(
+    [
+        'notifyUrl' => '...',
+        'amount' => $amount,
+        'opaqueDataDescriptor' => $dataDescriptor,
+        'opaqueDataValue' => $dataValue,
+        ...
+    ]
+);
+```
+
 ## Support
 
 If you are having general issues with Omnipay, we suggest posting on

vendor/omnipay/authorizenet/src/AIMGateway.php

@@ -6,6 +6,7 @@
 use Omnipay\AuthorizeNet\Message\AIMCaptureRequest;
 use Omnipay\AuthorizeNet\Message\AIMPaymentPlanQueryResponse;
 use Omnipay\AuthorizeNet\Message\AIMPurchaseRequest;
+use Omnipay\AuthorizeNet\Message\QueryRequest;
 use Omnipay\AuthorizeNet\Message\AIMRefundRequest;
 use Omnipay\AuthorizeNet\Message\AIMVoidRequest;
 use Omnipay\Common\AbstractGateway;
@@ -27,6 +28,7 @@ public function getDefaultParameters()
             'transactionKey'    => '',
             'testMode'          => false,
             'developerMode'     => false,
+            'hashSecret'        => '',
             'liveEndpoint'      => 'https://api2.authorize.net/xml/v1/request.api',
             'developerEndpoint' => 'https://apitest.authorize.net/xml/v1/request.api',
         );
@@ -155,7 +157,7 @@ public function refund(array $parameters = array())
 
     /**
      * @param array $parameters
-     * @return AIMPaymentPlansQueryResponse
+     * @return AIMPaymentPlansQueryRequest
      */
     public function paymentPlansQuery(array $parameters = array())
     {

vendor/omnipay/authorizenet/src/Message/AIMAbstractRequest.php

@@ -163,6 +163,44 @@ public function setInvoiceNumber($value)
         return $this->setParameter('invoiceNumber', $value);
     }
 
+    /**
+     * @link http://developer.authorize.net/api/reference/features/acceptjs.html Documentation on opaque data
+     * @return string
+     */
+    public function getOpaqueDataDescriptor()
+    {
+        return $this->getParameter('opaqueDataDescriptor');
+    }
+
+    /**
+     * @link http://developer.authorize.net/api/reference/features/acceptjs.html Documentation on opaque data
+     * @return string
+     */
+    public function getOpaqueDataValue()
+    {
+        return $this->getParameter('opaqueDataValue');
+    }
+
+    /**
+     * @link http://developer.authorize.net/api/reference/features/acceptjs.html Documentation on opaque data
+     * @param string
+     * @return string
+     */
+    public function setOpaqueDataDescriptor($value)
+    {
+        return $this->setParameter('opaqueDataDescriptor', $value);
+    }
+
+    /**
+     * @link http://developer.authorize.net/api/reference/features/acceptjs.html Documentation on opaque data
+     * @param string
+     * @return string
+     */
+    public function setOpaqueDataValue($value)
+    {
+        return $this->setParameter('opaqueDataValue', $value);
+    }
+
     public function sendData($data)
     {
         $headers = array('Content-Type' => 'text/xml; charset=utf-8');

vendor/omnipay/authorizenet/src/Message/AIMAuthorizeRequest.php

@@ -26,6 +26,15 @@ public function getData()
 
     protected function addPayment(\SimpleXMLElement $data)
     {
+        /**
+         * @link http://developer.authorize.net/api/reference/features/acceptjs.html Documentation on opaque data
+         */
+        if ($this->getOpaqueDataDescriptor() && $this->getOpaqueDataValue()) {
+            $data->transactionRequest->payment->opaqueData->dataDescriptor = $this->getOpaqueDataDescriptor();
+            $data->transactionRequest->payment->opaqueData->dataValue = $this->getOpaqueDataValue();
+            return;
+        }
+
         $this->validate('card');
         /** @var CreditCard $card */
         $card = $this->getCard();

vendor/omnipay/authorizenet/src/Message/AIMResponse.php

@@ -18,6 +18,14 @@ class AIMResponse extends AbstractResponse
      */
     const ERROR_RESPONSE_CODE_CANNOT_ISSUE_CREDIT = 54;
 
+    /**
+     * The overall transaction result code.
+     */
+    const TRANSACTION_RESULT_CODE_APPROVED = 1;
+    const TRANSACTION_RESULT_CODE_DECLINED = 2;
+    const TRANSACTION_RESULT_CODE_ERROR    = 3;
+    const TRANSACTION_RESULT_CODE_REVIEW   = 4;
+
     public function __construct(AbstractRequest $request, $data)
     {
         // Strip out the xmlns junk so that PHP can parse the XML
@@ -38,17 +46,25 @@ public function __construct(AbstractRequest $request, $data)
 
     public function isSuccessful()
     {
-        return 1 === $this->getResultCode();
+        return static::TRANSACTION_RESULT_CODE_APPROVED === $this->getResultCode();
     }
 
     /**
-     * Overall status of the transaction. This field is also known as "Response Code" in Authorize.NET terminology.
+     * Status of the transaction. This field is also known as "Response Code" in Authorize.NET terminology.
+     * A result of 0 is returned if there is no transaction response returned, e.g. a validation error in
+     * some data, or invalid login credentials.
      *
      * @return int 1 = Approved, 2 = Declined, 3 = Error, 4 = Held for Review
      */
     public function getResultCode()
     {
-        return intval((string)$this->data->transactionResponse[0]->responseCode);
+        // If there is a transaction response, then we get the code from that.
+        if (isset($this->data->transactionResponse[0])) {
+            return intval((string)$this->data->transactionResponse[0]->responseCode);
+        }
+
+        // No transaction response, so return 3 aka "error".
+        return static::TRANSACTION_RESULT_CODE_ERROR;
     }
 
     /**
@@ -62,11 +78,15 @@ public function getReasonCode()
 
         if (isset($this->data->transactionResponse[0]->messages)) {
             // In case of a successful transaction, a "messages" element is present
-            $code = intval((string)$this->data->transactionResponse[0]->messages[0]->message[0]->code);
+            $code = intval((string)$this->data->transactionResponse[0]->messages[0]->message->code);
 
         } elseif (isset($this->data->transactionResponse[0]->errors)) {
             // In case of an unsuccessful transaction, an "errors" element is present
-            $code = intval((string)$this->data->transactionResponse[0]->errors[0]->error[0]->errorCode);
+            $code = intval((string)$this->data->transactionResponse[0]->errors[0]->error->errorCode);
+
+        } elseif (isset($this->data->messages[0]->message)) {
+            // In case of invalid request, the top-level message provides details.
+            $code = (string)$this->data->messages[0]->message->code;
         }
 
         return $code;
@@ -83,19 +103,27 @@ public function getMessage()
 
         if (isset($this->data->transactionResponse[0]->messages)) {
             // In case of a successful transaction, a "messages" element is present
-            $message = (string)$this->data->transactionResponse[0]->messages[0]->message[0]->description;
+            $message = (string)$this->data->transactionResponse[0]->messages[0]->message->description;
 
         } elseif (isset($this->data->transactionResponse[0]->errors)) {
             // In case of an unsuccessful transaction, an "errors" element is present
-            $message = (string)$this->data->transactionResponse[0]->errors[0]->error[0]->errorText;
+            $message = (string)$this->data->transactionResponse[0]->errors[0]->error->errorText;
+
+        } elseif (isset($this->data->messages[0]->message)) {
+            // In case of invalid request, the top-level message provides details.
+            $message = (string)$this->data->messages[0]->message->text;
         }
 
         return $message;
     }
 
     public function getAuthorizationCode()
     {
-        return (string)$this->data->transactionResponse[0]->authCode;
+        if (isset($this->data->transactionResponse[0])) {
+            return (string)$this->data->transactionResponse[0]->authCode;
+        } else {
+            return '';
+        }
     }
 
     /**
@@ -105,36 +133,48 @@ public function getAuthorizationCode()
      */
     public function getAVSCode()
     {
-        return (string)$this->data->transactionResponse[0]->avsResultCode;
+        if (isset($this->data->transactionResponse[0])) {
+            return (string)$this->data->transactionResponse[0]->avsResultCode;
+        } else {
+            return '';
+        }
     }
 
     /**
-     * A composite key containing the gateway provided transaction reference as well as other data points that may be
-     * required for subsequent transactions that may need to modify this one.
+     * A composite key containing the gateway provided transaction reference as
+     * well as other data points that may be required for subsequent transactions
+     * that may need to modify this one.
      *
      * @param bool $serialize Determines whether a string or object is returned
      * @return TransactionReference|string
      */
     public function getTransactionReference($serialize = true)
     {
-        $body = $this->data->transactionResponse[0];
-        $transactionRef = new TransactionReference();
-        $transactionRef->setApprovalCode((string)$body->authCode);
-        $transactionRef->setTransId((string)$body->transId);
-
-        try {
-            // Need to store card details in the transaction reference since it is required when doing a refund
-            if ($card = $this->request->getCard()) {
-                $transactionRef->setCard(array(
-                    'number' => $card->getNumberLastFour(),
-                    'expiry' => $card->getExpiryDate('mY')
-                ));
-            } elseif ($cardReference = $this->request->getCardReference()) {
-                $transactionRef->setCardReference(new CardReference($cardReference));
+        // The transactionResponse is only returned if succesful or declined
+        // for some reason, so don't assume it will always be there.
+
+        if (isset($this->data->transactionResponse[0])) {
+            $body = $this->data->transactionResponse[0];
+            $transactionRef = new TransactionReference();
+            $transactionRef->setApprovalCode((string)$body->authCode);
+            $transactionRef->setTransId((string)$body->transId);
+
+            try {
+                // Need to store card details in the transaction reference since it is required when doing a refund
+                if ($card = $this->request->getCard()) {
+                    $transactionRef->setCard(array(
+                        'number' => $card->getNumberLastFour(),
+                        'expiry' => $card->getExpiryDate('mY')
+                    ));
+                } elseif ($cardReference = $this->request->getCardReference()) {
+                    $transactionRef->setCardReference(new CardReference($cardReference));
+                }
+            } catch (\Exception $e) {
             }
-        } catch (\Exception $e) {
+
+            return $serialize ? (string)$transactionRef : $transactionRef;
         }
-return (string)$body->transId;
-        return $serialize ? (string)$transactionRef : $transactionRef;
+
+        return '';
     }
 }

vendor/omnipay/authorizenet/src/Message/CIMAbstractResponse.php

@@ -12,6 +12,14 @@
  */
 abstract class CIMAbstractResponse extends AbstractResponse
 {
+    /**
+     * The overall transaction result code.
+     */
+    const TRANSACTION_RESULT_CODE_APPROVED = 1;
+    const TRANSACTION_RESULT_CODE_DECLINED = 2;
+    const TRANSACTION_RESULT_CODE_ERROR    = 3;
+    const TRANSACTION_RESULT_CODE_REVIEW   = 4;
+
     protected $responseType = null;
 
     public function __construct(RequestInterface $request, $data)
@@ -40,7 +48,7 @@ public function __construct(RequestInterface $request, $data)
 
     public function isSuccessful()
     {
-        return 1 === $this->getResultCode();
+        return $this->getResultCode() === static::TRANSACTION_RESULT_CODE_APPROVED;
     }
 
     /**
@@ -51,11 +59,12 @@ public function isSuccessful()
     public function getResultCode()
     {
         $result = (string)$this->data['messages'][0]['resultCode'];
+
         switch ($result) {
             case 'Ok':
-                return 1;
+                return static::TRANSACTION_RESULT_CODE_APPROVED;
             case 'Error':
-                return 3;
+                return static::TRANSACTION_RESULT_CODE_ERROR;
             default:
                 return null;
 
@@ -112,24 +121,33 @@ public function getMessage()
         return $message;
     }
 
+    /**
+     * Get the reusable card reference from the response.
+     * Used in conjuction with CIMGateway::createCard()
+     *
+     * @return string|null
+     */
     public function getCardReference()
     {
         $cardRef = null;
+
         if ($this->isSuccessful()) {
             $data['customerProfileId'] = $this->getCustomerProfileId();
             $data['customerPaymentProfileId'] = $this->getCustomerPaymentProfileId();
+
             if (!empty($data['customerProfileId']) && !empty($data['customerPaymentProfileId'])) {
                 // For card reference both profileId and payment profileId should exist
                 $cardRef = json_encode($data);
             }
         }
+
         return $cardRef;
     }
 
     /**
      * http://bookofzeus.com/articles/convert-simplexml-object-into-php-array/
      *
-     * Convert a simpleXMLElement in to an array
+     * Convert a simpleXMLElement into an array
      *
      * @param \SimpleXMLElement $xml
      *
@@ -138,9 +156,11 @@ public function getCardReference()
     public function xml2array(\SimpleXMLElement $xml)
     {
         $arr = array();
+
         foreach ($xml as $element) {
             $tag = $element->getName();
             $e = get_object_vars($element);
+
             if (!empty($e)) {
                 $arr[$tag][] = $element instanceof \SimpleXMLElement ? $this->xml2array($element) : $e;
             } else {
@@ -173,8 +193,10 @@ public function augmentResponse()
 
         /** @var CreditCard $card */
         $card = $this->request->getCard();
+
         if ($card) {
             $ccString = $card->getNumber() . $card->getExpiryMonth() . $card->getExpiryYear();
+
             $this->data['hash'] = md5($ccString);
             $this->data['brand'] = $card->getBrand();
             $this->data['expiryYear'] = $card->getExpiryYear();