Skip to content

Commit 00d5ec8

Browse files
ugexeugexe
committed
Disallow 4 digit last_digits for 8 digit iins
1 parent 6b1c19c commit 00d5ec8

File tree

3 files changed

+25
-11
lines changed

3 files changed

+25
-11
lines changed

lib/minfraud/components/credit_card.rb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -105,8 +105,8 @@ def validate
105105

106106
validate_telephone_country_code('bank_phone_country_code', @bank_phone_country_code)
107107
validate_regex('issuer_id_number', /\A(?:[0-9]{6}|[0-9]{8})\z/, @issuer_id_number)
108-
validate_regex('last_digits', /\A(?:[0-9]{2}|[0-9]{4})\z/, @last_digits)
109-
validate_regex('last_4_digits', /\A(?:[0-9]{2}|[0-9]{4})\z/, @last_4_digits)
108+
validate_last_digits('last_digits', @last_digits, @issuer_id_number)
109+
validate_last_digits('last_4_digits', @last_digits, @issuer_id_number)
110110
validate_string('bank_name', 255, @bank_name)
111111
validate_string('bank_phone_number', 255, @bank_phone_number)
112112
validate_string('avs_result', 1, @avs_result)

lib/minfraud/validates.rb

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,18 @@ def validate_credit_card_token(field, value)
7070
end
7171
end
7272

73+
def validate_last_digits(field, value, iin)
74+
return if !value
75+
76+
if !value.to_s.match(/\A(?:[0-9]{2}|[0-9]{4})\z/)
77+
raise InvalidInputError, "The #{field} value is not valid. It must be two or four digits."
78+
end
79+
80+
if iin.length == 8 && value.length != 2
81+
raise InvalidInputError, "The #{field} value is not valid. It must be two digits when using an eight digit issuer_id_number."
82+
end
83+
end
84+
7385
def validate_custom_input_value(field, value)
7486
return if !value
7587

spec/components/credit_card_spec.rb

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,17 @@
4848
end.to raise_exception(Minfraud::InvalidInputError)
4949
end
5050

51+
it 'raises an exception for invalid values (eight digit issuer_id_number + 4 digit last_digits)' do
52+
expect do
53+
Minfraud::Components::CreditCard.new(
54+
issuer_id_number: '12345678',
55+
last_digits: '1234',
56+
token: 'abcd',
57+
was_3d_secure_successful: true,
58+
)
59+
end.to raise_exception(Minfraud::InvalidInputError)
60+
end
61+
5162
it 'does not raise an exception for valid values (deprecated last_4_digits)' do
5263
@cc = Minfraud::Components::CreditCard.new(
5364
issuer_id_number: '123456',
@@ -59,15 +70,6 @@
5970
expect(@cc.last_digits).to be('1234')
6071
end
6172

62-
it 'does not raise an exception for valid values (eight digit issuer_id_number)' do
63-
Minfraud::Components::CreditCard.new(
64-
issuer_id_number: '12345678',
65-
last_4_digits: '1234',
66-
token: 'abcd',
67-
was_3d_secure_successful: true,
68-
)
69-
end
70-
7173
it 'does not raise an exception for valid values (two digit last_digits)' do
7274
@cc = Minfraud::Components::CreditCard.new(
7375
issuer_id_number: '12345678',

0 commit comments

Comments
 (0)