for i in infinity

Problem:

Solution:
Somehow my activesupport-2.3.5/lib/active_support/values/unicode_tables.dat was corrupted. Reinstalling activesupport gem fixed the issue.

SagePay allows us to process repeated capture transactions against a successful payment authorization. You can get more information about the introduction and instructions for obtaining a Continuous Authority Internet Merchant Number here.

This example makes use of a forked version of ActiveMerchant and SagePay Simulator environment. Please refer to the previous article for setup instructions.

Setup:

Make sure to check ‘Continuous Authority’ in the simulator account settings.

Case 1: A non 3D Authorized Transaction

response.authorization shows a value simiar to:
00001;{E5AC4385-06F8-40DD-8486-22EFB23768AE};9030;03FQG5AJA6;authorization

Capture the Payment

Repeat the transaction using previous authorization reference.

Case 2: 3D Authorized transaction

Follow the steps 1-3 for 3D Secure Payment Transaction as shown in the previous article. You’ll notice that the authorization returned by a three_d_complete process is incomplete and it looks something like “;{FB448BBF-CB72-414A-B293-316004162EEB};6598;OUWEBUCWL3;three_d_complete”
Prepend the order_id used in step 1 to this authorization reference so that it matches following format:

three_d_auth_reference = “00003;{FB448BBF-CB72-414A-B293-316004162EEB};6598;OUWEBUCWL3;three_d_complete”

Where “00003″ is the order_id used for authorization in step 1.

Capture this 3D Authorized payment for the first time by calling:

This transaction can be repeated by using the previous successful authorization (three_d_auth_reference) with a new order_id.

Introduction

What is 3D secure?

3D Secure is a latest initiative for fraud prevention launched by Visa and MasterCard. 3D Secure adds additional password authentication step to complete the online transactions. A detailed introduction is available at http://www.sagepay.com/developers/industry_knowledge/3d_secure.asp.
This tutorial is a guide to set up a Ruby on Rails test environment for 3D Secure payment transactions using ActiveMerchant plugin.

And why should we care?

3D Secure is becoming an industry standard and it is mandatory for processing Mastero card payments. Also, the deadline for 3-D Secure mandate (United Kingdom) for Maestro transactions is January 31st, 2010 and we want to make sure our applications are compliant by that date.

How does it work?

Fig 1: 3D Secure transaction

Setup

1. Patch ActiveMerchant plugin

To get this working, apply this patch to add 3D Secure support for SagePay gateway. The patch is taken from http://github.com/tekin/active_merchant, however it is modified for SagePayGateway instead of ProtxGateway. Alternately, you can use http://github.com/dynamic50/active_merchant to follow this tutorial.

2. Set up SagePay simulator environment

Apply for a simulator account at https://support.sagepay.com/apply/. The registration process is instant and the support team is quick in responding to your queries. Once your account is created, log on to configure the simulator for direct messages.

Clicking on the “Direct” button takes us to Direct Options and parameters admin page.

Set response for authorization POSTs to 3DAUTH as shown below. In short, we are forcing the response for all validate requests to be 3DAUTH.

http://whatismyip.com for help.

Also, select the “Simulate Direct” checkbox.

In config/environments/development.rb

Make a note that test and simulator are different environments for SagePay payment gateway.

3D Secure Payment Transaction

A typical 3D secure transaction works in four steps as shown in Fig 1. Initialize the gateway and a dummy valid credit card:

Step 1: Authorize

Note: the amount is in pence and order_id can be any unique identifier for your transaction.
The response of this request gives us the PAReq, MD and ACSURL values:

@three_d_secure=true and @success=false imply that we need to complete the 3DSecure authorization first.

Step 2: 3D Authorization

To initiate the 3D Secure authorization, we should post PAReq, MD and the callback url (TermURL) to ACSURL.
We can do it using curl command as:

The response is a html page, captured in temp.html. Edit it and pick up the VPSTxID.
The simulator allows us to send different responses for multiple scenarios. We assume that we have entered correct password and we want to simulate a successful 3D transaction. In this case, we respond to this action by clicking the ‘OK’ button.
This can be done as:

Essentially, we have simulated a “correct 3d password submit” action. The gateway should return a PARes token (for the initiated PAReq value) which can be found out from temp.html.

Step 3: Complete 3D authorization

On the console, call:

The response should be similar to:

@message=”Success” confirms that the 3D authorization was successful. As a last step, we need to complete the transaction by capturing this payment.

Step 4: Capture Payment

SagePay requires you to remember the order_id that you used to initiate the authorization. Get the authorization code from previous response and prefix it with the order id.

Ex: =”a6f8c776ac58dcf08;{FB448BBF-CB72-414A-B293-316004162EEB};6598;OUWEBUCWL3;three_d_complete”
Where order_id=’a6f8c776ac58dcf08′

The aim of this tutorial was to demonstrate a 3D secure payment transaction with details of the tokens exchanged between gateway and the client application. On these lines, we can extend rails support for other gateways to handle 3D Secure authentication. Please leave your comments with suggestions or issues.

Here is a snippet to parse a given http response into plain text. Basically it removes html tags, css blocks, script tags and yield visible text elements as seen in browser.

Gives:

I am starting a series of posts dealing with blockers at work. Here is the first one using gem bundler on Snow Leopard and mysql Mac OS X 10.5 (x86_64) version.

Command:

Error:

Solution:
Compile the bundled mysql gem with correct options. That is, locate your mysql_config and create a bundler_config.yml in application root dir.

Run: