class OffsitePayments::Integrations::FirstData::Notification
First Data payment pages emulates the Authorize.Net SIM API. See OffsitePayments::Integrations::FirstData::Notification
for more details.
# Example: parser = FirstData::Notification.new(request.raw_post)
passed = parser.complete?
order = Order.find_by_order_number(parser.invoice_num)
unless order
@message = 'Error--unable to find your transaction! Please contact us directly.' return render :partial => 'first_data_payment_response'
end
if order.total != parser.gross.to_f
logger.error "First Data said they paid for #{parser.gross} and it should have been #{order.total}!" passed = false
end
# Theoretically, First Data will never pass us the same transaction # ID twice, but we can double check that… by using # parser.transaction_id, and checking against previous orders’ transaction # id’s (which you can save when the order is completed).… unless parser.acknowledge FIRST_DATA_TRANSACTION_KEY, FIRST_DATA_RESPONSE_KEY
passed = false logger.error "ALERT POSSIBLE FRAUD ATTEMPT"
end
unless parser.cavv_matches? and parser.avs_code_matches?
logger.error 'Warning--non matching CC!' + params.inspect # Could fail them here, as well (recommended)...
end
if passed
# Set up your session, and render something that will redirect them to # your site, most likely.
else
# Render failure or redirect them to your site where you will render failure
end
Public Instance Methods
acknowledge(response_key, payment_page_id)
click to toggle source
# File lib/offsite_payments/integrations/first_data.rb, line 127 def acknowledge(response_key, payment_page_id) Digest::MD5.hexdigest(response_key + payment_page_id + params['x_trans_id'] + sprintf('%.2f', gross)) == params['x_MD5_Hash'].downcase end