Ejegg has uploaded a new change for review.
https://gerrit.wikimedia.org/r/167642
Change subject: Allow special treatment for certain store IDs
......................................................................
Allow special treatment for certain store IDs
Store IDs listed in account_config['SpecialSnowflakeStoreIDs']
allow transactions to proceed even when missing AVS result nodes
and reporting no CVV data matched
Change-Id: Ie2a84b372c11beef109ad443a660182e42eee701
---
M tests/Adapter/WorldPay/WorldPayTest.php
M tests/DonationInterfaceTestCase.php
M tests/TestConfiguration.php
A
tests/includes/Responses/worldpay/AuthorizePaymentForFraud_snowflake.testresponse
M worldpay_gateway/worldpay.adapter.php
5 files changed, 101 insertions(+), 4 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/DonationInterface
refs/changes/42/167642/1
diff --git a/tests/Adapter/WorldPay/WorldPayTest.php
b/tests/Adapter/WorldPay/WorldPayTest.php
index 02e60c2..cfb3f92 100644
--- a/tests/Adapter/WorldPay/WorldPayTest.php
+++ b/tests/Adapter/WorldPay/WorldPayTest.php
@@ -376,4 +376,36 @@
$this->assertEquals( $expected_order_id,
$gateway->getData_Unstaged_Escaped( 'order_id' ),
'Decimal Order ID is correctly built from Contribution
Tracking ID.' );
}
+
+ /**
+ * Ensure processResponse doesn't fail trxn for special accounts when
AVS
+ * nodes are missing.
+ */
+ function testProcessResponseAllowsSnowflakeAVSMissing() {
+ $options = $this->getDonorTestData( 'FJ' ); // 'FJ' store ID is
set up as a special exception
+
+ $gateway = $this->getFreshGatewayObject( $options );
+ $gateway->setDummyGatewayResponseCode( 'snowflake' );
+ $results = $gateway->do_transaction( 'AuthorizePaymentForFraud'
);
+
+ // internal-0001 is the error code processRespose adds for
missing nodes
+ $this->assertFalse( array_key_exists( 'internal-0001',
$results['errors'] ),
+ 'processResponse is failing a special snowflake account
with a response missing AVS nodes' );
+ }
+
+ /**
+ * Ensure we don't give too high a risk score for special accounts when
+ * AVS address / zip match was not performed and CVV reports failure
+ */
+ function testAntifraudAllowsSnowflakeAVSMissingAndCVVMismatch() {
+ $options = $this->getDonorTestData( 'FJ' ); // 'FJ' store ID is
set up as a special exception
+
+ $gateway = $this->getFreshGatewayObject( $options );
+ $gateway->setDummyGatewayResponseCode( 'snowflake' );
+ $gateway->do_transaction( 'AuthorizePaymentForFraud' );
+
+ $this->assertTrue( $gateway->getCVVResult(), 'getCVVResult
failing snowflake account' );
+
+ $this->assertTrue( $gateway->getAVSResult() < 25, 'getAVSResult
giving snowflake account too high a risk score' );
+ }
}
diff --git a/tests/DonationInterfaceTestCase.php
b/tests/DonationInterfaceTestCase.php
index 02d2ef4..4effd29 100644
--- a/tests/DonationInterfaceTestCase.php
+++ b/tests/DonationInterfaceTestCase.php
@@ -153,6 +153,18 @@
'amount' => '1.55',
'language' => 'fr',
),
+ // Fiji is configured as a snowflake to test special
treatment for certain store IDs
+ 'FJ' => array (
+ 'city' => 'Suva',
+ 'state' => 'XX',
+ 'zip' => '0',
+ 'currency_code' => 'EUR',
+ 'street' => '123 Fake Street',
+ 'fname' => 'FirstName',
+ 'lname' => 'LastName',
+ 'amount' => '1.55',
+ 'language' => 'en',
+ ),
'NL' => array (
'city' => 'Amsterdam',
'state' => 'XX',
diff --git a/tests/TestConfiguration.php b/tests/TestConfiguration.php
index 00a458a..d3ae290 100644
--- a/tests/TestConfiguration.php
+++ b/tests/TestConfiguration.php
@@ -135,6 +135,7 @@
'Test' => true,
'TokenizingMerchantID' => '123456',
'StoreIDs' => array (
+ '*/FJ/EUR' => array( 123456, 'fj_store_id' ),
'*/*/EUR' => array( 123456, 'eur_store_id' ),
'*/*/USD' => array( 123456, 'usd_store_id' ),
),
@@ -144,6 +145,10 @@
'Password' => 'testpass2',
),
),
+ // Test special treatment - allow 'fail' CVV and missing AVS nodes
+ 'SpecialSnowflakeStoreIDs' => array(
+ 'fj_store_id',
+ ),
);
$wgWorldPayGatewayURL = 'https://test.worldpay.com';
diff --git
a/tests/includes/Responses/worldpay/AuthorizePaymentForFraud_snowflake.testresponse
b/tests/includes/Responses/worldpay/AuthorizePaymentForFraud_snowflake.testresponse
new file mode 100644
index 0000000..0c96cb9
--- /dev/null
+++
b/tests/includes/Responses/worldpay/AuthorizePaymentForFraud_snowflake.testresponse
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<!--Special Snowflake test response with no AVS nodes and weird CVV nodes -->
+<TMSTN>
+ <MerchantId>123456</MerchantId>
+ <TransactionType>PT</TransactionType>
+ <OrderNumber>000000000</OrderNumber>
+ <StrId>111111111</StrId>
+ <PTTID>222222222</PTTID>
+ <MOP>CC</MOP>
+ <CurrencyId>978</CurrencyId>
+ <Amount>0.10</Amount>
+ <AuthCode>4935D</AuthCode>
+ <RequestType>A</RequestType>
+ <MessageCode>2100</MessageCode>
+ <Message>Transaction Approved</Message>
+ <CVNMessageCode>2</CVNMessageCode>
+ <CVNMessage>No Data Matched</CVNMessage>
+ <UTC>20141017015115</UTC>
+</TMSTN>
\ No newline at end of file
diff --git a/worldpay_gateway/worldpay.adapter.php
b/worldpay_gateway/worldpay.adapter.php
index 90f6286..d214621 100644
--- a/worldpay_gateway/worldpay.adapter.php
+++ b/worldpay_gateway/worldpay.adapter.php
@@ -714,6 +714,20 @@
);
}
+ /**
+ * Check if the currently-staged store ID is configured for special
treatment.
+ * Certain store IDs (just FR so far) do not get AVS results, and
always get
+ * a 'fail' result for CVV. These are configured in the
account_config's
+ * SpecialSnowflakeStoreIDs array.
+ *
+ * @return bool Whether currently staged account is special
+ */
+ private function is_snowflake_account() {
+ return array_key_exists( 'SpecialSnowflakeStoreIDs',
$this->account_config )
+ && array_key_exists( 'wp_storeid', $this->staged_data )
+ && in_array( $this->staged_data['wp_storeid'],
$this->account_config['SpecialSnowflakeStoreIDs'] );
+ }
+
public function do_transaction( $transaction ) {
$this->url = $this->getGlobal( 'URL' );
@@ -856,12 +870,17 @@
break;
case 'AuthorizePaymentForFraud':
- $return = $setFailOnEmpty( $addData( array(
- 'CVNMatch' => 'cvv_result',
+ // StoreIDs for certain countries (just FR so
far) get XML responses
+ // with no AVS results and no 'CVNMatch' node.
+ $needfulThings = $this->is_snowflake_account()
? array(
+ 'PTTID' => 'wp_pttid',
+ ) : array(
'AddressMatch' => 'avs_address',
'PostalCodeMatch' => 'avs_zip',
- 'PTTID' => 'wp_pttid'
- ) ) );
+ 'PTTID' => 'wp_pttid',
+ 'CVNMatch' => 'cvv_result',
+ );
+ $return = $setFailOnEmpty( $addData(
$needfulThings ) );
$this->dataObj->expunge( 'cvv' );
break;
}
@@ -1037,6 +1056,11 @@
* determine if we want to fail the transaction ourselves or not.
*/
public function getCVVResult() {
+ // Special accounts always return false, but we let them through
+ if ( $this->is_snowflake_account() ) {
+ return true;
+ }
+
$cvv_result = '';
if ( !is_null( $this->getData_Unstaged_Escaped( 'cvv_result' )
) ) {
$cvv_result = $this->getData_Unstaged_Escaped(
'cvv_result' );
@@ -1056,6 +1080,11 @@
* together: One for address, and one for zip.
*/
public function getAVSResult() {
+ // Special accounts are missing the AVS nodes, but we don't
fail them.
+ if ( $this->is_snowflake_account() ) {
+ return 0;
+ }
+
$avs_address = '';
$avs_zip = '';
--
To view, visit https://gerrit.wikimedia.org/r/167642
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie2a84b372c11beef109ad443a660182e42eee701
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/DonationInterface
Gerrit-Branch: master
Gerrit-Owner: Ejegg <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
