diff --git a/lib/fat_zebra.rb b/lib/fat_zebra.rb index d52e85e..fd1212b 100644 --- a/lib/fat_zebra.rb +++ b/lib/fat_zebra.rb @@ -32,6 +32,7 @@ require 'fat_zebra/information' require 'fat_zebra/card' require 'fat_zebra/authenticate' +require 'fat_zebra/three_d_secure' require 'fat_zebra/refund' require 'fat_zebra/payment_plan' require 'fat_zebra/customer' diff --git a/lib/fat_zebra/three_d_secure.rb b/lib/fat_zebra/three_d_secure.rb new file mode 100644 index 0000000..f025578 --- /dev/null +++ b/lib/fat_zebra/three_d_secure.rb @@ -0,0 +1,106 @@ +# frozen_string_literal: true + +module FatZebra + ## + # == FatZebra \ThreeDSecure + # + # Manage 3DS2 authentication for the Cybersource REST API + # + # * setup + # * enrollment + # * validation + # + class ThreeDSecure < APIResource + validates :card_token, required: true, on: :setup + + CHECK_ENROLLMENT_REQUIRED_FIELDS = %i[ + merchant_username + card_token + amount + currency + reference + verification + device_channel + reference_id + return_url + acs_window_size + browser_accept_content + browser_language + browser_java_enabled + browser_color_depth + browser_screen_height + browser_screen_width + browser_time_difference + browser_user_agent + ].freeze + + CHECK_ENROLLMENT_REQUIRED_FIELDS.each do |field| + validates field, required: true, on: :check_enrollment + end + + VALIDATE_AUTHENTICATION_REQUIRED_FIELDS = %i[ + merchant_username + card_token + amount + currency + authentication_transaction_id + ].freeze + + VALIDATE_AUTHENTICATION_REQUIRED_FIELDS.each do |field| + validates field, required: true, on: :validate_authentication + end + + class << self + + def resource_name + 'three_d_secure' + end + + def resource_path + "/sdk/#{resource_name}" + end + + ## + # Sets up a 3ds request + # + # @param [Hash] params + # @param [Hash] options for the request, and configurations (Optional) + # + # @return [FatZebra::ThreeDSecure] + def setup(params = {}, options = {}) + valid!(params, :setup) if respond_to?(:valid!) + + response = request(:post, "#{resource_path}/setup", params, options) + initialize_from(response) + end + + ## + # Enrols card + # + # @param [Hash] params + # @param [Hash] options for the request, and configurations (Optional) + # + # @return [FatZebra::ThreeDSecure] + def check_enrollment(params = {}, options = {}) + valid!(params, :check_enrollment) if respond_to?(:valid!) + + response = request(:post, "#{resource_path}/check_enrollment", params, options) + initialize_from(response) + end + + ## + # Validates card + # + # @param [Hash] params + # @param [Hash] options for the request, and configurations (Optional) + # + # @return [FatZebra::ThreeDSecure] + def validate_authentication(params = {}, options = {}) + valid!(params, :validate_authentication) if respond_to?(:valid!) + + response = request(:post, "#{resource_path}/validate_authentication", params, options) + initialize_from(response) + end + end + end +end diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/validations/1_2_2_1.yml b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/validations/1_2_2_1.yml new file mode 100644 index 0000000..0e89749 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/validations/1_2_2_1.yml @@ -0,0 +1,89 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Card Holder","card_number":"4000000000002503","card_expiry":"02/2045","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:43 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + X-Runtime: + - '0.039104' + Pragma: + - no-cache + X-Request-Id: + - 1bb09cb74d3320807824a2e1 + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"9pdv7a4pkmod2ciuzshj","card_holder":"Card + Holder","card_number":"400000XXXXXX2503","card_expiry":"2045-02-28","card_type":"VISA","card_category":"Credit","card_subcategory":"Standard","card_issuer":"Intl + Hdqtrs Center Owned","card_country":"United States","authorized":true,"transaction_count":0,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:43 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/1_2_1_1.yml b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/1_2_1_1.yml new file mode 100644 index 0000000..1e204f4 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/1_2_1_1.yml @@ -0,0 +1,257 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Card Holder","card_number":"4000000000002503","card_expiry":"02/2045","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:39 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 322a058b06dfda0607a40967 + X-Runtime: + - '0.030946' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"9pdv7a4pkmod2ciuzshj","card_holder":"Card + Holder","card_number":"400000XXXXXX2503","card_expiry":"2045-02-28","card_type":"VISA","card_category":"Credit","card_subcategory":"Standard","card_issuer":"Intl + Hdqtrs Center Owned","card_country":"United States","authorized":true,"transaction_count":0,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:39 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/setup + body: + encoding: UTF-8 + string: '{"card_token":"9pdv7a4pkmod2ciuzshj","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:40 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + Pragma: + - no-cache + X-Request-Id: + - 106a5bfe1f7ea67a0b8269dc + X-Runtime: + - '0.594266' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwN2I3MzczMS1kNTY1LTQyNzUtYjM1Yi0zN2Y4NWNlOTJlNjkiLCJpYXQiOjE3Njg5MDkzNjAsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk2MCwiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUmVmZXJlbmNlSWQiOiJjNzdlNjkxMS1kZDhmLTQ4NmUtOTdjNS1jN2JlZGQ3ZjIzZDQifQ.Wo5yr-JSXYT80Cx2RHKhIJrLw5rsKhktvi6zEuoLQAw","device_data_collection_url":"https://centinelapistag.cardinalcommerce.com/V1/Cruise/Collect","reference_id":"c77e6911-dd8f-486e-97c5-c7bedd7f23d4"}' + recorded_at: Tue, 20 Jan 2026 11:42:40 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/check_enrollment + body: + encoding: UTF-8 + string: '{"merchant_username":"TEST ","card_token":"9pdv7a4pkmod2ciuzshj","amount":100,"currency":"AUD","reference":"ref-cbc06c715840","verification":"123","device_channel":"BROWSER","reference_id":"c77e6911-dd8f-486e-97c5-c7bedd7f23d4","return_url":"https://example.com/3ds/return","acs_window_size":"05","browser_accept_content":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","browser_language":"en-AU","browser_java_enabled":false,"browser_color_depth":24,"browser_screen_height":1080,"browser_screen_width":1920,"browser_time_difference":0,"browser_user_agent":"RSpec","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:41 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + Pragma: + - no-cache + X-Request-Id: + - 50bdd1637ccaee20423e95e0 + X-Runtime: + - '0.579820' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"veres":"Y","pares":"C","eci":null,"cavv":null,"xid":null,"directory_server_transaction_id":"f774ae83-2520-4cee-8d67-793d193a1b73","specification_version":"2.2.0","step_up_url":"https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp","access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1OGFlNDdkOS01NjMxLTRmOTMtOTYzOC1kOWQyYzczYTc5YzIiLCJpYXQiOjE3Njg5MDkzNjAsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk2MCwiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUGF5bG9hZCI6eyJBQ1NVcmwiOiJodHRwczovLzBtZXJjaGFudGFjc3N0YWcuY2FyZGluYWxjb21tZXJjZS5jb20vTWVyY2hhbnRBQ1NXZWIvY3JlcS5qc3AiLCJQYXlsb2FkIjoiZXlKdFpYTnpZV2RsVkhsd1pTSTZJa05TWlhFaUxDSnRaWE56WVdkbFZtVnljMmx2YmlJNklqSXVNaTR3SWl3aWRHaHlaV1ZFVTFObGNuWmxjbFJ5WVc1elNVUWlPaUl6TmprME5tWmxOUzFpWWpGbExUUTNNall0WW1RNE1TMHdNRGhpTmpJeFptUTRaV0VpTENKaFkzTlVjbUZ1YzBsRUlqb2lNekUxWVdZNFlUSXRZV0UzTWkwME1HSmlMV0U1TldVdE9XSmtZV0k0T0dabVpESXlJaXdpWTJoaGJHeGxibWRsVjJsdVpHOTNVMmw2WlNJNklqQTFJbjAiLCJUcmFuc2FjdGlvbklkIjoiMDNlUzdwQVptUlRhQ29zSlVVdzAifSwiT2JqZWN0aWZ5UGF5bG9hZCI6dHJ1ZSwiUmV0dXJuVXJsIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS8zZHMvcmV0dXJuIn0.okPtreuFNQtc83pjbsSlpgUgc_-phGcWKF80be8b6Fo"}' + recorded_at: Tue, 20 Jan 2026 11:42:41 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/1_2_1_3.yml b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/1_2_1_3.yml new file mode 100644 index 0000000..1717f91 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/1_2_1_3.yml @@ -0,0 +1,257 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Card Holder","card_number":"4000000000002503","card_expiry":"02/2045","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:42 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 2f836b0529122a9259464a2b + X-Runtime: + - '0.024410' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"9pdv7a4pkmod2ciuzshj","card_holder":"Card + Holder","card_number":"400000XXXXXX2503","card_expiry":"2045-02-28","card_type":"VISA","card_category":"Credit","card_subcategory":"Standard","card_issuer":"Intl + Hdqtrs Center Owned","card_country":"United States","authorized":true,"transaction_count":0,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:42 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/setup + body: + encoding: UTF-8 + string: '{"card_token":"9pdv7a4pkmod2ciuzshj","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:43 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + Pragma: + - no-cache + X-Request-Id: + - 34ae9b7c5739b1693573ba46 + X-Runtime: + - '0.517167' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwMTg3YzVkNC0wZjdiLTQ0OWMtYjQ5NS05Mzg0NTZmNWZkOGYiLCJpYXQiOjE3Njg5MDkzNjIsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk2MiwiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUmVmZXJlbmNlSWQiOiI4YjgxMmRiZi01ZTRmLTQxNjktOWVjZC1jMWNmMmMzNDIyNGQifQ.xa5YE0zL438_2R9qYx1z95hJ24-dApKrUYwDsvzQmxc","device_data_collection_url":"https://centinelapistag.cardinalcommerce.com/V1/Cruise/Collect","reference_id":"8b812dbf-5e4f-4169-9ecd-c1cf2c34224d"}' + recorded_at: Tue, 20 Jan 2026 11:42:43 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/check_enrollment + body: + encoding: UTF-8 + string: '{"merchant_username":"TEST ","card_token":"9pdv7a4pkmod2ciuzshj","amount":100,"currency":"AUD","reference":"ref-e6360a70d550","verification":"123","device_channel":"BROWSER","reference_id":"8b812dbf-5e4f-4169-9ecd-c1cf2c34224d","return_url":"https://example.com/3ds/return","acs_window_size":"05","browser_accept_content":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","browser_language":"en-AU","browser_java_enabled":false,"browser_color_depth":24,"browser_screen_height":1080,"browser_screen_width":1920,"browser_time_difference":0,"browser_user_agent":"RSpec","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:43 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + Pragma: + - no-cache + X-Request-Id: + - 640df20b5ffa15fc2a720591 + X-Runtime: + - '0.573456' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"veres":"Y","pares":"C","eci":null,"cavv":null,"xid":null,"directory_server_transaction_id":"020e5125-b317-455b-8171-6ebc463b94f7","specification_version":"2.2.0","step_up_url":"https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp","access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI0ZThiNjUxMC0zYWYxLTQyNTctYTg3Mi01MDBhN2ZhMGFjNWUiLCJpYXQiOjE3Njg5MDkzNjMsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk2MywiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUGF5bG9hZCI6eyJBQ1NVcmwiOiJodHRwczovLzBtZXJjaGFudGFjc3N0YWcuY2FyZGluYWxjb21tZXJjZS5jb20vTWVyY2hhbnRBQ1NXZWIvY3JlcS5qc3AiLCJQYXlsb2FkIjoiZXlKdFpYTnpZV2RsVkhsd1pTSTZJa05TWlhFaUxDSnRaWE56WVdkbFZtVnljMmx2YmlJNklqSXVNaTR3SWl3aWRHaHlaV1ZFVTFObGNuWmxjbFJ5WVc1elNVUWlPaUkxTWpjeFpEWmtNQzFoTWpFNUxUUXlZbVF0T1RFek15MWhaRFptT1RrNU16TTVPVGdpTENKaFkzTlVjbUZ1YzBsRUlqb2lZbVJqWlRCaVlUQXRaV1l4TVMwME5UQTBMVGt4TmpjdFlXUTFOVGs1WldKaVl6YzRJaXdpWTJoaGJHeGxibWRsVjJsdVpHOTNVMmw2WlNJNklqQTFJbjAiLCJUcmFuc2FjdGlvbklkIjoiS3NVZDNKSG9WdHpQWWRWd1d6QzAifSwiT2JqZWN0aWZ5UGF5bG9hZCI6dHJ1ZSwiUmV0dXJuVXJsIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS8zZHMvcmV0dXJuIn0.-1DKJtbILA6UGGud8hFggPBuyqzVpQ_fih1oW1EY6dU"}' + recorded_at: Tue, 20 Jan 2026 11:42:43 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/returns_expected_keys.yml b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/returns_expected_keys.yml new file mode 100644 index 0000000..6ef2b97 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_check_enrollment/with_valid_input/returns_expected_keys.yml @@ -0,0 +1,257 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Card Holder","card_number":"4000000000002503","card_expiry":"02/2045","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:41 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 5a0f0f4a4c3c17a14cb49b8a + X-Runtime: + - '0.042969' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"9pdv7a4pkmod2ciuzshj","card_holder":"Card + Holder","card_number":"400000XXXXXX2503","card_expiry":"2045-02-28","card_type":"VISA","card_category":"Credit","card_subcategory":"Standard","card_issuer":"Intl + Hdqtrs Center Owned","card_country":"United States","authorized":true,"transaction_count":0,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:41 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/setup + body: + encoding: UTF-8 + string: '{"card_token":"9pdv7a4pkmod2ciuzshj","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:41 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + X-Runtime: + - '0.469771' + Pragma: + - no-cache + X-Request-Id: + - 1eef70a37fb9f03166dfec6d + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjZmQ3YWY1Zi1mZDNkLTQzODktYWU0OS1jY2ExZjBlNWZkNWUiLCJpYXQiOjE3Njg5MDkzNjEsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk2MSwiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUmVmZXJlbmNlSWQiOiJkZjI3NTA1Yy1kNThmLTRmMmYtOTVmMC1jNjA3NmJkZDNiMTEifQ.qVp97rk5yE5IFLtrqrKmd0bJZK52Cdbs2VBdJA1DErU","device_data_collection_url":"https://centinelapistag.cardinalcommerce.com/V1/Cruise/Collect","reference_id":"df27505c-d58f-4f2f-95f0-c6076bdd3b11"}' + recorded_at: Tue, 20 Jan 2026 11:42:41 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/check_enrollment + body: + encoding: UTF-8 + string: '{"merchant_username":"TEST ","card_token":"9pdv7a4pkmod2ciuzshj","amount":100,"currency":"AUD","reference":"ref-7f48dc0df037","verification":"123","device_channel":"BROWSER","reference_id":"df27505c-d58f-4f2f-95f0-c6076bdd3b11","return_url":"https://example.com/3ds/return","acs_window_size":"05","browser_accept_content":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","browser_language":"en-AU","browser_java_enabled":false,"browser_color_depth":24,"browser_screen_height":1080,"browser_screen_width":1920,"browser_time_difference":0,"browser_user_agent":"RSpec","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:42 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + Pragma: + - no-cache + X-Request-Id: + - 520fb63e0517f350581b5fd6 + X-Runtime: + - '0.607629' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"veres":"Y","pares":"C","eci":null,"cavv":null,"xid":null,"directory_server_transaction_id":"6a643b6a-4611-4816-ba5f-fb5d6e7cb195","specification_version":"2.2.0","step_up_url":"https://centinelapistag.cardinalcommerce.com/V2/Cruise/StepUp","access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyMjBjZjRlNy0yYjY1LTQ1NWQtODE3Zi1iMzk0YjZjMjIyOTgiLCJpYXQiOjE3Njg5MDkzNjIsImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk2MiwiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUGF5bG9hZCI6eyJBQ1NVcmwiOiJodHRwczovLzBtZXJjaGFudGFjc3N0YWcuY2FyZGluYWxjb21tZXJjZS5jb20vTWVyY2hhbnRBQ1NXZWIvY3JlcS5qc3AiLCJQYXlsb2FkIjoiZXlKdFpYTnpZV2RsVkhsd1pTSTZJa05TWlhFaUxDSnRaWE56WVdkbFZtVnljMmx2YmlJNklqSXVNaTR3SWl3aWRHaHlaV1ZFVTFObGNuWmxjbFJ5WVc1elNVUWlPaUkyTXpZMVlUUXlPUzFpTXpFd0xUUmxNRGd0WVRrME1DMDBOekZsWW1NeFlUVm1ObUVpTENKaFkzTlVjbUZ1YzBsRUlqb2lZVFZoWldObU5UVXRNV014WXkwME1HTmhMVGhrT0dZdE4ySTBOVEZoWkdZeU0yVXlJaXdpWTJoaGJHeGxibWRsVjJsdVpHOTNVMmw2WlNJNklqQTFJbjAiLCJUcmFuc2FjdGlvbklkIjoiNVJ0Q1BWOVhDbzFROVRTNXZkMzAifSwiT2JqZWN0aWZ5UGF5bG9hZCI6dHJ1ZSwiUmV0dXJuVXJsIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS8zZHMvcmV0dXJuIn0.kd-mKaOEsF3rOP_3jfOAr1KOQALXshbPhs08De4mG6M"}' + recorded_at: Tue, 20 Jan 2026 11:42:42 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_setup/valid_payload/returns_expected_keys.yml b/spec/cassettes/FatZebra_ThreeDSecure/_setup/valid_payload/returns_expected_keys.yml new file mode 100644 index 0000000..881ad11 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_setup/valid_payload/returns_expected_keys.yml @@ -0,0 +1,173 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Card Holder","card_number":"4000000000002503","card_expiry":"02/2045","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:38 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 449171be698c16d64de1c1ad + X-Runtime: + - '0.025630' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"9pdv7a4pkmod2ciuzshj","card_holder":"Card + Holder","card_number":"400000XXXXXX2503","card_expiry":"2045-02-28","card_type":"VISA","card_category":"Credit","card_subcategory":"Standard","card_issuer":"Intl + Hdqtrs Center Owned","card_country":"United States","authorized":true,"transaction_count":0,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:38 GMT +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/sdk/three_d_secure/setup + body: + encoding: UTF-8 + string: '{"card_token":"9pdv7a4pkmod2ciuzshj","test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:39 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept, Origin + Pragma: + - no-cache + X-Request-Id: + - 47fec3713726b9834dc150e7 + X-Runtime: + - '0.679717' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3ZjM0ZDI1My03NGIzLTQ3OTMtOGRjZC1jNzlkZjZlNjQyYmEiLCJpYXQiOjE3Njg5MDkzNTksImlzcyI6IjVkZDgzYmYwMGU0MjNkMTQ5OGRjYmFjYSIsImV4cCI6MTc2ODkxMjk1OSwiT3JnVW5pdElkIjoiNjE5ZDU1OTVlNGMxZGE1NTAzNmFjMTViIiwiUmVmZXJlbmNlSWQiOiJlMmNjOGM3OS01NjExLTQ5YTAtOTk0My02NmU5NWNlMzM2NDQifQ.W4ZTd5sL9A9_5CisVZkITWOacGHL9Pr6Nyt_xThEBS8","device_data_collection_url":"https://centinelapistag.cardinalcommerce.com/V1/Cruise/Collect","reference_id":"e2cc8c79-5611-49a0-9943-66e95ce33644"}' + recorded_at: Tue, 20 Jan 2026 11:42:39 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/validations/1_3_1_1.yml b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/validations/1_3_1_1.yml new file mode 100644 index 0000000..4e889a0 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/validations/1_3_1_1.yml @@ -0,0 +1,89 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Matthew Savage","card_number":"5123456789012346","card_expiry":"02/2030","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:45:22 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + X-Runtime: + - '0.036536' + Pragma: + - no-cache + X-Request-Id: + - 1a1f6c833d5de79820b88170 + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"02gg1kmaafmw92ah3mgo","card_holder":"Matthew + Savage","card_number":"512345XXXXXX2346","card_expiry":"2030-02-28","card_type":"MasterCard","card_category":"Debit","card_subcategory":"PrePaid","card_issuer":"Afriland + First Bank","card_country":"Liberia","authorized":true,"transaction_count":411,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:45:22 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/validations/1_3_2_1.yml b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/validations/1_3_2_1.yml new file mode 100644 index 0000000..5a2c069 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/validations/1_3_2_1.yml @@ -0,0 +1,89 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Matthew Savage","card_number":"5123456789012346","card_expiry":"02/2030","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:44 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 3ffbdf59712fa06e2578a497 + X-Runtime: + - '0.031469' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"02gg1kmaafmw92ah3mgo","card_holder":"Matthew + Savage","card_number":"512345XXXXXX2346","card_expiry":"2030-02-28","card_type":"MasterCard","card_category":"Debit","card_subcategory":"PrePaid","card_issuer":"Afriland + First Bank","card_country":"Liberia","authorized":true,"transaction_count":411,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:44 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/with_valid_input/1_3_1_1.yml b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/with_valid_input/1_3_1_1.yml new file mode 100644 index 0000000..75a743a --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/with_valid_input/1_3_1_1.yml @@ -0,0 +1,89 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Matthew Savage","card_number":"5123456789012346","card_expiry":"02/2030","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:44 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 2c5aebf536b3e6023cf2bed0 + X-Runtime: + - '0.039472' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"02gg1kmaafmw92ah3mgo","card_holder":"Matthew + Savage","card_number":"512345XXXXXX2346","card_expiry":"2030-02-28","card_type":"MasterCard","card_category":"Debit","card_subcategory":"PrePaid","card_issuer":"Afriland + First Bank","card_country":"Liberia","authorized":true,"transaction_count":411,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:44 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/with_valid_input/returns_expected_keys.yml b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/with_valid_input/returns_expected_keys.yml new file mode 100644 index 0000000..14007d8 --- /dev/null +++ b/spec/cassettes/FatZebra_ThreeDSecure/_validate_authentication/with_valid_input/returns_expected_keys.yml @@ -0,0 +1,89 @@ +--- +http_interactions: +- request: + method: post + uri: https://gateway.sandbox.fatzebra.com.au/v1.0/credit_cards + body: + encoding: UTF-8 + string: '{"card_holder":"Matthew Savage","card_number":"5123456789012346","card_expiry":"02/2030","cvv":123,"test":true}' + headers: + Accept-Encoding: + - gzip;q=1.0,deflate;q=0.6,identity;q=0.3 + Accept: + - application/json + User-Agent: + - Ruby + Authorization: + - Basic VEVTVDpURVNU + Content-Type: + - application/json + response: + status: + code: 200 + message: OK + headers: + Date: + - Tue, 20 Jan 2026 11:42:44 GMT + Content-Type: + - application/json; charset=utf-8 + Transfer-Encoding: + - chunked + Connection: + - keep-alive + Status: + - 200 OK + Cache-Control: + - no-store + Vary: + - Accept + Pragma: + - no-cache + X-Request-Id: + - 1422bc7b3c02765a2d7a6d95 + X-Runtime: + - '0.039603' + X-Backend: + - ip-10-100-22-12.ap-southeast-2.compute.internal + Strict-Transport-Security: + - max-age=31536000; includeSubDomains + Content-Security-Policy-Report-Only: + - 'child-src ''self'' blob: *.cardinalcommerce.com fatzebra.statuspage.io; connect-src + ''self'' *.mastercard.com *.forter.com *.pmnts-staging.io *.rollbar.com *.nr-data.net + *.cardinalcommerce.com fatzebra.statuspage.io *.googleapis.com *.google-analytics.com + *.sdiapi.com *.sdiapi.net *.posthog.com; default-src ''self'' ''unsafe-eval'' + ''unsafe-inline'' *.forter.com *.nr-data.net blob: *.pmnts-sandbox.io *.rollbar.com + fatzebra.statuspage.io *.iovation.com data: *.googleapis.com *.gstatic.com + *.newrelic.com *.bootstrapcdn.com www.google.com pay.google.com *.google-analytics.com + *.gravatar.com; font-src ''self'' cdnjs.cloudflare.com data: *.gstatic.com + *.bootstrapcdn.com *.aexp-static.com; form-action ''self'' *.cardinalcommerce.com; + frame-ancestors ''self'' *.sdiapi.com *.sdiapi.net; frame-src ''self'' *.sdiapi.com + fatzebra.statuspage.io *.americanexpress.com www.google.com pay.google.com + *.masterpass.com *.visa.com *.mastercard.com *.recaptcha.net *.sdiapi.net; + img-src ''self'' *.visa.com data: *.googleapis.com *.gstatic.com masterpass.com + *.masterpass.com *.americanexpress.com *.google-analytics.com *.gravatar.com; + script-src ''self'' ''unsafe-eval'' ''unsafe-inline'' *.cdn-apple.com *.forter.com + *.nr-data.net *.pmnts-sandbox.io *.pmnts-staging.io *.rollbar.com fatzebra.statuspage.io + cdnjs.cloudflare.com *.iovation.com *.jquery.com *.newrelic.com *.googleapis.com + *.cardinalcommerce.com *.bootstrapcdn.com wasm-eval *.google-analytics.com + *.googletagmanager.com *.sdiapi.com *.sdiapi.net *.posthog.com; script-src-attr + ''unsafe-inline''; script-src-elem ''self'' ''unsafe-inline'' *.sdiapi.com + *.cdn-apple.com *.googletagmanager.com *.forter.com *.nr-data.net *.pmnts-sandbox.io + *.rollbar.com fatzebra.statuspage.io *.iovation.com *.jquery.com cdnjs.cloudflare.com + *.pmnts-staging.io *.aexp-static.com *.newrelic.com *.googleapis.com *.americanexpress.com + www.google.com pay.google.com *.visa.com *.masterpass.com *.mastercard.com + *.google-analytics.com *.gstatic.com *.bootstrapcdn.com *.sdiapi.net; style-src + ''self'' ''unsafe-eval'' ''unsafe-inline'' *.bootstrapcdn.com *.googleapis.com; + style-src-attr ''unsafe-inline''; style-src-elem ''unsafe-inline'' ''self'' + *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com *.mastercard.com; + worker-src blob: *.sdiapi.com *.sdiapi.net *.posthog.com; report-uri https://fatzebra.report-uri.com/r/d/csp/wizard' + Nel: + - '{"report_to":"default","max_age":31536000,"include_subdomains":true}' + Report-To: + - '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://fatzebra.report-uri.com/a/d/g"}],"include_subdomains":true}' + body: + encoding: UTF-8 + string: '{"successful":true,"response":{"token":"02gg1kmaafmw92ah3mgo","card_holder":"Matthew + Savage","card_number":"512345XXXXXX2346","card_expiry":"2030-02-28","card_type":"MasterCard","card_category":"Debit","card_subcategory":"PrePaid","card_issuer":"Afriland + First Bank","card_country":"Liberia","authorized":true,"transaction_count":411,"alias":null},"errors":[],"test":true}' + recorded_at: Tue, 20 Jan 2026 11:42:44 GMT +recorded_with: VCR 6.3.1 diff --git a/spec/lib/fat_zebra/three_d_secure_spec.rb b/spec/lib/fat_zebra/three_d_secure_spec.rb new file mode 100644 index 0000000..14b9867 --- /dev/null +++ b/spec/lib/fat_zebra/three_d_secure_spec.rb @@ -0,0 +1,138 @@ +require 'spec_helper' + +describe FatZebra::ThreeDSecure do + describe '.setup', :vcr do + subject(:setup) { described_class.setup(valid_setup_payload) } + + let(:valid_setup_payload) {{ + card_token: card_token + }} + + let!(:credit_card) { FatZebra::Card.create(valid_three_d_secure_card_payload) } + let(:card_token) { credit_card.token } + + context 'valid payload' do + + it 'returns expected keys' do + expect(setup.keys.map(&:to_s)).to include( + 'reference_id', + 'access_token', + 'device_data_collection_url' + ) + end + end + end + + describe '.check_enrollment', :vcr do + subject(:enrollment) { described_class.check_enrollment(valid_enrollment_payload) } + + let!(:credit_card) { FatZebra::Card.create(valid_three_d_secure_card_payload) } + + let(:valid_enrollment_payload) {{ + merchant_username: merchant_username, + card_token: credit_card.token, + amount: 100, + currency: 'AUD', + reference: "ref-#{SecureRandom.hex(6)}", + verification: '123', + device_channel: 'BROWSER', + reference_id: reference_id, + return_url: 'https://example.com/3ds/return', + acs_window_size: '05', + browser_accept_content: 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', + browser_language: 'en-AU', + browser_java_enabled: false, + browser_color_depth: 24, + browser_screen_height: 1080, + browser_screen_width: 1920, + browser_time_difference: 0, + browser_user_agent: 'RSpec' + }} + + let(:merchant_username) { "TEST "} + + let(:reference_id) do + described_class.setup(card_token: credit_card.token).reference_id + end + + context 'with valid input' do + it do + expect(enrollment.errors).to be_nil + end + + it 'returns expected keys' do + expect(enrollment.keys.map(&:to_s)).to include('veres', 'pares', 'eci', 'cavv', 'xid', 'directory_server_transaction_id', 'specification_version', 'step_up_url', 'access_token') + end + + it do + expect(enrollment.veres).to be_truthy + expect(enrollment.pares).to be_truthy + expect(enrollment.eci).to be_nil + expect(enrollment.eci).to be_nil + expect(enrollment.cavv).to be_nil + expect(enrollment.xid).to be_nil + expect(enrollment.directory_server_transaction_id).to be_truthy + expect(enrollment.specification_version).to be_truthy + expect(enrollment.step_up_url).to be_truthy + expect(enrollment.access_token).to be_truthy + end + end + + context 'validations' do + let(:valid_enrollment_payload) {{}} + + it { expect { enrollment }.to raise_error(FatZebra::RequestValidationError) } + end + end + + describe '.validate_authentication', :vcr do + subject(:validation) { described_class.validate_authentication(valid_three_d_secure_card_payload) } + + let!(:credit_card) { FatZebra::Card.create(valid_three_d_secure_card_payload) } + + let(:merchant_username) { ENV.fetch('FATZEBRA_MERCHANT_USERNAME', 'test') } + + let(:reference_id) do + described_class.setup(card_token: credit_card.token).reference_id + end + + let(:authentication_transaction_id) do + described_class.check_enrollment(valid_enrollment_payload).authentication_transaction_id + end + + let(:valid_enrollment_payload) {{ + merchant_username: merchant_username, + card_token: credit_card.token, + amount: 100, + currency: 'AUD', + reference: "ref-#{SecureRandom.hex(6)}", + verification: '123', + device_channel: 'BROWSER', + reference_id: reference_id, + return_url: 'https://example.com/3ds/return', + acs_window_size: '05', + browser_accept_content: 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', + browser_language: 'en-AU', + browser_java_enabled: false, + browser_color_depth: 24, + browser_screen_height: 1080, + browser_screen_width: 1920, + browser_time_difference: 0, + browser_user_agent: 'RSpec' + }} + + let(:valid_validation_payload) {{ + merchant_username: merchant_username, + card_token: credit_card.token, + amount: 100, + currency: 'AUD', + authentication_transaction_id: authentication_transaction_id + }} + + context 'validations' do + let(:valid_validation_payload) {{}} + + it { expect { validation }.to raise_error(FatZebra::RequestValidationError) } + end + end +end diff --git a/spec/support/payloads.rb b/spec/support/payloads.rb index 902bac0..d5d54cd 100644 --- a/spec/support/payloads.rb +++ b/spec/support/payloads.rb @@ -19,6 +19,13 @@ cvv: 123 }} + let(:valid_three_d_secure_card_payload) {{ + card_holder: 'Card Holder', + card_number: '4000000000002503', + card_expiry: DateTime.new(2045, 2, 3).strftime('%m/%Y'), + cvv: 123 + }} + let(:customer_valid_payload) {{ first_name: 'Harrold', last_name: 'Humphries',