CyberSource Gateway's response.authorization

22 views
Skip to first unread message

Matt Sanders

unread,
Jun 8, 2008, 3:06:54 AM6/8/08
to Active Merchant
I've been doing an integration with CyberSource and come across
something kind of funny. When I look at the response.authorization, I
get a list of returned values compacted together. Specifically:

[ options[:order_id], response[:requestID],
response[:requestToken] ].compact.join(";")

The strange thing is that the response also
includes :authorizationCode, which isn't a part of this string and is
more similar to what the other ActiveMerchant gateways deliver
from .authorization (at least the ones I've worked with). Is there a
reason that it doesn't provide the normal authorization code and
instead gives this joined string?

In case it helps, here's a full response example (relevant fields are
forged, but consistent with real-world response):

#<ActiveMerchant::Billing::Response:0x2573544
@authorization=
"4870;2129974383200108405994;M2xmAAIUT+Vnskl3SBebn9+Ahj77wCPzatev
+Vnskl0BT+Nq168zbGYAAg2gU/GTSTKuj0j18IP4/",
@avs_result=
{"message"=>"Street address and 5-digit postal code match.",
"code"=>"Y",
"street_match"=>"Y",
"postal_match"=>"Y"},
@cvv_result={"message"=>"Match", "code"=>"M"},
@fraud_review=nil,
@message="Successful transaction",
@params=
{"cvCode"=>"M",
"authorizedDateTime"=>"2008-06-08T06:43:59Z",
"avsCode"=>"Y",
"cvCodeRaw"=>"M",
"requestID"=>"2129974383200108405994",
"amount"=>"16.46",
"reasonCode"=>"100",
"avsCodeRaw"=>"Y",
"processorResponse"=>"00",
"merchantReferenceCode"=>"4870",
"requestToken"=>
"M2xmAAIUT+Vnskl3SBebn9+Ahj77wCPzatev+Vnskl0BT+Nq168zbGYAAg2gU/
GTSTKuj0j18IP4/",
"authorizationCode"=>"008997",
"decision"=>"ACCEPT",
"currency"=>"USD"},
@success=true,
@test=false>

For the moment I'm just pulling what I want out of params manually,
but if this behavior is incorrect I'd be happy to draft a patch.

-Matt

Cody Fauser

unread,
Jun 8, 2008, 10:16:31 AM6/8/08
to activem...@googlegroups.com
Matt,

On Sun, Jun 8, 2008 at 3:06 AM, Matt Sanders <ma...@polycot.com> wrote:
>
> I've been doing an integration with CyberSource and come across
> something kind of funny. When I look at the response.authorization, I
> get a list of returned values compacted together. Specifically:
>
> [ options[:order_id], response[:requestID],
> response[:requestToken] ].compact.join(";")

That is done on purpose so that all the information required for
reference transactions is always available in the authorization
string. If you take a look at capture and void you'll see that they
require the order ID, request ID, and request token from the original
transaction. Including those things in the authorization string
prevents the application from having to arbitrarily remember each one
individually, and keeps the interface consistent with other gateways.

The authorization string is meant only for consumption by other
operations in the gateway, and not for display purposes. If you want
to display / store certain parameters from the response then you're
already doing the correct thing by plucking them out of the params
hash.

--
Cody Fauser
http://shopify.com - e-commerce done right
http://www.codyfauser.com - blog
http://peepcode.com/products/activemerchant-pdf - ActiveMerchant PeepCode
http://www.oreilly.com/catalog/rjsrails - RJS Templates for Rails

Matt Sanders

unread,
Jun 10, 2008, 10:03:20 AM6/10/08
to Active Merchant
Great, thanks.

-Matt

On Jun 8, 9:16 am, "Cody Fauser" <codyfau...@gmail.com> wrote:
> Matt,
>
Reply all
Reply to author
Forward
0 new messages