Syndicode
Contact Us
Alexander Germashov
March 28, 2016

Payment processing with Adyen and Ruby on Rails

99.99% of our startup clients have one question in common – how will we accept payments? In this article I’ll show how to integrate your Ruby on Rails application with Adyen payment processing. It has a solution for mobile, online and in-store transactions, their technology enables merchants to accept almost any type of payment, anywhere in the world.

First, setup Adyen account.

Login to the Adyen Customer Area and retrieve the password of your ws user that can submit API calls. Select ws@Company.YourCompany and generate a new password (make a note of your password). Make a note of your Hosted Client Encryption Token to include the encryption library in the following steps.

Set up your payment form

Make sure the form includes all the mandatory fields as shown below:

%form#adyen-encrypted-form{ action: "#handler", method: "POST"}
  %input{ data: { "encrypted-name" => "number" }, size: "20", type: "text"}
  %input{ data: { "encrypted-name" => "holderName" }, size: "20", type: "text"}
  %input{ data: { "encrypted-name" => "expiryMonth" }, maxlength: "2", size: "2", type: "text"}
  %input{ data: { "encrypted-name" => "expiryYear" }, maxlength: "4", size: "4", type: "text"}
  %input{ data: { "encrypted-name" => "cvc" }, maxlength: "4", size: "4", type: "text"}
  %input{ data: { "encrypted-name" => "generationtime" }, type: "hidden", 
          value: Time.now.utc.strftime('%Y-%m-%dT%H:%M:%S.%LZ')}
  %input{ type: "submit", value: "Pay"}

JS encryption library

Next, include the JS encryption library and use it on your payment form.
Your public encryption key and library are hosted by Adyen and you have a unique URL to use when loading the JS in your payment page.
This URL have to contain your unique Hosted Client Encryption Token (see step #1), as shown in the code below.
In the javascript file, call createEncryptedForm with your payment form thus the credit card information is encrypted before the request reaches your servers.

%script{src: "https://test.adyen.com/hpp/cse/js/.shtml", type: 'text/javascript'}
  var form = document.getElementById('adyen-encrypted-form');
  adyen.createEncryptedForm(form);

 Wrapper for Adyen API

Then let’s create a small wrapper for API calls:

class Adyen
  API_URL = 'https://pal-test.adyen.com/pal/servlet/Payment/v12/'

  def self.authorise(encrypted_data, amount_in_cents, currency)
    operation_data = {
      merchantAccount: ENV,
      additionalData: {"card.encrypted.json" => encrypted_data},
      amount: {currency: currency, value: amount_in_cents},
      reference: "your_prefix_" + "#{user.id.to_s}_" +  rand(99999999).to_s
    }
    uri = URI(API_URL + __method__.to_s)
    call_api(uri, operation_data)
  end

  private

  def self.call_api(uri, operation_data)
    res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true, verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http|
      http.request create_request(uri, operation_data)
    end
    JSON.parse(res.body)
  end

  def self.create_request(uri, operation_data)
    Net::HTTP::Post.new(uri, initheader = {'Content-Type' =>'application/json'}).tap |req|
      req.basic_auth ENV, ENV
      req.body = operation_data.to_json
    end
  end
end

Real business

Form submit

After the shopper has submitted your payment form, and before it reaches your server, the script automatically adds the encrypted data to the form. For testing you can use one of test credit cards. Make sure that you include this encrypted data in the server-to-server API call, together with all mandatory fields as seen in the example below. While submitting payments from your server, include your valid credentials (see ENV[]).

Authorize payment

And now you can submit payment to the Adyen test point:

auth_res = Adyen.authorise(params, (amount * 100).to_i, currency)

After submitting the payment, you will receive the response that includes a PSP reference (eg. 7457830855284661). The PSP reference identifies each payment and can be used for further operations like cancel, capture or refund the payment.

Capture your money

After the successful payment authorisation you can completely capture the money, just add one more method to our wrapper class:

class Adyen
  def self.capture(psp, amount_in_cents, currency)
    operation_data = {
      merchantAccount: ENV,
      modificationAmount: {value: amount_in_cents, currency: currency},
      originalReference: psp
    }

    uri = URI(API_URL + __method__.to_s)
    call_api(uri, operation_data)
  end
end

And voilà:

cap_res = Adyen.capture(auth_res, (amount*100).to_i, currency)

Remember this client has paid

Now we can check response on success: cap_res == ”  and see all processed payments in the Adyen Payments List.

That’s all, next time we will uncover payment processing using Hosted Payment Pages (HPP)