diff --git a/CHANGELOG b/CHANGELOG
index 9e11baee976..3e102903375 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -17,6 +17,7 @@
* NMI: Add customer vault fields [yunnydang] #5215
* CheckoutV2: Add inquire method [almalee24] #5209
* Iveri: Add AuthReversal for Authorizations [almalee24] #5201
+* Decidir & Braintree: Scrub cryptogram and card number [almalee24] #5220
== Version 1.137.0 (August 2, 2024)
* Unlock dependency on `rexml` to allow fixing a CVE (#5181).
diff --git a/lib/active_merchant/billing/gateways/braintree/braintree_common.rb b/lib/active_merchant/billing/gateways/braintree/braintree_common.rb
index 165d8faaa90..1d9f1df0890 100644
--- a/lib/active_merchant/billing/gateways/braintree/braintree_common.rb
+++ b/lib/active_merchant/billing/gateways/braintree/braintree_common.rb
@@ -23,6 +23,8 @@ def scrub(transcript)
gsub(%r(()[^<]+()), '\1[FILTERED]\2').
gsub(%r(()[^<]+()), '\1[FILTERED]\2').
gsub(%r(()[^<]{100,}()), '\1[FILTERED]\2').
- gsub(%r(()[^<]+()), '\1[FILTERED]\2')
+ gsub(%r(()[^<]+()), '\1[FILTERED]\2').
+ gsub(%r(()[^<]+()), '\1[FILTERED]\2').
+ gsub(%r(()[^<]+()), '\1[FILTERED]\2')
end
end
diff --git a/lib/active_merchant/billing/gateways/decidir.rb b/lib/active_merchant/billing/gateways/decidir.rb
index b534beaa0c1..2289be27a5a 100644
--- a/lib/active_merchant/billing/gateways/decidir.rb
+++ b/lib/active_merchant/billing/gateways/decidir.rb
@@ -106,7 +106,9 @@ def scrub(transcript)
gsub(%r((apikey: )\w+)i, '\1[FILTERED]').
gsub(%r((\"card_number\\\":\\\")\d+), '\1[FILTERED]').
gsub(%r((\"security_code\\\":\\\")\d+), '\1[FILTERED]').
- gsub(%r((\"emv_issuer_data\\\":\\\")\d+), '\1[FILTERED]')
+ gsub(%r((\"emv_issuer_data\\\":\\\")\d+), '\1[FILTERED]').
+ gsub(%r((\"cryptogram\\\":\\\")\w+), '\1[FILTERED]').
+ gsub(%r((\"token\\\":\\\")\d+), '\1[FILTERED]')
end
private
diff --git a/test/remote/gateways/remote_decidir_test.rb b/test/remote/gateways/remote_decidir_test.rb
index 6f91f22778c..3a948ad1c03 100644
--- a/test/remote/gateways/remote_decidir_test.rb
+++ b/test/remote/gateways/remote_decidir_test.rb
@@ -360,4 +360,14 @@ def test_transcript_scrubbing
assert_scrubbed(@credit_card.verification_value, transcript)
assert_scrubbed(@gateway_for_purchase.options[:api_key], transcript)
end
+
+ def test_transcript_scrubbing_network_token
+ transcript = capture_transcript(@gateway_for_purchase) do
+ @gateway_for_purchase.purchase(@amount, @network_token, @options)
+ end
+ transcript = @gateway_for_purchase.scrub(transcript)
+
+ assert_scrubbed(@network_token.payment_cryptogram, transcript)
+ assert_scrubbed(@network_token.number, transcript)
+ end
end
diff --git a/test/unit/gateways/braintree_blue_test.rb b/test/unit/gateways/braintree_blue_test.rb
index 1628b63eac6..34988dd498b 100644
--- a/test/unit/gateways/braintree_blue_test.rb
+++ b/test/unit/gateways/braintree_blue_test.rb
@@ -1568,6 +1568,10 @@ def test_scrub_sensitive_data
assert_equal filtered_success_token_nonce, @gateway.scrub(success_create_token_nonce)
end
+ def test_transcript_scrubbing_network_token
+ assert_equal @gateway.scrub(pre_scrub_network_token), post_scrub_network_token
+ end
+
def test_setup_purchase
Braintree::ClientTokenGateway.any_instance.expects(:generate).with do |params|
(params[:merchant_account_id] == 'merchant_account_id')
@@ -1751,4 +1755,674 @@ def filtered_success_token_nonce
[Braintree]
RESPONSE
end
+
+ def pre_scrub_network_token
+ <<-RESPONSE
+ [Braintree]
+ [Braintree] 47.70
+ [Braintree] 111111
+ [Braintree]
+ [Braintree]
+ [Braintree] test_transaction@gmail.com
+ [Braintree] 123341
+ [Braintree] John
+ [Braintree] Smith
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree] true
+ [Braintree]
+ [Braintree] true
+ [Braintree]
+ [Braintree]
+ [Braintree] 111111
+ [Braintree] 11111122233
+ [Braintree] checkout-flow
+ [Braintree] 0
+ [Braintree]
+ [Braintree] Account-12344
+ [Braintree]
+ [Braintree] 41111111111111
+ [Braintree] 02
+ [Braintree] 2028
+ [Braintree] John Smith
+ [Braintree]
+ [Braintree] /wBBBBBBBPZWYOv4AmbmrruuUDDDD=
+ [Braintree] 07
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] vaulted
+ [Braintree] 312343241232
+ [Braintree]
+ [Braintree] recurring
+ [Braintree]
+ [Braintree] 251 Test STree
+ [Braintree]
+ [Braintree]
+ [Braintree] Los Angeles
+ [Braintree] CA
+ [Braintree] 57753
+ [Braintree] US
+ [Braintree] USA
+ [Braintree]
+ [Braintree]
+ [Braintree] 251 Test Street
+ [Braintree]
+ [Braintree]
+ [Braintree] Los Angeles
+ [Braintree] CA
+ [Braintree] 57753
+ [Braintree] US
+ [Braintree] USA
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] CHANNEL_BT
+ [Braintree] sale
+ [Braintree]
+
+ I, [2024-08-16T16:36:13.440224 #2217917] INFO -- : [Braintree] [16/Aug/2024 16:36:13 UTC] POST /merchants/js7myvkvrjt5khpb/transactions 201
+ D, [2024-08-16T16:36:13.440275 #2217917] DEBUG -- : [Braintree] [16/Aug/2024 16:36:13 UTC] 201
+ D, [2024-08-16T16:36:13.440973 #2217917] DEBUG -- : [Braintree]
+ [Braintree]
+ [Braintree] ftq5rn1j
+ [Braintree] submitted_for_settlement
+ [Braintree] sale
+ [Braintree] USD
+ [Braintree] 47.70
+ [Braintree] 47.70
+ [Braintree] CHANNEL
+ [Braintree]
+ [Braintree]
+ [Braintree] 114475310
+ [Braintree] 2024-08-16T16:36:12Z
+ [Braintree] 2024-08-16T16:36:13Z
+ [Braintree]
+ [Braintree]
+ [Braintree] John
+ [Braintree] Smith
+ [Braintree]
+ [Braintree] test_email@gmail.com
+ [Braintree]
+ [Braintree] 8765432432
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 251 Test Street
+ [Braintree]
+ [Braintree] Los Angeles
+ [Braintree] CA
+ [Braintree] 5773
+ [Braintree] United States of America
+ [Braintree] US
+ [Braintree] USA
+ [Braintree] 840
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 251 Test Street
+ [Braintree]
+ [Braintree] Anna Smith
+ [Braintree] CA
+ [Braintree] 32343
+ [Braintree] United States of America
+ [Braintree] US
+ [Braintree] USA
+ [Braintree] 840
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 1122334455
+ [Braintree] 12356432
+ [Braintree] tbyb-second
+ [Braintree] 0
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree] M
+ [Braintree] M
+ [Braintree] I
+ [Braintree]
+ [Braintree] 796973
+ [Braintree] 1000
+ [Braintree] Approved
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree] true
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] https://assets.braintreegateway.com/payment_method_logo/unknown.png?environment=production
+ [Braintree] false
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 41111
+ [Braintree] 111
+ [Braintree] Visa
+ [Braintree] 02
+ [Braintree] 2028
+ [Braintree] US
+ [Braintree] John Smith
+ [Braintree] https://assets.braintreegateway.com/paymenn
+ [Braintree] true
+ [Braintree] No
+ [Braintree] No
+ [Braintree] Yes
+ [Braintree] Yes
+ [Braintree] Unknown
+ [Braintree] No
+ [Braintree] Test Bank Account
+ [Braintree] USA
+ [Braintree] F
+ [Braintree]
+ [Braintree] credit
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 2024-08-16T16:36:13Z
+ [Braintree] authorized
+ [Braintree] 47.70
+ [Braintree] testemail@gmail.com
+ [Braintree] api
+ [Braintree]
+ [Braintree]
+ [Braintree] 2024-08-16T16:36:13Z
+ [Braintree] submitted_for_settlement
+ [Braintree] 47.70
+ [Braintree] testemail@gmail.com
+ [Braintree] api
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] true
+ [Braintree] CHANNEL_BT
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] network_token
+ [Braintree]
+ [Braintree]
+ [Braintree] 00
+ [Braintree] Successful approval/completion or V.I.P. PIN verification is successful
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 1122334455667786
+ [Braintree] approved
+ [Braintree] 2024-08-17T16:36:13Z
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] ddetwte3DG43GDR
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 112233445566
+ [Braintree]
+ [Braintree] CHANNEL_MERCHANT
+ [Braintree]
+ [Braintree]
+ [Braintree] New York
+ [Braintree] NY
+ [Braintree] 10012
+ [Braintree] 551-453-46223
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] fqq5tm1j
+ [Braintree] dHJhbnNhY3RpE3Gppse33o
+ [Braintree] 47.70
+ [Braintree] USD
+ [Braintree] 1000
+ [Braintree] Approved
+ [Braintree] 755332
+ [Braintree] TEST-STORE
+ [Braintree]
+ [Braintree]
+ [Braintree] New York
+ [Braintree] NY
+ [Braintree] 10012
+ [Braintree] 551-733-45235
+ [Braintree]
+ [Braintree] 122334553
+ [Braintree]
+ [Braintree] sale
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ RESPONSE
+ end
+
+ def post_scrub_network_token
+ <<-RESPONSE
+ [Braintree]
+ [Braintree] 47.70
+ [Braintree] 111111
+ [Braintree]
+ [Braintree]
+ [Braintree] test_transaction@gmail.com
+ [Braintree] 123341
+ [Braintree] John
+ [Braintree] Smith
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree] true
+ [Braintree]
+ [Braintree] true
+ [Braintree]
+ [Braintree]
+ [Braintree] 111111
+ [Braintree] 11111122233
+ [Braintree] checkout-flow
+ [Braintree] 0
+ [Braintree]
+ [Braintree] Account-12344
+ [Braintree]
+ [Braintree] [FILTERED]
+ [Braintree] 02
+ [Braintree] 2028
+ [Braintree] John Smith
+ [Braintree]
+ [Braintree] [FILTERED]
+ [Braintree] 07
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] vaulted
+ [Braintree] 312343241232
+ [Braintree]
+ [Braintree] recurring
+ [Braintree]
+ [Braintree] 251 Test STree
+ [Braintree]
+ [Braintree]
+ [Braintree] Los Angeles
+ [Braintree] CA
+ [Braintree] 57753
+ [Braintree] US
+ [Braintree] USA
+ [Braintree]
+ [Braintree]
+ [Braintree] 251 Test Street
+ [Braintree]
+ [Braintree]
+ [Braintree] Los Angeles
+ [Braintree] CA
+ [Braintree] 57753
+ [Braintree] US
+ [Braintree] USA
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] CHANNEL_BT
+ [Braintree] sale
+ [Braintree]
+
+ I, [2024-08-16T16:36:13.440224 #2217917] INFO -- : [Braintree] [16/Aug/2024 16:36:13 UTC] POST /merchants/js7myvkvrjt5khpb/transactions 201
+ D, [2024-08-16T16:36:13.440275 #2217917] DEBUG -- : [Braintree] [16/Aug/2024 16:36:13 UTC] 201
+ D, [2024-08-16T16:36:13.440973 #2217917] DEBUG -- : [Braintree]
+ [Braintree]
+ [Braintree] ftq5rn1j
+ [Braintree] submitted_for_settlement
+ [Braintree] sale
+ [Braintree] USD
+ [Braintree] 47.70
+ [Braintree] 47.70
+ [Braintree] CHANNEL
+ [Braintree]
+ [Braintree]
+ [Braintree] 114475310
+ [Braintree] 2024-08-16T16:36:12Z
+ [Braintree] 2024-08-16T16:36:13Z
+ [Braintree]
+ [Braintree]
+ [Braintree] John
+ [Braintree] Smith
+ [Braintree]
+ [Braintree] test_email@gmail.com
+ [Braintree]
+ [Braintree] 8765432432
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 251 Test Street
+ [Braintree]
+ [Braintree] Los Angeles
+ [Braintree] CA
+ [Braintree] 5773
+ [Braintree] United States of America
+ [Braintree] US
+ [Braintree] USA
+ [Braintree] 840
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 251 Test Street
+ [Braintree]
+ [Braintree] Anna Smith
+ [Braintree] CA
+ [Braintree] 32343
+ [Braintree] United States of America
+ [Braintree] US
+ [Braintree] USA
+ [Braintree] 840
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 1122334455
+ [Braintree] 12356432
+ [Braintree] tbyb-second
+ [Braintree] 0
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree] M
+ [Braintree] M
+ [Braintree] I
+ [Braintree]
+ [Braintree] 796973
+ [Braintree] 1000
+ [Braintree] Approved
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree] true
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] https://assets.braintreegateway.com/payment_method_logo/unknown.png?environment=production
+ [Braintree] false
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree] Unknown
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 41111
+ [Braintree] 111
+ [Braintree] Visa
+ [Braintree] 02
+ [Braintree] 2028
+ [Braintree] US
+ [Braintree] John Smith
+ [Braintree] https://assets.braintreegateway.com/paymenn
+ [Braintree] true
+ [Braintree] No
+ [Braintree] No
+ [Braintree] Yes
+ [Braintree] Yes
+ [Braintree] Unknown
+ [Braintree] No
+ [Braintree] Test Bank Account
+ [Braintree] USA
+ [Braintree] F
+ [Braintree]
+ [Braintree] credit
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 2024-08-16T16:36:13Z
+ [Braintree] authorized
+ [Braintree] 47.70
+ [Braintree] testemail@gmail.com
+ [Braintree] api
+ [Braintree]
+ [Braintree]
+ [Braintree] 2024-08-16T16:36:13Z
+ [Braintree] submitted_for_settlement
+ [Braintree] 47.70
+ [Braintree] testemail@gmail.com
+ [Braintree] api
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] true
+ [Braintree] CHANNEL_BT
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] network_token
+ [Braintree]
+ [Braintree]
+ [Braintree] 00
+ [Braintree] Successful approval/completion or V.I.P. PIN verification is successful
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 1122334455667786
+ [Braintree] approved
+ [Braintree] 2024-08-17T16:36:13Z
+ [Braintree]
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] ddetwte3DG43GDR
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] 112233445566
+ [Braintree]
+ [Braintree] CHANNEL_MERCHANT
+ [Braintree]
+ [Braintree]
+ [Braintree] New York
+ [Braintree] NY
+ [Braintree] 10012
+ [Braintree] 551-453-46223
+ [Braintree]
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree] fqq5tm1j
+ [Braintree] dHJhbnNhY3RpE3Gppse33o
+ [Braintree] 47.70
+ [Braintree] USD
+ [Braintree] 1000
+ [Braintree] Approved
+ [Braintree] 755332
+ [Braintree] TEST-STORE
+ [Braintree]
+ [Braintree]
+ [Braintree] New York
+ [Braintree] NY
+ [Braintree] 10012
+ [Braintree] 551-733-45235
+ [Braintree]
+ [Braintree] 122334553
+ [Braintree]
+ [Braintree] sale
+ [Braintree] false
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ [Braintree]
+ RESPONSE
+ end
end