Merge pull request #82 from CyberSource/sensitive-logging

Added sensitive logging

Logging.md

@@ -0,0 +1,65 @@
+[![Generic badge](https://img.shields.io/badge/LOGGING-NEW-GREEN.svg)](https://shields.io/)
+
+# Logging in CyberSource REST Client SDK (Node.js)
+
+Since v0.0.35, a new logging framework has been introduced in the SDK. This new logging framework makes use of Winston, and standardizes the logging so that it can be integrated with the logging in the client application. The decision to use Winston for building this logging framework has been taken based on benchmark studies that have been made on various logging platforms supported for Node.js.
+
+[One such study](https://www.loggly.com/blog/benchmarking-popular-node-js-logging-libraries/) performed benchmarking of five logging frameworks on the market — Log4js, Winston, Bunyan, winston-syslog, and bunyan-syslog. In this study,
+
+> _Winston performed best when logging to the console. Winston and Bunyan both performed best in their own ways when logging to the file system._
+
+## Winston Configuration
+
+In order to leverage the new logging framework, the following configuration settings may be added to the merchant configuration as part of **`LogConfiguration`**:
+
+* enableLog
+* logDirectory
+* logFileName
+* logFileMaxSize
+* loggingLevel
+* maxLogFiles
+* enableMasking
+
+In our [sample Configuration.js](https://github.com/CyberSource/cybersource-rest-samples-node/blob/master/Data/Configuration.js) file, the following lines
+
+```javascript
+    'enableLog': EnableLog,
+    'logFilename': LogFileName,
+    'logDirectory': LogDirectory,
+    'logFileMaxSize': LogfileMaxSize
+```
+
+have to be replaced by the following lines
+
+```javascript
+    'logConfiguration': {
+        'enableLog': EnableLog,
+        'logFileName': LogFileName,
+        'logDirectory': LogDirectory,
+        'logFileMaxSize': LogfileMaxSize,
+        'loggingLevel': LogLevel,
+        'enableMasking': EnableMasking
+    }
+```
+
+where, `EnableLog`, `LogFileName`, `LogDirectory`, `LogfileMaxSize`, `LogLevel`, and `EnableMasking` are variables to be provided.
+
+### Important Notes
+
+The variable `enableMasking` needs to be set to `true` if sensitive data in the request/response should be hidden/masked.
+
+Sensitive data fields are listed below:
+
+  * Card Security Code
+  * Card Number
+  * Any field with `number` in the name
+  * Card Expiration Month
+  * Card Expiration Year
+  * Account
+  * Routing Number
+  * Email
+  * First Name & Last Name
+  * Phone Number
+  * Type
+  * Token
+  * Signature

README.md

@@ -56,6 +56,14 @@ Cybersource maintains a complete sandbox environment for testing and development
 
 API credentials are different for each environment, so be sure to switch to the appropriate credentials when switching environments.
 
+### Logging
+
+[![Generic badge](https://img.shields.io/badge/LOGGING-NEW-GREEN.svg)](https://shields.io/)
+
+Since v0.0.35, a new logging framework has been introduced in the SDK. This new logging framework makes use of Winston, and standardizes the logging so that it can be integrated with the logging in the client application.
+
+More information about this new logging framework can be found in this file : [Logging.md](Logging.md)
+
 ## License
 
 This repository is distributed under a proprietary license. See the provided [`LICENSE.txt`](/LICENSE.txt) file.

docs/CreateAdhocReportRequest.md

@@ -11,7 +11,7 @@ Name | Type | Description | Notes
 **timezone** | **String** | Timezone of the report | [optional] 
 **reportStartTime** | **Date** | Start time of the report | [optional] 
 **reportEndTime** | **Date** | End time of the report | [optional] 
-**reportFilters** | **{String: [String]}** | List of filters to apply | [optional] 
+**reportFilters** | [**Reportingv3reportsReportFilters**](Reportingv3reportsReportFilters.md) |  | [optional] 
 **reportPreferences** | [**Reportingv3reportsReportPreferences**](Reportingv3reportsReportPreferences.md) |  | [optional] 
 **groupName** | **String** | Specifies the group name | [optional] 
 

docs/CreatePaymentRequest.md

@@ -21,6 +21,8 @@ Name | Type | Description | Notes
 **healthCareInformation** | [**Ptsv2paymentsHealthCareInformation**](Ptsv2paymentsHealthCareInformation.md) |  | [optional] 
 **promotionInformation** | [**Ptsv2paymentsPromotionInformation**](Ptsv2paymentsPromotionInformation.md) |  | [optional] 
 **tokenInformation** | [**Ptsv2paymentsTokenInformation**](Ptsv2paymentsTokenInformation.md) |  | [optional] 
+**invoiceDetails** | [**Ptsv2paymentsInvoiceDetails**](Ptsv2paymentsInvoiceDetails.md) |  | [optional] 
+**processorInformation** | [**Ptsv2paymentsProcessorInformation**](Ptsv2paymentsProcessorInformation.md) |  | [optional] 
 **riskInformation** | [**Ptsv2paymentsRiskInformation**](Ptsv2paymentsRiskInformation.md) |  | [optional] 
 **acquirerInformation** | [**Ptsv2paymentsAcquirerInformation**](Ptsv2paymentsAcquirerInformation.md) |  | [optional] 
 **recurringPaymentInformation** | [**Ptsv2paymentsRecurringPaymentInformation**](Ptsv2paymentsRecurringPaymentInformation.md) |  | [optional] 

docs/PtsV2PaymentsCapturesPost201ResponseOrderInformationAmountDetails.md

@@ -5,5 +5,6 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **totalAmount** | **String** | Amount you requested for the capture.  | [optional] 
 **currency** | **String** | Currency used for the order. Use the three-character [ISO Standard Currency Codes.](http://apps.cybersource.com/library/documentation/sbc/quickref/currencies.pdf)  #### Used by **Authorization** Required field.  **Authorization Reversal** For an authorization reversal (`reversalInformation`) or a capture (`processingOptions.capture` is set to `true`), you must use the same currency that you used in your payment authorization request.  #### PIN Debit Currency for the amount you requested for the PIN debit purchase. This value is returned for partial authorizations. The issuing bank can approve a partial amount if the balance on the debit card is less than the requested transaction amount. For the possible values, see the [ISO Standard Currency Codes](https://developer.cybersource.com/library/documentation/sbc/quickref/currencies.pdf). Returned by PIN debit purchase.  For PIN debit reversal requests, you must use the same currency that was used for the PIN debit purchase or PIN debit credit that you are reversing. For the possible values, see the [ISO Standard Currency Codes](https://developer.cybersource.com/library/documentation/sbc/quickref/currencies.pdf).  Required field for PIN Debit purchase and PIN Debit credit requests. Optional field for PIN Debit reversal requests.  #### GPX This field is optional for reversing an authorization or credit.  #### DCC for First Data Your local currency. For details, see the `currency` field description in [Dynamic Currency Conversion For First Data Using the SCMP API](http://apps.cybersource.com/library/documentation/dev_guides/DCC_FirstData_SCMP/DCC_FirstData_SCMP_API.pdf).  #### Tax Calculation Required for international tax and value added tax only. Optional for U.S. and Canadian taxes. Your local currency.  | [optional] 
+**processorTransactionFee** | **String** | The fee decided by the PSP/Processor per transaction. | [optional] 
 
 

docs/PtsV2PaymentsPost201ResponseProcessorInformation.md

@@ -31,5 +31,7 @@ Name | Type | Description | Notes
 **routing** | [**PtsV2PaymentsPost201ResponseProcessorInformationRouting**](PtsV2PaymentsPost201ResponseProcessorInformationRouting.md) |  | [optional] 
 **merchantNumber** | **String** | Identifier that was assigned to you by your acquirer. This value must be printed on the receipt.  #### Returned by Authorizations and Credits.  This reply field is only supported by merchants who have installed client software on their POS terminals and use these processors: - American Express Direct - Credit Mutuel-CIC - FDC Nashville Global - OmniPay Direct - SIX  | [optional] 
 **retrievalReferenceNumber** | **String** | #### Ingenico ePayments Unique number that CyberSource generates to identify the transaction. You can use this value to identify transactions in the Ingenico ePayments Collections Report, which provides settlement information. Contact customer support for information about the report.  ### CyberSource through VisaNet Retrieval request number.  | [optional] 
+**paymentUrl** | **String** | Direct the customer to this URL to complete the payment. | [optional] 
+**completeUrl** | **String** | The redirect URL for forwarding the consumer to complete page.  This redirect needed by PSP to track browser information of consumer. PSP then redirect consumer to merchant success URL.  | [optional] 
 
 

docs/Ptsv2paymentsBuyerInformation.md

@@ -9,6 +9,8 @@ Name | Type | Description | Notes
 **companyTaxId** | **String** | Company’s tax identifier. This is only used for eCheck service.  ** TeleCheck ** Contact your TeleCheck representative to find out whether this field is required or optional.  ** All Other Processors ** Not used.  | [optional] 
 **personalIdentification** | [**[Ptsv2paymentsBuyerInformationPersonalIdentification]**](Ptsv2paymentsBuyerInformationPersonalIdentification.md) |  | [optional] 
 **hashedPassword** | **String** | The merchant's password that CyberSource hashes and stores as a hashed password.  For details about this field, see the `customer_password` field description in _Decision Manager Using the SCMP API Developer Guide_ on the [CyberSource Business Center.](https://ebc2.cybersource.com/ebc2/) Click **Decision Manager** > **Documentation** > **Guides** > _Decision Manager Using the SCMP API Developer Guide_ (PDF link).  | [optional] 
+**gender** | **String** | Customer's gender. Possible values are F (female), M (male),O (other). | [optional] 
+**language** | **String** | language setting of the user | [optional] 
 **mobilePhone** | **Number** | Cardholder’s mobile phone number. **Important** Required for Visa Secure transactions in Brazil. Do not use this request field for any other types of transactions.  | [optional] 
 
 

docs/Ptsv2paymentsClientReferenceInformation.md

@@ -4,6 +4,7 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **code** | **String** | Merchant-generated order reference or tracking number. It is recommended that you send a unique value for each transaction so that you can perform meaningful searches for the transaction.  #### Used by **Authorization** Required field.  #### PIN Debit Requests for PIN debit reversals need to use the same merchant reference number that was used in the transaction that is being reversed.  Required field for all PIN Debit requests (purchase, credit, and reversal).  #### FDC Nashville Global Certain circumstances can cause the processor to truncate this value to 15 or 17 characters for Level II and Level III processing, which can cause a discrepancy between the value you submit and the value included in some processor reports.  | [optional] 
+**reconciliationId** | **String** | Reference number for the transaction. Depending on how your Cybersource account is configured, this value could either be provided in the API request or generated by CyberSource. The actual value used in the request to the processor is provided back to you by Cybersource in the response.  | [optional] 
 **pausedRequestId** | **String** | Used to resume a transaction that was paused for an order modification rule to allow for payer authentication to complete. To resume and continue with the authorization/decision service flow, call the services and include the request id from the prior decision call.  | [optional] 
 **transactionId** | **String** | Identifier that you assign to the transaction. Normally generated by a client server to identify a unique API request.  **Note** Use this field only if you want to support merchant-initiated reversal and void operations.  #### Used by **Authorization, Authorization Reversal, Capture, Credit, and Void** Optional field.  #### PIN Debit For a PIN debit reversal, your request must include a request ID or a merchant transaction identifier. Optional field for PIN debit purchase or credit requests.  | [optional] 
 **comments** | **String** | Comments | [optional] 

docs/Ptsv2paymentsDeviceInformation.md

@@ -8,6 +8,7 @@ Name | Type | Description | Notes
 **userAgent** | **String** | Customer’s browser as identified from the HTTP header data. For example, `Mozilla` is the value that identifies the Netscape browser.  | [optional] 
 **fingerprintSessionId** | **String** | Field that contains the session ID that you send to Decision Manager to obtain the device fingerprint information. The string can contain uppercase and lowercase letters, digits, hyphen (-), and underscore (_). However, do not use the same uppercase and lowercase letters to indicate different session IDs.  The session ID must be unique for each merchant ID. You can use any string that you are already generating, such as an order number or web session ID.  The session ID must be unique for each page load, regardless of an individual’s web session ID. If a user navigates to a profiled page and is assigned a web session, navigates away from the profiled page, then navigates back to the profiled page, the generated session ID should be different and unique. You may use a web session ID, but it is preferable to use an application GUID (Globally Unique Identifier). This measure ensures that a unique ID is generated every time the page is loaded, even if it is the same user reloading the page.  | [optional] 
 **useRawFingerprintSessionId** | **Boolean** | Boolean that indicates whether request contains the device fingerprint information. Values: - `true`: Use raw fingerprintSessionId when looking up device details. - `false` (default): Use merchant id + fingerprintSessionId as the session id for Device detail collection.  | [optional] 
+**deviceType** | **String** | The device type at the client side. | [optional] 
 **rawData** | [**[Ptsv2paymentsDeviceInformationRawData]**](Ptsv2paymentsDeviceInformationRawData.md) |  | [optional] 
 **httpAcceptBrowserValue** | **String** | Value of the Accept header sent by the customer’s web browser. **Note** If the customer’s browser provides a value, you must include it in your request.  | [optional] 
 **httpAcceptContent** | **String** | The exact content of the HTTP accept header.  | [optional] 

docs/Ptsv2paymentsInvoiceDetails.md

@@ -0,0 +1,8 @@
+# CyberSource.Ptsv2paymentsInvoiceDetails
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**barcodeNumber** | **String** | Barcode ID scanned from the Payment Application. | [optional] 
+
+

docs/Ptsv2paymentsMerchantInformation.md

@@ -13,6 +13,9 @@ Name | Type | Description | Notes
 **cardAcceptorReferenceNumber** | **String** | Reference number that facilitates card acceptor/corporation communication and record keeping.  For processor-specific information, see the `card_acceptor_ref_number` field description in [Level II and Level III Processing Using the SCMP API.](http://apps.cybersource.com/library/documentation/dev_guides/Level_2_3_SCMP_API/html)  | [optional] 
 **transactionLocalDateTime** | **String** | Date and time at your physical location.  Format: `YYYYMMDDhhmmss`, where:  - `YYYY` = year  - `MM` = month  - `DD` = day  - `hh` = hour  - `mm` = minutes  - `ss` = seconds  #### Used by **Authorization** Required for these processors: - American Express Direct                                                                                                                                                                                                                                                                                                                         - American Express Direct - Credit Mutuel-CIC - FDC Nashville Global - SIX  Optional for all other processors.  | [optional] 
 **serviceFeeDescriptor** | [**Ptsv2paymentsMerchantInformationServiceFeeDescriptor**](Ptsv2paymentsMerchantInformationServiceFeeDescriptor.md) |  | [optional] 
+**cancelUrl** | **String** | customer would be redirected to this url based on the decision of the transaction | [optional] 
+**successUrl** | **String** | customer would be redirected to this url based on the decision of the transaction | [optional] 
+**failureUrl** | **String** | customer would be redirected to this url based on the decision of the transaction | [optional] 
 **merchantName** | **String** | Use this field only if you are requesting payment with Payer Authentication serice together.  Your company’s name as you want it to appear to the customer in the issuing bank’s authentication form. This value overrides the value specified by your merchant bank.  | [optional]