RubyGems - solidus_braintree - Versions diffs - 1.2.0 → 3.0.0 - Mend

solidus_braintree 1.2.0 → 3.0.0

Files changed (213) hide show

data/README.md CHANGED Viewed

@@ -1,51 +1,416 @@
-# Solidus Braintree
+# SolidusBraintree
-[![Build Status](https://travis-ci.org/solidusio/solidus_braintree.svg?branch=master)](https://travis-ci.org/solidusio/solidus_braintree)
+[![CircleCI](https://circleci.com/gh/solidusio/solidus_braintree.svg?style=shield)](https://circleci.com/gh/solidusio/solidus_braintree)
+[![codecov](https://codecov.io/gh/solidusio/solidus_braintree/branch/master/graph/badge.svg)](https://codecov.io/gh/solidusio/solidus_braintree)
-`solidus_braintree` is a gem that adds [Braintree v.zero](https://www.braintreepayments.com/v-zero) support to the [solidus](http://solidus.io/) E-commerce platform.
+`solidus_braintree` is an extension that adds support for using [Braintree](https://www.braintreepayments.com) as a payment source in your [Solidus](https://solidus.io/) store. It uses Braintree's [JavaScript v3 SDK](https://braintree.github.io/braintree-web/current/) to support the following Braintree payment method types:
-It provides support for credit card and Paypal payment methods via the `Spree::CreditCard`
-It will add the braintree-drop-in form for payment methods in the payment form of spree/backend. Spree front-end is currently unsupported.
+* [Apple Pay](https://developer.paypal.com/braintree/docs/guides/apple-pay/overview)
+* [Venmo](https://developer.paypal.com/braintree/docs/guides/venmo/overview)
+* [PayPal Checkout](https://developer.paypal.com/braintree/docs/guides/paypal/overview/javascript/v3)
+* [Credit Cards](https://developer.paypal.com/braintree/docs/guides/credit-cards/overview) via [Hosted Forms](https://developer.paypal.com/braintree/docs/guides/hosted-fields/overview)
 ## Installation
-Add this line to your solidus application's Gemfile:
+Add solidus_braintree to your Gemfile:
+```ruby
+gem 'solidus_braintree'
+```
+Bundle your dependencies and run the installation generator:
+```shell
+bundle
+bundle exec rails g solidus_braintree:install
+```
+## Upgrading (including migration from SolidusPaypalBraintree)
+See https://github.com/solidusio/solidus_braintree/wiki/Upgrading.
+## Compatibility
+Here are the versions of SolidusBraintree and their compatible Solidus and frontend versions:
+| Version              | Maintenance Status          | Frontend               | Branch   |
+|----------------------|-----------------------------|------------------------|----------|
+| SolidusBraintree 3.0 | New features                | SolidusStarterFrontend | [master] |
+| SolidusBraintree 2.0 | Security patches, bug fixes | SolidusFrontend        | [v2.x]   |
+| SolidusBraintree 1.2 | Deprecated                  | SolidusFrontend        | [v1.x]   |
+[v1.x]: https://github.com/solidusio/solidus_braintree/tree/v1.x
+[v2.x]: https://github.com/solidusio/solidus_braintree/tree/v2.x
+[master]: https://github.com/solidusio/solidus_braintree/tree/master
+## Basic Setup
+### Retrieve Braintree account details
+You'll need the following account details:
+- `Merchant ID`
+- `Public key`
+- `Private key`
+These values can be obtained by logging in to your Braintree account, going
+to `Account -> My User` and clicking `View Authorizations` in the **API Keys,
+Tokenization Keys, Encryption Keys** section.
+### Create a new payment method
+Payment methods can accept preferences either directly entered in admin, or from a static source in code. For most projects we recommend using a static source, so that sensitive account credentials are not stored in the database.
+1. Set static preferences in an initializer
+  ```ruby
+  # config/initializers/spree.rb
+  Rails.application.config.to_prepare do
+    Spree::Config.static_model_preferences.add(
+      SolidusBraintree::Gateway,
+      'braintree_credentials', {
+        environment: Rails.env.production? ? 'production' : 'sandbox',
+        merchant_id: ENV['BRAINTREE_MERCHANT_ID'],
+        public_key: ENV['BRAINTREE_PUBLIC_KEY'],
+        private_key: ENV['BRAINTREE_PRIVATE_KEY'],
+        paypal_flow: 'vault', # 'checkout' is accepted too
+        use_data_collector: true # Fingerprint the user's browser when using Paypal
+      }
+    )
+  end
+  ```
+  Other optional preferences are discussed below.
+2. Visit `/admin/payment_methods/new`
+3. Set `provider` to SolidusBraintree::Gateway
+4. Click "Save"
+5. Choose `braintree_credentials` from the `Preference Source` select
+6. Click `Update` to save
+Alternatively, create a payment method from the Rails console with:
+```ruby
+SolidusBraintree::Gateway.new(
+  name: "Braintree",
+  preference_source: "braintree_credentials"
+).save
+```
+### Configure payment types
+Your payment method can accept payments in three ways: through Paypal, through ApplePay, or with credit card details entered directly by the customer. By default all are disabled for all your site's stores. Before proceeding to checkout, ensure you've created a Braintree configuration for your store:
+1. Visit /solidus_braintree/configurations/list
+2. Check the payment types you'd like to accept. If your site has multiple stores, there'll be a set of checkboxes for each.
+3. Click `Save changes` to save
+  Or from the console:
+  ```ruby
+  Spree::Store.all.each do |store|
+    store.create_braintree_configuration(
+      credit_card: true,
+      paypal: true,
+      apple_pay: true,
+      venmo: true
+    )
+  end
+  ```
+4. If your site uses an unmodified Solidus Starter Frontend, it should now be ready to take payments. See below for more information on configuring Paypal and ApplePay.
+5. Typical Solidus sites will have customized frontend code, and may require some additional work. Use `lib/views/frontend/spree/checkout/payment/_braintree.html.erb` and `app/assets/javascripts/solidus_braintree/checkout.js` as models.
+## Apple Pay
+### Developing with Apple Pay
+You'll need the following:
+- A device running iOS 10+.
+- An Apple Pay sandbox account. You can check out Apple's [documentation](https://developer.apple.com/support/apple-pay-sandbox/) for additional help in performing this step.
+- A site served via HTTPS. To set this up for development we recommend setting up a reverse proxy server. There are [lots of guides](https://www.google.ca/search?q=nginx+reverse+proxy+ssl+localhost) on how this can be achieved.
+- A Braintree sandbox account with Apple Pay enabled (`Settings>Processing`) and configured (`Settings>Processing>Options`) with your Apple Merchant ID and the HTTPS domain for your site.
+- A sandbox user logged in to your device, with a [test card](https://developer.apple.com/support/apple-pay-sandbox/) in its Wallet
+### Enabling Apple Pay for custom frontends
+The following is a relatively bare-bones implementation to enable Apple Pay on the frontend:
+```html
+<% if current_store.braintree_configuration.apple_pay? %>
+  <script src="https://js.braintreegateway.com/web/3.84.0/js/apple-pay.min.js"></script>
+  <button id="apple-pay-button" class="apple-pay-button"></button>
+  <script>
+    var applePayButtonElement = document.getElementById('apple-pay-button');
+    var applePayOptions = {
+      paymentMethodId: <%= id %>,
+      storeName: "<%= current_store.name %>",
+      orderEmail: "<%= current_order.email %>",
+      amount: "<%= current_order.total %>",
+      shippingContact: {
+        emailAddress: '<%= current_order.email %>',
+        givenName: '<%= address.firstname %>',
+        familyName: '<%= address.lastname %>',
+        phoneNumber: '<%= address.phone %>',
+        addressLines: ['<%= address.address1 %>','<%= address.address2 %>'],
+        locality: '<%= address.city %>',
+        administrativeArea: '<%= address.state.name %>',
+        postalCode: '<%= address.zipcode %>',
+        country: '<%= address.country.name %>',
+        countryCode: '<%= address.country.iso %>'
+      }
+    };
+    var button = new SolidusBraintree.createApplePayButton(applePayButtonElement, applePayOptions);
+    button.initialize();
+  </script>
+<% end %>
+```
+### Further Apple Pay information
+Braintree has some [excellent documentation](https://developers.braintreepayments.com/guides/apple-pay/configuration/javascript/v3) on what you'll need to do to get Apple Pay up and running.
+For additional information check out [Apple's documentation](https://developer.apple.com/reference/applepayjs/) and [Braintree's documentation](https://developers.braintreepayments.com/guides/apple-pay/client-side/javascript/v3).
+## Venmo
+There are two ways for users to use Venmo for payments:
+1. Braintree's native Venmo integration, which supports vaulting of payment sources. [See more.](#Braintree's-Venmo)
+2. Through the PayPal buttons when using checkout flow, therefore doesn't support vaulting. [See more.](#PayPal-financing-options)
+### PayPal's Venmo financing option
+To add Venmo for PayPal, [see here](#paypal-venmo)
+### Braintree's Venmo
+#### Note
+- Only available as a financing option on the checkout page; Venmo currently does not support shipping callbacks so it cannot be on the cart page.
+- Currently available to US merchants and buyers and there are also other prequisites.
+  - https://developer.paypal.com/docs/business/checkout/pay-with-venmo/#eligibility
+  - https://developer.paypal.com/braintree/articles/guides/payment-methods/venmo#availability
+#### Integration:
+1. Enable Venmo in your [Braintree account](https://developer.paypal.com/braintree/articles/guides/payment-methods/venmo#setup)
+2. Enable Venmo in your [store's Braintree configuration](#configure-payment-types).
+3. Ensure your Braintree API credentials are in the Braintree payment method.
+4. Set your Braintree payment method's preference of `preferred_venmo_new_tab_support` to `false` if your store cannot handle Venmo returning a user to a new tab after payment. This may be because your website is a single-page applicaiton (SPA). On mobile, the user may be returned to the same store tab if their browser supports it, otherwise a new tab will be created (unless you have this preference as `false`).
+By default your default Venmo business account will be used. If you want to use a non-default profile, override
+the `SolidusBraintree::Gateway` `#venmo_business_profile_id` method with its id.
+#### Testing
+Test the following scenarios:
+- Ensure the Venmo checkout button opens a modal with a QR code and is closeable.
+- Do a full transaction
+- Ensure that you can also save the payment source in the user wallet.
+- Ensure the saved Venmo wallet payment source loads in the partial correctly.
+- Ensure the saved Venmo payment source can be reused for another order.
+- Test doing transactions on the admin
+- Testing voiding and refunding Venmo transactions
+You'll need the Venmo app in order to fully test the integration. However, if you are outside of the US, this is not an option. You can fake the tokenization by:
+- Altering the `venmo_button.js` file to call the `handleVenmoSuccess` function instead of tokenizing; or
+- Manually doing its steps:
+  1. Update the #venmo_payment_method_nonce hidden input value to "fake-venmo-account-nonce".
+  2. Remove the disabled attributes from the venmo-fields inputs.
+  3. If you have hosted fields on the page (`credit_card` enabled in Braintree configuration), remove it's submit button listener:
+    `$('#checkout_form_payment').off('submit');`
+[More information](https://developer.paypal.com/braintree/articles/guides/payment-methods/venmo#availability)
+#### Customization:
+In your [store's Braintree configuration](#configure-payment-types), you can customize the Venmo checkout button's color and width.
+Note, other images such as Venmo's full logo and shortened "V" logo are included in the assets.
+Ensure that you follow [Venmo's guidelines](https://developer.paypal.com/braintree/docs/files/venmo-merchant-integration-guidelines.pdf) when making other style changes, otherwise failing to comply can lead to an interruption of your Venmo service.
+## PayPal
+A default checkout view is provided that will display PayPal as a payment option.
+It will only be displayed if the `SolidusBraintree::Gateway` payment
+method is configured to display on the frontend and PayPal is enabled in the
+store's configuration.
+You can find button configuration options in
+`/solidus_braintree/configurations/list` if you want to change the color,
+shape, layout, and a few other options. For more information check out
+[PayPal's documentation](https://developer.paypal.com/docs/platforms/checkout/reference/style-guide/#layout).
+Keep in mind that:
+- `paypal_button_tagline` does not work when the `paypal_button_layout` is set to `vertical`, and will be ignored; and
+- `paypal_button_layout` of `horizontal` limits financing options/buttons to 2, where as `vertical` is 4.
+  Other available financing options after the limit will not be rendered in the PayPal's iframe DOM.
+The checkout view
+[initializes the PayPal button](/lib/views/frontend/spree/checkout/payment/_braintree.html.erb)
+using the
+[Vault flow](https://developers.braintreepayments.com/guides/paypal/overview/javascript/v3),
+which allows the source to be reused. Please note that PayPal messaging is disabled with vault flow. If you want, you can use [Checkout with PayPal](https://developers.braintreepayments.com/guides/paypal/checkout-with-paypal/javascript/v3)
+instead, which doesn't allow you to reuse sources but allows your customers to pay with their PayPal
+balance and with PayPal financing options ([see setup instructions](#create-a-new-payment-method)). More information about other [financing options below](#paypal-financing-options).
+If you are creating your own checkout view or would like to customize the
+[options that get passed to tokenize](https://braintree.github.io/braintree-web/3.6.3/PayPal.html#tokenize)
+, you can initialize your own using the `CreatePaypalButton` JS object:
+```javascript
+var paypalOptions = {
+  // your configuration options here
+}
+var button = new SolidusBraintree.createPaypalButton(document.querySelector("#your-button-id"), paypalOptions);
+button.initialize();
+```
+### Express checkout from the cart
+A PayPal button can also be included on the cart view to enable express checkouts:
+```ruby
+render "spree/shared/paypal_cart_button"
+```
+### PayPal financing options
+When using 'checkout' `paypal flow` and not 'vault'. Your customers can have different finance options such as
+- paylater
+- Venmo
+#### PayPal Venmo
+Venmo is currently available to US merchants and buyers. There are also other [prequisites](https://developer.paypal.com/docs/business/checkout/pay-with-venmo/#eligibility).
+By default, the extension and Braintree will try to render a Venmo button to buyers when prequisites are met and you have enabled it in your Braintree account).
+Set the SolidusBraintree `PaymentMethod` `enable_venmo_funding` preference to:
+- `enabled`, available as a PayPal funding option (if other prequisites are met); or
+- `disabled` (default).
+Note, Venmo is currently only available as a financing option on the checkout page; Venmo currently does not support shipping callbacks so it cannot be on the cart page.
+[_As Venmo is only available in the US, you may want to mock your location for testing_](#mocking-your-buyer-country)
+### PayPal Financing Messaging
+PayPal offers an [on-site messaging component](https://www.paypal.com/us/webapps/mpp/on-site-messaging) to notify the customer that there are financing options available. This component is included in both the cart and checkout partials, but is disabled by default. To enable this option, you'll need to use the `checkout` flow, and set the `paypal button messaging` option to `true` in your Braintree configuration.
+You can also include this view partial to implement this messaging component anywhere - for instance, on the product page:
 ```ruby
-gem "solidus_braintree"
+render "spree/shared/paypal_messaging, options: {total: @product.price, placement: "product", currency: 'USD'}"
 ```
-And then execute:
+While we provide the messaging component on the payment buttons for cart and checkout, you're expected to move these to where they make the most sense for your frontend. PayPal recommends keeping the messaging directly below wherever the order or product total is located.
-    $ bundle
-    $ bundle exec rails g solidus_braintree:install
+#### PayPal configuration
+If your store requires the [phone number into user addresses](https://github.com/solidusio/solidus/blob/859143f3f061de79cc1b385234599422b8ae8e21/core/app/models/spree/address.rb#L151-L153)
+you'll need to configure PayPal to return the phone back when it returns the
+address used by the user:
-## Fraud detection
+1. Log into your PayPal account
+2. Hover over the user in the Navbar to get the dropdown
+3. Click on Account Settings
+4. In the left panel under Products & Services, click Website Payments
+5. Click Update for Website Preferences
+6. Set Contact Telephone to `On (Required Field)` or `On (Optional Field)`
-This gem has support for the advanced fraud tools flow from Braintree, to activate
-fully the associated Braintree account must enable advanced fraud tools in the
-Control Panel.
+Using the option `Off` will not make the address valid and will raise a
+validation error.
-## Usage
+#### Disabling the data collector
-This gem extends your solidus application by adding a `POST /api/payment_client_token` endpoint to you application to generate Braintree payment client token. This endpoint requires an authentication token in your request header.
+For fraud prevention, PayPal recommends using a data collector to collect device
+information, which we've included by default. You're able to turn off the PayPal
+data collector on the payment method preferences if you desire. If you use
+static preferences, add `use_data_collector: false` to your initializer.
-It creates a new `PaymentMethod` class called `Solidus::Gateway::BraintreeGateway`. You can configure this payment method in the admin and add your Braintree public/private keys and merchant id. The admin will render a Braintree dropin container when prompting you to create an order payment.
+## Credit cards
-It adds a json or text `data` field on `Spree::CreditCard` for storing additional information received from Braintree for addtional payment methods.
+### Hosted Fields Styling
+You can style the Braintree credit card fields by using the `credit_card_fields_style` preference on the payment method. The `credit_card_fields_style` will be passed to the `style` key when initializing the credit card fields. You can find more information about styling hosted fields can be found [here.](https://developers.braintreepayments.com/guides/hosted-fields/styling/javascript/v3)
+You can also use the `placeholder_text` preference on the payment method to set the placeholder text you'd like to use for each of the hosted fields. You'll pass the field name in as the key, and the placeholder text you'd like to use as the value. For example:
+```ruby
+  { number: "Enter card number", cvv: "Enter CVV", expirationDate: "mm/yy" }
+```
+### 3D Secure
+This gem supports [3D Secure 2](https://developers.braintreepayments.com/guides/3d-secure/overview),
+which satisfies the [Strong Customer Authentication (SCA)](https://www.braintreepayments.com/blog/getting-up-to-speed-on-psd2-regulation-2/)
+requirements introduced by PSD2.
+3D Secure can be enabled from Solidus Admin -> Braintree (left-side menu) ->
+tick _3D Secure_ checkbox.
+Once enabled, you can use the following card numbers to test 3DS 2 on your
+client side in sandbox:
+https://developers.braintreepayments.com/guides/3d-secure/migration/javascript/v3#client-side-sandbox-testing.
+## Optional configuration
+### Accepting multiple currencies
+The payment method also provides an optional preference `merchant_currency_map`.
+This preference allows users to provide different Merchant Account Ids for
+different currencies. If you only plan to accept payment in one currency, the
+defaut Merchant Account Id will be used and you can omit this option.
+An example of setting this preference can be found
+[here](https://github.com/solidusio/solidus_braintree/blob/bf5fe0e154d38f7c498f1c54450bb4de7608ff04/spec/support/gateway_helpers.rb#L11-L13).
+In addition to this, you can also specify different PayPal accounts for each
+currency by using the `paypal_payee_email_map` preference. If you only want
+to use one PayPal account for all currencies, then you can ignore this option.
+You can find an example of setting this preference [here](https://github.com/solidusio/solidus_braintree/blob/bf5fe0e154d38f7c498f1c54450bb4de7608ff04/spec/support/gateway_helpers.rb#L14-L16).
+### Default store configuration
+The migrations for this gem will add a default configuration to all stores that
+has each payment type disabled. It also adds a `before_create` callback to
+`Spree::Store` that builds a default configuration. You can customize the
+default configuration that gets created by overriding the private
+`build_default_configuration` method on `Spree::Store`.
+## Testing
+To run the specs it is required to set the Braintree test account data in these environment variables:
+`BRAINTREE_PUBLIC_KEY`, `BRAINTREE_PRIVATE_KEY`, `BRAINTREE_MERCHANT_ID` and `BRAINTREE_PAYPAL_PAYEE_EMAIL`
+First bundle your dependencies, then run `rake`. `rake` will default to building the dummy app if it does not exist, then it will run specs, and [Rubocop](https://github.com/bbatsov/rubocop) static code analysis. The dummy app can be regenerated by using `rake test_app`.
+```shell
+bundle
+bundle exec rake
+```
+When testing your applications integration with this extension you may use it's factories.
+Simply add this require statement to your spec_helper:
+```ruby
+require 'solidus_braintree/factories'
+```
 ## Development
-After checking out the repo, run `bin/setup` to install dependencies. To run tests, first generate a test app by running `rake test_app`. Then, run `rake rspec` which will run the test suite. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+### Mocking your buyer country
+PayPal looks at the buyer's IP geolocation to determine what funding sources should be available to them. Because for example, Venmo is currently only available to US buyers. Because of this, you may want to pretend that you are from US so you can check if Venmo is correctly integrated for these customers. To do this, set the payment method's preference of `force_buyer_country` to "US". See more information about preferences above.
+This preference has no effect on production.
+### Running the sandbox
+To run this extension in a sandboxed Solidus application, you can run `bin/sandbox`. The path for
+the sandbox app is `./sandbox` and `bin/rails` will forward any Rails commands to
+`sandbox/bin/rails`.
+Here's an example:
+```
+$ bin/rails server
+=> Booting Puma
+=> Rails 7.0.4 application starting in development
+* Listening on tcp://127.0.0.1:3000
+Use Ctrl-C to stop
+```
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+### Releasing new versions
-## Contributing
+Please refer to the dedicated [page](https://github.com/solidusio/solidus/wiki/How-to-release-extensions) on Solidus wiki.
-Bug reports and pull requests are welcome on GitHub at https://github.com/solidusio/solidus_braintree.
 ## License
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+Copyright (c) 2016-2020 Stembolt and others contributors, released under the New BSD License

data/Rakefile CHANGED Viewed

@@ -1,21 +1,11 @@
-require "rspec/core/rake_task"
-require 'spree/testing_support/extension_rake'
+# frozen_string_literal: true
-RSpec::Core::RakeTask.new(:spec)
-require 'bundler'
-Bundler::GemHelper.install_tasks
+require 'solidus_dev_support/rake_tasks'
+SolidusDevSupport::RakeTasks.install
 task :default do
-  if Dir["spec/dummy"].empty?
-    Rake::Task[:test_app].invoke
-    Dir.chdir("../../")
+  require 'bundler'
+  Bundler.with_unbundled_env do
+    sh 'bin/rspec'
   end
-  Rake::Task[:spec].invoke
-end
-desc "Generates a dummy app for testing"
-task :test_app do
-  ENV['LIB_NAME'] = 'solidus_braintree'
-  Rake::Task['extension:test_app'].invoke
 end

data/app/assets/config/solidus_braintree_manifest.js ADDED Viewed

File without changes