solidus_stripe 3.1.0 → 4.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 929c7fff2fc949fe3979ae7a9403903b563a3ef67c5c8588f171c9bf42181ce6
-  data.tar.gz: a00f65c3222947871e6a97e5fd3e7d72eb7e5edc134128e300578ff68b13f876
+  metadata.gz: fbb4f65f220249d05424544fea63ae4b7ee065a735d9ad75d30212f90f11c2e9
+  data.tar.gz: 0167d591c1bad084130963d11dc0d823d51e9fb7b26d04964634ba87d79f7a8f
 SHA512:
-  metadata.gz: 8090f338dfefc83e121000e88d467eabc6631e6501eea750b2103c31d285a1a28364e01968c0586f564099780d69bde29f736cc2bf4b34f9456b7bf02ea84501
-  data.tar.gz: d7e5b50dd60a80c74754acd3bbcc0552af926c04d05f380995319a0336daf2aa37f8c127966d68dcecf8bb308d7ef6607ff5d948bc2e23a1544179a41c93fac5
+  metadata.gz: 5006bc7738c469e4d00f0f709c51691f56dad323a418283b0d361d04728140a4bf1069be861ff5d08df98b06e3147d0fa91ea004fe741e5c8229e720702b6c8a
+  data.tar.gz: 2dfea9b20b5dabc2f1199256fb04a3911e811f62d97de95e07cb5f675ba3c70105c81ff8b6ea8fb34f6cf19eb4b1e380a0ae8fd28acccad715c45f8cd9064b56

data/.gitignore

@@ -16,3 +16,4 @@ pkg
 *.swp
 spec/dummy
 spec/examples.txt
+/sandbox

data/.rubocop.yml

@@ -1,2 +1,7 @@
 require:
   - solidus_dev_support/rubocop
+
+AllCops:
+  Exclude:
+    - sandbox/**/*
+    - spec/dummy/**/*

data/CHANGELOG.md

@@ -1,12 +1,68 @@
 # Changelog
 
-## [Unreleased](https://github.com/solidusio/solidus_stripe/tree/HEAD)
+## [v4.1.0](https://github.com/solidusio/solidus_stripe/tree/v4.1.0) (2020-07-01)
 
-[Full Changelog](https://github.com/solidusio/solidus_stripe/compare/v3.0.0...HEAD)
+[Full Changelog](https://github.com/solidusio/solidus_stripe/compare/v4.0.0...v4.1.0)
+
+**Fixed bugs:**
+
+- Card name ignored when adding new card to an order during checkout [\#68](https://github.com/solidusio/solidus_stripe/issues/68)
+- Try to find address state also by name [\#65](https://github.com/solidusio/solidus_stripe/pull/65) ([spaghetticode](https://github.com/spaghetticode))
+- Fix order cancel with Payment Intents captured payment [\#57](https://github.com/solidusio/solidus_stripe/pull/57) ([spaghetticode](https://github.com/spaghetticode))
+- \[ADMIN\] Order cancel doen't work with Payment Intents captured payments [\#56](https://github.com/solidusio/solidus_stripe/issues/56)
+
+**Merged pull requests:**
+
+- Save correct cardholder name in Spree::CreditCard [\#69](https://github.com/solidusio/solidus_stripe/pull/69) ([spaghetticode](https://github.com/spaghetticode))
+- Update Readme [\#63](https://github.com/solidusio/solidus_stripe/pull/63) ([aleph1ow](https://github.com/aleph1ow))
+- Remove credit cards image [\#62](https://github.com/solidusio/solidus_stripe/pull/62) ([aleph1ow](https://github.com/aleph1ow))
+- Remove Stripe::CardError leftover [\#58](https://github.com/solidusio/solidus_stripe/pull/58) ([spaghetticode](https://github.com/spaghetticode))
+- Update gemspec URLs [\#54](https://github.com/solidusio/solidus_stripe/pull/54) ([elia](https://github.com/elia))
+- fix typo [\#51](https://github.com/solidusio/solidus_stripe/pull/51) ([ccarruitero](https://github.com/ccarruitero))
+
+**Closed issues:**
+
+- Could not find generator 'solidus\_stripe:install' [\#60](https://github.com/solidusio/solidus_stripe/issues/60)
+- Payment Intent creation exception handling with class not present in the gem [\#55](https://github.com/solidusio/solidus_stripe/issues/55)
+- Using static credentials  [\#52](https://github.com/solidusio/solidus_stripe/issues/52)
+- Auto capture behavior in v4.0.0 [\#50](https://github.com/solidusio/solidus_stripe/issues/50)
+
+## [v4.0.0](https://github.com/solidusio/solidus_stripe/tree/v4.0.0) (2020-04-29)
+
+[Full Changelog](https://github.com/solidusio/solidus_stripe/compare/v3.0.0...v4.0.0)
+
+**Fixed bugs:**
+
+- Duplicates charges with Payment Intents [\#44](https://github.com/solidusio/solidus_stripe/issues/44)
+- Fix for 3D-Secure payments on cart page checkout [\#49](https://github.com/solidusio/solidus_stripe/pull/49) ([spaghetticode](https://github.com/spaghetticode))
+- Send form data also when paying with payment request button [\#47](https://github.com/solidusio/solidus_stripe/pull/47) ([spaghetticode](https://github.com/spaghetticode))
+- Create a single charge when using Stripe Payment Intents [\#45](https://github.com/solidusio/solidus_stripe/pull/45) ([spaghetticode](https://github.com/spaghetticode))
 
 **Closed issues:**
 
+- Custom stripe element field options \(e.g for showing a credit card icon\) [\#41](https://github.com/solidusio/solidus_stripe/issues/41)
+- Stripe Elements submit button stuck in disabled state. [\#39](https://github.com/solidusio/solidus_stripe/issues/39)
+- Visa credit card type is blank [\#36](https://github.com/solidusio/solidus_stripe/issues/36)
 - Pay with Apple Pay from cart page [\#23](https://github.com/solidusio/solidus_stripe/issues/23)
+- Clearer documentation on how to implement [\#15](https://github.com/solidusio/solidus_stripe/issues/15)
+
+**Merged pull requests:**
+
+- Relax solidus\_support dependency [\#48](https://github.com/solidusio/solidus_stripe/pull/48) ([kennyadsl](https://github.com/kennyadsl))
+- Replace deprecated route `/stripe/confirm\_payment` [\#46](https://github.com/solidusio/solidus_stripe/pull/46) ([spaghetticode](https://github.com/spaghetticode))
+- Custom Stripe Elements field options [\#42](https://github.com/solidusio/solidus_stripe/pull/42) ([stuffmatic](https://github.com/stuffmatic))
+- Improve the way Stripe Elements validation errors are displayed [\#40](https://github.com/solidusio/solidus_stripe/pull/40) ([stuffmatic](https://github.com/stuffmatic))
+- Fix stripe-to-solidus card type mapping [\#38](https://github.com/solidusio/solidus_stripe/pull/38) ([stuffmatic](https://github.com/stuffmatic))
+- Add hook to provide custom Stripe Elements options [\#37](https://github.com/solidusio/solidus_stripe/pull/37) ([stuffmatic](https://github.com/stuffmatic))
+- Change order description that we pass to Stripe [\#35](https://github.com/solidusio/solidus_stripe/pull/35) ([kennyadsl](https://github.com/kennyadsl))
+
+## [v3.2.1](https://github.com/solidusio/solidus_stripe/tree/v3.2.1) (2020-06-29)
+
+[Full Changelog](https://github.com/solidusio/solidus_stripe/compare/v3.2.0...v3.2.1)
+
+**Merged pull requests:**
+
+- Relax solidus\_support version dependency [\#70](https://github.com/solidusio/solidus_stripe/pull/70) ([spaghetticode](https://github.com/spaghetticode))
 
 ## [v3.0.0](https://github.com/solidusio/solidus_stripe/tree/v3.0.0) (2020-03-11)
 

data/Gemfile

@@ -30,3 +30,10 @@ group :development, :test do
 end
 
 gemspec
+
+# Use a local Gemfile to include development dependencies that might not be
+# relevant for the project or for other contributors, e.g. pry-byebug.
+#
+# We use `send` instead of calling `eval_gemfile` to work around an issue with
+# how Dependabot parses projects: https://github.com/dependabot/dependabot-core/issues/1658.
+send(:eval_gemfile, 'Gemfile-local') if File.exist? 'Gemfile-local'

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2020 Solidus Team
+Copyright (c) 2014 Spree Commerce Inc. and other contributors.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -9,7 +9,7 @@ are permitted provided that the following conditions are met:
     * Redistributions in binary form must reproduce the above copyright notice,
       this list of conditions and the following disclaimer in the documentation
       and/or other materials provided with the distribution.
-    * Neither the name Solidus nor the names of its contributors may be used to
+    * Neither the name Spree nor the names of its contributors may be used to
       endorse or promote products derived from this software without specific
       prior written permission.
 

data/README.md

@@ -107,6 +107,25 @@ Spree.config do |config|
 end
 ```
 
+When using the Payment Intents API, be aware that the charge flow will be a bit
+different than when using the old V2 API or Elements. It's advisable that all
+Payment Intents charges are captured only by using the Solidus backend, as it is
+the final source of truth in regards of Solidus orders payments.
+
+A Payment Intent is created as soon as the customer enters their credit card
+data. A tentative charge will be created on Stripe, easily recognizable by its
+description: `Solidus Order ID: R987654321 (pending)`. As soon as the credit
+card is confirmed (ie. when the customer passes the 3DSecure authorization, when
+required) then the charge description gets updated to include the Solidus payment
+number: `Solidus Order ID: R987654321-Z4VYUDB3`.
+
+These charges are created `uncaptured` and will need to be captured in Solidus
+backend later, after the customer confirms the order. If the customer never
+completes the checkout, that charge must remain uncaptured. If the customer
+decides to change their payment method after creating a Payment Request, then
+that Payment Request charge will be canceled.
+
+
 Apple Pay and Google Pay
 -----------------------
 
@@ -119,14 +138,11 @@ Stripe account to receive payments via Apple Pay.
 It's possible to pay with Apple Pay and Google Pay directly from the cart
 page. The functionality is self-contained in the view partial
 `_stripe_payment_request_button.html.erb`. In order to use it, you need
-to load that partial in the `orders#edit` frontend page, and pass it the
+to render that partial in the `orders#edit` frontend page, and pass it the
 payment method configured for Stripe via the local variable
-`cart_checkout_payment_method`, for example using `deface`:
+`cart_checkout_payment_method`:
 
 ```ruby
-# app/overrides/spree/orders/edit/add_payment_request_button.html.erb.deface
-
-<!-- insert_after '[data-hook="cart_container"]' -->
 <%= render 'stripe_payment_request_button', cart_checkout_payment_method: Spree::PaymentMethod::StripeCreditCard.first %>
 ```
 
@@ -210,13 +226,13 @@ You can also style your element containers directly by using CSS rules like this
 
 ### Customizing individual input fields
 
-If you want to customize individual input fields, you can override these methods 
+If you want to customize individual input fields, you can override these methods
 
 * `SolidusStripe.Elements.prototype.cardNumberElementOptions`
 * `SolidusStripe.Elements.prototype.cardExpiryElementOptions`
 * `SolidusStripe.Elements.prototype.cardCvcElementOptions`
 
-and return a valid [options object](https://stripe.com/docs/js/elements_object/create_element?type=cardNumber) for the corresponding field type. For example, this code sets a custom placeholder and enables the credit card icon for the card number field 
+and return a valid [options object](https://stripe.com/docs/js/elements_object/create_element?type=cardNumber) for the corresponding field type. For example, this code sets a custom placeholder and enables the credit card icon for the card number field
 
 ```js
 SolidusStripe.Elements.prototype.cardNumberElementOptions = function () {
@@ -230,7 +246,7 @@ SolidusStripe.Elements.prototype.cardNumberElementOptions = function () {
 
 ### Passing options to the Stripe Elements instance
 
-By overriding the `SolidusStripe.Payment.prototype.elementsBaseOptions` method and returning a [valid options object](https://stripe.com/docs/js/elements_object/create), you can pass custom options to the Stripe Elements instance. 
+By overriding the `SolidusStripe.Payment.prototype.elementsBaseOptions` method and returning a [valid options object](https://stripe.com/docs/js/elements_object/create), you can pass custom options to the Stripe Elements instance.
 
 Note that in order to use web fonts with Stripe Elements, you must specify the fonts when creating the Stripe Elements instance. Here's an example specifying a custom web font and locale:
 
@@ -294,3 +310,5 @@ gem bump --version minor --remote upstream
 gem tag --remote upstream
 gem release
 ```
+
+Copyright (c) 2020 Spree Commerce Inc., released under the New BSD License

data/Rakefile

@@ -3,4 +3,4 @@
 require 'solidus_dev_support/rake_tasks'
 SolidusDevSupport::RakeTasks.install
 
-task default: %w[extension:test_app extension:specs]
+task default: 'extension:specs'

data/app/assets/javascripts/spree/frontend/solidus_stripe/stripe-cart-page-checkout.js

@@ -16,11 +16,14 @@ SolidusStripe.CartPageCheckout.prototype.init = function() {
 };
 
 SolidusStripe.CartPageCheckout.prototype.showError = function(error) {
-  this.errorElement.text(error).show();
+  var message = error.message || error;
+
+  this.errorElement.text(message).show();
 };
 
 SolidusStripe.CartPageCheckout.prototype.submitPayment = function(payment) {
   var showError = this.showError.bind(this);
+  var prTokenHandler = this.prTokenHandler.bind(this);
 
   $.ajax({
     url: $('[data-submit-url]').data('submit-url'),
@@ -29,7 +32,7 @@ SolidusStripe.CartPageCheckout.prototype.submitPayment = function(payment) {
     },
     type: 'PATCH',
     contentType: 'application/json',
-    data: JSON.stringify(this.prTokenHandler(payment.paymentMethod)),
+    data: JSON.stringify(prTokenHandler(payment.paymentMethod)),
     success: function() {
       window.location = $('[data-complete-url]').data('complete-url');
     },
@@ -39,26 +42,56 @@ SolidusStripe.CartPageCheckout.prototype.submitPayment = function(payment) {
   });
 };
 
-SolidusStripe.CartPageCheckout.prototype.onPrPayment = function(result) {
-  var handleServerResponse = this.handleServerResponse.bind(this);
+SolidusStripe.CartPageCheckout.prototype.onPrPayment = function(payment) {
+  var createIntent = this.createIntent.bind(this);
 
   fetch('/stripe/update_order', {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({
-      shipping_address: result.shippingAddress,
-      shipping_option: result.shippingOption,
-      email: result.payerEmail,
-      name: result.payerName,
+      shipping_address: payment.shippingAddress,
+      shipping_option: payment.shippingOption,
+      email: payment.payerEmail,
+      name: payment.payerName,
       authenticity_token: this.authToken
     })
   }).then(function(response) {
     response.json().then(function(json) {
-      handleServerResponse(json, result);
+      createIntent(json, payment);
     })
   });
 };
 
+SolidusStripe.CartPageCheckout.prototype.createIntent = function(result, payment) {
+  var handleServerResponse = this.handleServerResponse.bind(this);
+
+  if (result.error) {
+    this.completePaymentRequest(payment, 'fail');
+    this.showError(result.error);
+  } else {
+    if (payment.error) {
+      this.showError(payment.error.message);
+    } else {
+      fetch('/stripe/create_intent', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+          form_data: payment.shippingAddress,
+          spree_payment_method_id: this.config.id,
+          stripe_payment_method_id: payment.paymentMethod.id,
+          authenticity_token: this.authToken
+        })
+      }).then(function(response) {
+        response.json().then(function(result) {
+          handleServerResponse(result, payment)
+        })
+      });
+    }
+  }
+};
+
 SolidusStripe.CartPageCheckout.prototype.onPrButtonMounted = function(buttonId, success) {
   var container = document.getElementById(buttonId).parentElement;
 

data/app/assets/javascripts/spree/frontend/solidus_stripe/stripe-payment-intents.js

@@ -21,12 +21,13 @@ SolidusStripe.PaymentIntents.prototype.onPrPayment = function(payment) {
     var that = this;
 
     this.elementsTokenHandler(payment.paymentMethod);
-    fetch('/stripe/confirm_payment', {
+    fetch('/stripe/create_intent', {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json'
       },
       body: JSON.stringify({
+        form_data: this.form.serialize(),
         spree_payment_method_id: this.config.id,
         stripe_payment_method_id: payment.paymentMethod.id,
         authenticity_token: this.authToken
@@ -63,7 +64,7 @@ SolidusStripe.PaymentIntents.prototype.onIntentsPayment = function(payment) {
     var that = this;
 
     this.elementsTokenHandler(payment.paymentMethod);
-    fetch('/stripe/confirm_intents', {
+    fetch('/stripe/create_intent', {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json'

data/app/assets/javascripts/spree/frontend/solidus_stripe/stripe-payment-request-button-shared.js

@@ -83,37 +83,73 @@
         this.showError(response.error);
         this.completePaymentRequest(payment, 'fail');
       } else if (response.requires_action) {
-        this.stripe.handleCardAction(
-          response.stripe_payment_intent_client_secret
-        ).then(this.onIntentsClientSecret.bind(this));
+        var clientSecret = response.stripe_payment_intent_client_secret;
+        var onConfirmCardPayment = this.onConfirmCardPayment.bind(this);
+
+        this.stripe.confirmCardPayment(
+          clientSecret,
+          {payment_method: payment.paymentMethod.id},
+          {handleActions: false}
+        ).then(function(confirmResult) {
+          onConfirmCardPayment(confirmResult, payment, clientSecret)
+        });
       } else {
-        this.completePaymentRequest(payment, 'success');
-        this.submitPayment(payment);
+        this.completePayment(payment, response.stripe_payment_intent_id)
       }
     },
 
-    onIntentsClientSecret: function(result) {
-      if (result.error) {
-        this.showError(result.error);
+    onConfirmCardPayment: function(confirmResult, payment, clientSecret) {
+      onStripeResponse = function(response, payment) {
+        if (response.error) {
+          this.showError(response.error);
+        } else {
+          this.completePayment(payment, response.paymentIntent.id)
+        }
+      }.bind(this);
+
+      if (confirmResult.error) {
+        this.completePaymentRequest(payment, 'fail');
+        this.showError(confirmResult.error);
       } else {
-        fetch('/stripe/confirm_intents', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({
-            form_data: this.form.serialize(),
-            spree_payment_method_id: this.config.id,
-            stripe_payment_intent_id: result.paymentIntent.id,
-            authenticity_token: this.authToken
-          })
-        }).then(function(confirmResult) {
-          return confirmResult.json();
-        }).then(this.handleServerResponse.bind(this));
+        this.completePaymentRequest(payment, 'success');
+        this.stripe.confirmCardPayment(clientSecret).then(function(response) {
+          onStripeResponse(response, payment);
+        });
       }
     },
 
+    completePayment: function(payment, stripePaymentIntentId) {
+      var onCreateBackendPayment = function (response) {
+        if (response.error) {
+          this.completePaymentRequest(payment, 'fail');
+          this.showError(response.error);
+        } else {
+          this.completePaymentRequest(payment, 'success');
+          this.submitPayment(payment);
+        }
+      }.bind(this);
+
+      fetch('/stripe/create_payment', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          form_data: this.form ? this.form.serialize() : payment.shippingAddress,
+          spree_payment_method_id: this.config.id,
+          stripe_payment_intent_id: stripePaymentIntentId,
+          authenticity_token: this.authToken
+        })
+      }).then(function(solidusPaymentResponse) {
+        return solidusPaymentResponse.json();
+      }).then(onCreateBackendPayment)
+    },
+
     completePaymentRequest: function(payment, state) {
       if (payment && typeof payment.complete === 'function') {
         payment.complete(state);
+        if (state === 'fail') {
+          // restart the button (required in order to force address choice)
+          new SolidusStripe.CartPageCheckout().init();
+        }
       }
     }
   };

data/app/controllers/solidus_stripe/intents_controller.rb

@@ -4,23 +4,25 @@ module SolidusStripe
   class IntentsController < Spree::BaseController
     include Spree::Core::ControllerHelpers::Order
 
-    def confirm
-      begin
-        @intent = begin
-          if params[:stripe_payment_method_id].present?
-            create_intent
-          elsif params[:stripe_payment_intent_id].present?
-            stripe.confirm_intent(params[:stripe_payment_intent_id], nil)
-          end
-        end
-      rescue Stripe::CardError => e
-        render json: { error: e.message }, status: 500
-        return
-      end
-
+    def create_intent
+      @intent = create_payment_intent
       generate_payment_response
     end
 
+    def create_payment
+      create_payment_service = SolidusStripe::CreateIntentsPaymentService.new(
+        params[:stripe_payment_intent_id],
+        stripe,
+        self
+      )
+
+      if create_payment_service.call
+        render json: { success: true }
+      else
+        render json: { error: "Could not create payment" }, status: 500
+      end
+    end
+
     private
 
     def stripe
@@ -37,20 +39,23 @@ module SolidusStripe
           stripe_payment_intent_client_secret: response['client_secret']
         }
       elsif response['status'] == 'requires_capture'
-        SolidusStripe::CreateIntentsOrderService.new(@intent, stripe, self).call
-        render json: { success: true }
+        render json: {
+          success: true,
+          requires_capture: true,
+          stripe_payment_intent_id: response['id']
+        }
       else
         render json: { error: response['error']['message'] }, status: 500
       end
     end
 
-    def create_intent
+    def create_payment_intent
       stripe.create_intent(
         (current_order.total * 100).to_i,
         params[:stripe_payment_method_id],
         description: "Solidus Order ID: #{current_order.number} (pending)",
         currency: current_order.currency,
-        confirmation_method: 'manual',
+        confirmation_method: 'automatic',
         capture_method: 'manual',
         confirm: true,
         setup_future_usage: 'off_session',