@akinon/next 1.111.0-snapshot-ZERO-3792-20251107072714 → 1.112.0-rc.17

package/middlewares/masterpass-rest-callback.ts

@@ -0,0 +1,218 @@
+import { NextFetchEvent, NextMiddleware, NextResponse } from 'next/server';
+import Settings from 'settings';
+import logger from '../utils/log';
+import { getUrlPathWithLocale } from '../utils/localization';
+import { PzNextRequest } from '.';
+
+const withMasterpassRestCallback =
+  (middleware: NextMiddleware) =>
+  async (req: PzNextRequest, event: NextFetchEvent) => {
+    const url = req.nextUrl.clone();
+    const ip = req.headers.get('x-forwarded-for') ?? '';
+    const sessionId = req.cookies.get('osessionid');
+
+    if (!url.pathname.includes('/orders/masterpass-rest-callback')) {
+      return middleware(req, event);
+    }
+
+    if (req.method !== 'POST') {
+      logger.warn('Invalid request method for masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        method: req.method,
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+
+    const responseCode = url.searchParams.get('responseCode');
+    const token = url.searchParams.get('token');
+
+    if (!responseCode || !token) {
+      logger.warn('Missing required parameters for masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        responseCode,
+        token,
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+
+    try {
+      const formData = await req.formData();
+      const body: Record<string, string> = {};
+
+      Array.from(formData.entries()).forEach(([key, value]) => {
+        body[key] = value.toString();
+      });
+
+      if (!sessionId) {
+        logger.warn(
+          'Make sure that the SESSION_COOKIE_SAMESITE environment variable is set to None in Commerce.',
+          {
+            middleware: 'masterpass-rest-callback',
+            ip
+          }
+        );
+
+        return NextResponse.redirect(
+          `${url.origin}${getUrlPathWithLocale(
+            '/orders/checkout/',
+            req.cookies.get('pz-locale')?.value
+          )}`,
+          303
+        );
+      }
+
+      const requestUrl = new URL('/orders/checkout/', Settings.commerceUrl);
+      requestUrl.searchParams.set('page', 'MasterpassRestCompletePage');
+      requestUrl.searchParams.set('responseCode', responseCode);
+      requestUrl.searchParams.set('token', token);
+      requestUrl.searchParams.set(
+        'three_d_secure',
+        body.transactionType?.includes('3D') ? 'true' : 'false'
+      );
+      requestUrl.searchParams.set(
+        'transactionType',
+        body.transactionType || ''
+      );
+
+      const requestHeaders = {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'X-Requested-With': 'XMLHttpRequest',
+        Cookie: req.headers.get('cookie') ?? '',
+        'x-currency': req.cookies.get('pz-currency')?.value ?? '',
+        'x-forwarded-for': ip,
+        'User-Agent': req.headers.get('user-agent') ?? ''
+      };
+
+      const request = await fetch(requestUrl.toString(), {
+        method: 'POST',
+        headers: requestHeaders,
+        body: new URLSearchParams(body)
+      });
+
+      logger.info('Masterpass REST callback request', {
+        requestUrl: requestUrl.toString(),
+        status: request.status,
+        requestHeaders,
+        ip
+      });
+
+      const response = await request.json();
+
+      const { context_list: contextList, errors } = response;
+
+      let redirectUrl = response.redirect_url;
+
+      if (!redirectUrl && contextList && contextList.length > 0) {
+        for (const context of contextList) {
+          if (context.page_context && context.page_context.redirect_url) {
+            redirectUrl = context.page_context.redirect_url;
+            break;
+          }
+        }
+      }
+
+      if (errors && Object.keys(errors).length) {
+        logger.error('Error while processing masterpass REST callback', {
+          middleware: 'masterpass-rest-callback',
+          errors,
+          requestHeaders,
+          ip
+        });
+
+        return NextResponse.redirect(
+          `${url.origin}${getUrlPathWithLocale(
+            '/orders/checkout/',
+            req.cookies.get('pz-locale')?.value
+          )}`,
+          {
+            status: 303,
+            headers: {
+              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+            }
+          }
+        );
+      }
+
+      logger.info('Masterpass REST callback response', {
+        middleware: 'masterpass-rest-callback',
+        contextList,
+        redirectUrl,
+        ip
+      });
+
+      if (!redirectUrl) {
+        logger.warn(
+          'No redirection url found in response. Redirecting to checkout page.',
+          {
+            middleware: 'masterpass-rest-callback',
+            requestHeaders,
+            response: JSON.stringify(response),
+            ip
+          }
+        );
+
+        const redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`;
+
+        return NextResponse.redirect(redirectUrlWithLocale, 303);
+      }
+
+      const redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
+        redirectUrl,
+        req.cookies.get('pz-locale')?.value
+      )}`;
+
+      logger.info('Redirecting after masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        redirectUrlWithLocale,
+        ip
+      });
+
+      const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
+
+      nextResponse.headers.set(
+        'Set-Cookie',
+        request.headers.get('set-cookie') ?? ''
+      );
+
+      return nextResponse;
+    } catch (error) {
+      logger.error('Error while processing masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        error,
+        requestHeaders: {
+          Cookie: req.headers.get('cookie') ?? '',
+          'x-currency': req.cookies.get('pz-currency')?.value ?? ''
+        },
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+  };
+
+export default withMasterpassRestCallback;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@akinon/next",
   "description": "Core package for Project Zero Next",
-  "version": "1.111.0-snapshot-ZERO-3792-20251107072714",
+  "version": "1.112.0-rc.17",
   "private": false,
   "license": "MIT",
   "bin": {
@@ -35,7 +35,7 @@
     "set-cookie-parser": "2.6.0"
   },
   "devDependencies": {
-    "@akinon/eslint-plugin-projectzero": "1.111.0-snapshot-ZERO-3792-20251107072714",
+    "@akinon/eslint-plugin-projectzero": "1.112.0-rc.17",
     "@babel/core": "7.26.10",
     "@babel/preset-env": "7.26.9",
     "@babel/preset-typescript": "7.27.0",

package/plugins.d.ts

@@ -37,6 +37,16 @@ declare module '@akinon/pz-cybersource-uc/src/redux/middleware' {
   export default middleware as any;
 }
 
+declare module '@akinon/pz-apple-pay' {}
+
+declare module '@akinon/pz-similar-products' {
+  export const SimilarProductsModal: any;
+  export const SimilarProductsFilterSidebar: any;
+  export const SimilarProductsResultsGrid: any;
+  export const SimilarProductsPlugin: any;
+  export const SimilarProductsButtonPlugin: any;
+}
+
 declare module '@akinon/pz-cybersource-uc/src/redux/reducer' {
   export default reducer as any;
 }
@@ -46,3 +56,8 @@ declare module '@akinon/pz-cybersource-uc' {
 }
 
 declare module '@akinon/pz-flow-payment' {}
+
+declare module '@akinon/pz-masterpass-rest' {
+  export const MasterpassRestOption: React.FC;
+  export const masterpassRestReducer: any;
+}

package/plugins.js

@@ -16,8 +16,10 @@ module.exports = [
   'pz-tabby-extension',
   'pz-apple-pay',
   'pz-tamara-extension',
+  'pz-similar-products',
   'pz-cybersource-uc',
   'pz-hepsipay',
   'pz-flow-payment',
-  'pz-virtual-try-on'
+  'pz-virtual-try-on',
+  'pz-masterpass-rest'
 ];

package/redux/middlewares/checkout.ts

@@ -208,7 +208,10 @@ export const contextListMiddleware: Middleware = ({
             dispatch(setCardType(context.page_context.card_type));
           }
 
-          if (context.page_context.installments) {
+          if (
+            context.page_context.installments &&
+            preOrder?.payment_option?.payment_type !== 'masterpass_rest'
+          ) {
             dispatch(setInstallmentOptions(context.page_context.installments));
           }
         }

package/redux/middlewares/pre-order/installment-option.ts

@@ -20,6 +20,7 @@ export const installmentOptionMiddleware: Middleware = ({
     if (
       !preOrder?.installment &&
       preOrder?.payment_option?.payment_type !== 'saved_card' &&
+      preOrder?.payment_option?.payment_type !== 'masterpass_rest' &&
       installmentOptions.length > 0
     ) {
       const firstInstallmentOptionPk = installmentOptions[0]?.pk;

package/redux/reducers/index.ts

@@ -9,6 +9,7 @@ import { masterpassReducer } from '@akinon/pz-masterpass';
 import { otpReducer } from '@akinon/pz-otp';
 import { savedCardReducer } from '@akinon/pz-saved-card';
 import cyberSourceUcReducer from '@akinon/pz-cybersource-uc/src/redux/reducer';
+import { masterpassRestReducer } from '@akinon/pz-masterpass-rest';
 
 const fallbackReducer = (state = {}) => state;
 
@@ -21,7 +22,8 @@ const reducers = {
   masterpass: masterpassReducer || fallbackReducer,
   otp: otpReducer || fallbackReducer,
   savedCard: savedCardReducer || fallbackReducer,
-  cybersource_uc: cyberSourceUcReducer || fallbackReducer
+  cybersource_uc: cyberSourceUcReducer || fallbackReducer,
+  masterpassRest: masterpassRestReducer || fallbackReducer
 };
 
 export default reducers;

package/types/index.ts

@@ -83,6 +83,12 @@ export interface Settings {
   };
   usePrettyUrlRoute?: boolean;
   commerceUrl: string;
+  /**
+   * This option allows you to track Sentry events on the client side, in addition to server and edge environments.
+   *
+   * It overrides process.env.NEXT_PUBLIC_SENTRY_DSN and process.env.SENTRY_DSN.
+   */
+  sentryDsn?: string;
   redis: {
     defaultExpirationTime: number;
   };

package/utils/mobile-3d-iframe.ts

@@ -1,8 +1,14 @@
 const iframeURLChange = (iframe, callback) => {
   iframe.addEventListener('load', () => {
     setTimeout(() => {
-      if (iframe?.contentWindow?.location) {
-        callback(iframe.contentWindow.location);
+      try {
+        if (iframe?.contentWindow?.location) {
+          const iframeLocation = iframe.contentWindow.location;
+
+          callback(iframeLocation);
+        }
+      } catch (error) {
+        // Expected: browser blocks cross-origin iframe access for security
       }
     }, 0);
   });

package/utils/redirection-iframe.ts

@@ -1,8 +1,14 @@
 const iframeURLChange = (iframe, callback) => {
   iframe.addEventListener('load', () => {
     setTimeout(() => {
-      if (iframe?.contentWindow?.location) {
-        callback(iframe.contentWindow.location);
+      try {
+        if (iframe?.contentWindow?.location) {
+          const iframeLocation = iframe.contentWindow.location;
+
+          callback(iframeLocation);
+        }
+      } catch (error) {
+        // Expected: browser blocks cross-origin iframe access for security
       }
     }, 0);
   });