@akinon/next 2.0.6-rc.1 → 2.0.6

package/middlewares/masterpass-rest-callback.ts

@@ -10,23 +10,49 @@ const withMasterpassRestCallback =
   async (req: PzNextRequest, event: NextFetchEvent) => {
     const url = req.nextUrl.clone();
     const ip = req.headers.get('x-forwarded-for') ?? '';
+    const sessionId = req.cookies.get('osessionid');
 
-    const isMasterpassCompletePage =
-      url.pathname.includes('/orders/checkout') &&
-      url.searchParams.get('page') === 'MasterpassRestCompletePage';
-
-    if (!isMasterpassCompletePage) {
+    if (!url.pathname.includes('/orders/masterpass-rest-callback')) {
       return middleware(req, event);
     }
 
-    try {
-      const isPostCheckout = req.cookies.get('pz-post-checkout-flow')?.value === 'true';
-      const requestUrl = new URL(getCheckoutPath(isPostCheckout), Settings.commerceUrl);
+    if (req.method !== 'POST') {
+      logger.warn('Invalid request method for masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        method: req.method,
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
 
-      url.searchParams.forEach((value, key) => {
-        requestUrl.searchParams.set(key, value);
+    const responseCode = url.searchParams.get('responseCode');
+    const token = url.searchParams.get('token');
+
+    if (!responseCode || !token) {
+      logger.warn('Missing required parameters for masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        responseCode,
+        token,
+        ip
       });
 
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+
+    try {
       const formData = await req.formData();
       const body: Record<string, string> = {};
 
@@ -34,6 +60,38 @@ const withMasterpassRestCallback =
         body[key] = value.toString();
       });
 
+      if (!sessionId) {
+        logger.warn(
+          'Make sure that the SESSION_COOKIE_SAMESITE environment variable is set to None in Commerce.',
+          {
+            middleware: 'masterpass-rest-callback',
+            ip
+          }
+        );
+
+        return NextResponse.redirect(
+          `${url.origin}${getUrlPathWithLocale(
+            '/orders/checkout/',
+            req.cookies.get('pz-locale')?.value
+          )}`,
+          303
+        );
+      }
+
+      const isPostCheckout = req.cookies.get('pz-post-checkout-flow')?.value === 'true';
+      const requestUrl = new URL(getCheckoutPath(isPostCheckout), Settings.commerceUrl);
+      requestUrl.searchParams.set('page', 'MasterpassRestCompletePage');
+      requestUrl.searchParams.set('responseCode', responseCode);
+      requestUrl.searchParams.set('token', token);
+      requestUrl.searchParams.set(
+        'three_d_secure',
+        body.transactionType?.includes('3D') ? 'true' : 'false'
+      );
+      requestUrl.searchParams.set(
+        'transactionType',
+        body.transactionType || ''
+      );
+
       const requestHeaders = {
         'Content-Type': 'application/x-www-form-urlencoded',
         'X-Requested-With': 'XMLHttpRequest',
@@ -49,13 +107,33 @@ const withMasterpassRestCallback =
         body: new URLSearchParams(body)
       });
 
+      logger.info('Masterpass REST callback request', {
+        requestUrl: requestUrl.toString(),
+        status: request.status,
+        requestHeaders,
+        ip
+      });
+
       const response = await request.json();
-      const { errors } = response;
+
+      const { context_list: contextList, errors } = response;
+
+      let redirectUrl = response.redirect_url;
+
+      if (!redirectUrl && contextList && contextList.length > 0) {
+        for (const context of contextList) {
+          if (context.page_context && context.page_context.redirect_url) {
+            redirectUrl = context.page_context.redirect_url;
+            break;
+          }
+        }
+      }
 
       if (errors && Object.keys(errors).length) {
-        logger.error('Error while processing MasterpassRestCompletePage', {
+        logger.error('Error while processing masterpass REST callback', {
           middleware: 'masterpass-rest-callback',
           errors,
+          requestHeaders,
           ip
         });
 
@@ -64,7 +142,12 @@ const withMasterpassRestCallback =
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          303
+          {
+            status: 303,
+            headers: {
+              'Set-Cookie': `pz-pos-error=${encodeURIComponent(JSON.stringify(errors))}; path=/;`
+            }
+          }
         );
 
         // Add error cookie
@@ -75,40 +158,70 @@ const withMasterpassRestCallback =
         return errorResponse;
       }
 
-      const redirectUrl =
-        response.redirect_url ||
-        response.context_list?.[0]?.page_context?.redirect_url;
+      logger.info('Masterpass REST callback response', {
+        middleware: 'masterpass-rest-callback',
+        contextList,
+        redirectUrl,
+        ip
+      });
 
-      if (redirectUrl) {
-        const nextResponse = NextResponse.redirect(
-          `${url.origin}${getUrlPathWithLocale(redirectUrl, req.cookies.get('pz-locale')?.value)}`,
-          303
+      if (!redirectUrl) {
+        logger.warn(
+          'No redirection url found in response. Redirecting to checkout page.',
+          {
+            middleware: 'masterpass-rest-callback',
+            requestHeaders,
+            response: JSON.stringify(response),
+            ip
+          }
         );
 
-        // Forward set-cookie headers from the upstream response
-        const setCookieHeader = request.headers.get('set-cookie');
-        if (setCookieHeader) {
-          setCookieHeader.split(',').forEach((cookie) => {
-            nextResponse.headers.append('Set-Cookie', cookie.trim());
-          });
-        }
+        const redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`;
 
-        return nextResponse;
+        return NextResponse.redirect(redirectUrlWithLocale, 303);
       }
 
-      return NextResponse.redirect(
-        `${url.origin}${getUrlPathWithLocale('/orders/checkout/', req.cookies.get('pz-locale')?.value)}`,
-        303
-      );
+      const redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
+        redirectUrl,
+        req.cookies.get('pz-locale')?.value
+      )}`;
+
+      logger.info('Redirecting after masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        redirectUrl: redirectUrlWithLocale,
+        ip
+      });
+
+      const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
+
+      // Forward set-cookie headers from the upstream response
+      const setCookieHeader = request.headers.get('set-cookie');
+      if (setCookieHeader) {
+        setCookieHeader.split(',').forEach((cookie) => {
+          nextResponse.headers.append('Set-Cookie', cookie.trim());
+        });
+      }
+
+      return nextResponse;
     } catch (error) {
-      logger.error('Error while processing MasterpassRestCompletePage', {
+      logger.error('Error while processing masterpass REST callback', {
         middleware: 'masterpass-rest-callback',
         error,
+        requestHeaders: {
+          Cookie: req.headers.get('cookie') ?? '',
+          'x-currency': req.cookies.get('pz-currency')?.value ?? ''
+        },
         ip
       });
 
       return NextResponse.redirect(
-        `${url.origin}${getUrlPathWithLocale('/orders/checkout/', req.cookies.get('pz-locale')?.value)}`,
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
         303
       );
     }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@akinon/next",
   "description": "Core package for Project Zero Next",
-  "version": "2.0.6-rc.1",
+  "version": "2.0.6",
   "private": false,
   "license": "MIT",
   "bin": {
@@ -19,11 +19,10 @@
   "dependencies": {
     "@mongodb-js/zstd": "^2.0.1",
     "@neshca/cache-handler": "1.9.0",
-    "@opentelemetry/exporter-trace-otlp-http": "0.46.0",
-    "@opentelemetry/resources": "1.19.0",
-    "@opentelemetry/sdk-node": "0.46.0",
-    "@opentelemetry/sdk-trace-node": "1.19.0",
-    "@opentelemetry/semantic-conventions": "1.19.0",
+    "@opentelemetry/api": "^1.9.0",
+    "@opentelemetry/context-async-hooks": "^2.5.0",
+    "@opentelemetry/core": "^2.5.0",
+    "@opentelemetry/sdk-trace-base": "^2.5.0",
     "@reduxjs/toolkit": "1.9.7",
     "@sentry/nextjs": "10.39.0",
     "cross-spawn": "7.0.3",
@@ -37,7 +36,7 @@
     "set-cookie-parser": "2.6.0"
   },
   "devDependencies": {
-    "@akinon/eslint-plugin-projectzero": "2.0.6-rc.1",
+    "@akinon/eslint-plugin-projectzero": "2.0.6",
     "@babel/core": "7.26.10",
     "@babel/preset-env": "7.26.9",
     "@babel/preset-typescript": "7.27.0",

package/plugins.d.ts

@@ -37,16 +37,6 @@ declare module '@akinon/pz-cybersource-uc/src/redux/middleware' {
   export default middleware as any;
 }
 
-declare module '@akinon/pz-apple-pay' {}
-
-declare module '@akinon/pz-similar-products' {
-  export const SimilarProductsModal: any;
-  export const SimilarProductsFilterSidebar: any;
-  export const SimilarProductsResultsGrid: any;
-  export const SimilarProductsPlugin: any;
-  export const SimilarProductsButtonPlugin: any;
-}
-
 declare module '@akinon/pz-cybersource-uc/src/redux/reducer' {
   export default reducer as any;
 }

package/plugins.js

@@ -16,7 +16,6 @@ module.exports = [
   'pz-tabby-extension',
   'pz-apple-pay',
   'pz-tamara-extension',
-  'pz-similar-products',
   'pz-cybersource-uc',
   'pz-hepsipay',
   'pz-flow-payment',

package/redux/actions.ts

@@ -3,6 +3,7 @@ export * from './reducers/root';
 export * from './reducers/header';
 export * from './reducers/checkout';
 export * from './reducers/config';
+export * from './reducers/toast';
 
 // Import RTK Query APIs
 import { basketApi } from '../data/client/basket';

package/redux/middlewares/checkout.ts

@@ -26,28 +26,13 @@ import {
 } from '../../redux/reducers/checkout';
 import { RootState, TypedDispatch } from 'redux/store';
 import { checkoutApi } from '../../data/client/checkout';
-import { CheckoutContext, MiddlewareAction, PreOrder } from '../../types';
+import { CheckoutContext, PreOrder } from '../../types';
 import { getCookie } from '../../utils';
 import settings from 'settings';
 import { LocaleUrlStrategy } from '../../localization';
 import { showMobile3dIframe } from '../../utils/mobile-3d-iframe';
 import { showRedirectionIframe } from '../../utils/redirection-iframe';
 
-const IFRAME_REDIRECTION_KEY = 'pz-iframe-redirection-active';
-
-const isIframeRedirectionActive = () =>
-  typeof window !== 'undefined' &&
-  sessionStorage.getItem(IFRAME_REDIRECTION_KEY) === 'true';
-
-const setIframeRedirectionActive = (active: boolean) => {
-  if (typeof window === 'undefined') return;
-  if (active) {
-    sessionStorage.setItem(IFRAME_REDIRECTION_KEY, 'true');
-  } else {
-    sessionStorage.removeItem(IFRAME_REDIRECTION_KEY);
-  }
-};
-
 interface CheckoutResult {
   payload: {
     errors?: Record<string, string[]>;
@@ -84,7 +69,7 @@ export const redirectUrlMiddleware: Middleware = () => {
     const result = next(action) as CheckoutResult;
     const redirectUrl = result?.payload?.redirect_url;
 
-    if (redirectUrl && !isIframeRedirectionActive()) {
+    if (redirectUrl) {
       const currentLocale = getCookie('pz-locale');
 
       let url = redirectUrl;
@@ -114,15 +99,8 @@ export const contextListMiddleware: Middleware = ({
     const { isMobileApp, userPhoneNumber } = getState().root;
     const result = next(action) as CheckoutResult;
     const preOrder = result?.payload?.pre_order;
-    const act = action as MiddlewareAction;
 
     if (result?.payload?.context_list) {
-      const endpointName = act.meta?.arg?.endpointName;
-      const isBinNumberResponse = endpointName === 'setBinNumber';
-      const hasCardTypeInContextList = result.payload.context_list.some(
-        (ctx) => ctx.page_context.card_type
-      );
-
       result.payload.context_list.forEach((context) => {
         const redirectUrl = context.page_context.redirect_url;
         const isIframe = context.page_context.is_iframe ?? false;
@@ -156,7 +134,6 @@ export const contextListMiddleware: Middleware = ({
           if (isMobileDevice && isIframePaymentOptionIncluded) {
             showMobile3dIframe(urlObj.toString());
           } else if (isIframe) {
-            setIframeRedirectionActive(true);
             showRedirectionIframe(urlObj.toString());
           } else {
             window.location.href = urlObj.toString();
@@ -232,34 +209,15 @@ export const contextListMiddleware: Middleware = ({
             (ctx) => ctx.page_name === 'DeliveryOptionSelectionPage'
           )
         ) {
-          const isCreditCardPayment =
-            preOrder?.payment_option?.payment_type === 'credit_card' ||
-            preOrder?.payment_option?.payment_type === 'masterpass';
-
           if (context.page_context.card_type) {
             dispatch(setCardType(context.page_context.card_type));
-          } else if (
-            isCreditCardPayment &&
-            isBinNumberResponse &&
-            !hasCardTypeInContextList
-          ) {
-            dispatch(setCardType(null));
-            dispatch(setInstallmentOptions([]));
           }
 
           if (
             context.page_context.installments &&
             preOrder?.payment_option?.payment_type !== 'masterpass_rest'
           ) {
-            if (
-              !isCreditCardPayment ||
-              context.page_context.card_type ||
-              hasCardTypeInContextList
-            ) {
-              dispatch(
-                setInstallmentOptions(context.page_context.installments)
-              );
-            }
+            dispatch(setInstallmentOptions(context.page_context.installments));
           }
         }
 

package/redux/middlewares/pre-order/installment-option.ts

@@ -14,17 +14,9 @@ export const installmentOptionMiddleware: Middleware = ({
       return result;
     }
 
-    const { installmentOptions, cardType } = getState().checkout;
+    const { installmentOptions } = getState().checkout;
     const { endpoints: apiEndpoints } = checkoutApi;
 
-    const isCreditCardPayment =
-      preOrder?.payment_option?.payment_type === 'credit_card' ||
-      preOrder?.payment_option?.payment_type === 'masterpass';
-
-    if (isCreditCardPayment && !cardType) {
-      return result;
-    }
-
     if (
       !preOrder?.installment &&
       preOrder?.payment_option?.payment_type !== 'saved_card' &&

package/redux/reducers/index.ts

@@ -2,6 +2,7 @@ import rootReducer from './root';
 import checkoutReducer from './checkout';
 import configReducer from './config';
 import headerReducer from './header';
+import toastReducer from './toast';
 import widgetReducer from './widget';
 import { api } from '../../data/client/api';
 
@@ -20,6 +21,7 @@ const reducers = {
   checkout: checkoutReducer,
   config: configReducer,
   header: headerReducer,
+  toast: toastReducer,
   widget: widgetReducer,
   masterpass: masterpassReducer || fallbackReducer,
   otp: otpReducer || fallbackReducer,

package/redux/reducers/toast.ts

@@ -0,0 +1,70 @@
+import { createSlice, PayloadAction } from '@reduxjs/toolkit'
+
+export type ToastType = 'success' | 'error' | 'warning' | 'info'
+
+export type ToastPosition =
+  | 'top-right'
+  | 'top-left'
+  | 'top-center'
+  | 'bottom-right'
+  | 'bottom-left'
+  | 'bottom-center'
+
+export interface Toast {
+  id: string
+  type: ToastType
+  message: string
+  duration?: number
+  position?: ToastPosition
+  icon?: string
+  className?: string
+  dismissible?: boolean
+  action?: {
+    label: string
+    actionId: string
+  }
+}
+
+export type ToastInput = Omit<Toast, 'id'>
+
+export interface ToastState {
+  toasts: Toast[]
+}
+
+const MAX_TOASTS = 5
+
+const initialState: ToastState = {
+  toasts: []
+}
+
+const toastSlice = createSlice({
+  name: 'toast',
+  initialState,
+  reducers: {
+    addToast: {
+      reducer: (state, action: PayloadAction<Toast>) => {
+        state.toasts.push(action.payload)
+        if (state.toasts.length > MAX_TOASTS) {
+          state.toasts.shift()
+        }
+      },
+      prepare: (toast: ToastInput) => ({
+        payload: {
+          ...toast,
+          id: `toast-${Date.now()}-${Math.random().toString(36).slice(2, 9)}`,
+          duration: toast.duration ?? 4000,
+          position: toast.position ?? 'top-right',
+          dismissible: toast.dismissible ?? true
+        }
+      })
+    },
+    removeToast: (state, action: PayloadAction<string>) => {
+      const idx = state.toasts.findIndex((t) => t.id === action.payload)
+      if (idx !== -1) state.toasts.splice(idx, 1)
+    }
+  }
+})
+
+export const { addToast, removeToast } = toastSlice.actions
+
+export default toastSlice.reducer

package/types/commerce/flatpage.ts

@@ -1,7 +1,14 @@
+export interface FlatPagePrettyUrl {
+  pk: number;
+  url: string;
+  language: string;
+}
+
 export interface FlatPage {
   flat_page: {
     url: string;
     title: string;
     content: string;
+    flatpageprettyurl_set?: FlatPagePrettyUrl[];
   };
 }

package/types/index.ts

@@ -85,12 +85,6 @@ export interface Settings {
   };
   usePrettyUrlRoute?: boolean;
   commerceUrl: string;
-  /**
-   * This option allows you to track Sentry events on the client side, in addition to server and edge environments.
-   *
-   * It overrides process.env.NEXT_PUBLIC_SENTRY_DSN and process.env.SENTRY_DSN.
-   */
-  sentryDsn?: string;
   redis: {
     defaultExpirationTime: number;
   };
@@ -223,7 +217,6 @@ export interface Settings {
     separator?: string;
     segments: PzSegmentDefinition[];
   };
-  payloadOptimization?: import('../utils/payload-optimizer').PayloadOptimizationConfig;
 }
 
 export interface CacheOptions {

package/utils/app-fetch.ts

@@ -3,6 +3,7 @@ import logger from '../utils/log';
 import { headers, cookies } from 'next/headers';
 import { ServerVariables } from './server-variables';
 import { notFound } from 'next/navigation';
+import { fixtureManager, MockMode } from '../lib/fixture-manager';
 
 export enum FetchResponseType {
   JSON = 'json',
@@ -42,6 +43,23 @@ const appFetch = async <T>({
     }
 
     const requestURL = `${decodeURIComponent(commerceUrl)}${url}`;
+    const mockMode = process.env.PZ_MOCK;
+    const method = init.method?.toUpperCase() ?? 'GET';
+
+    // Replay mode: serve from fixtures without hitting the API
+    if (mockMode === MockMode.REPLAY) {
+      const { found, fixture } = await fixtureManager.read(method, String(url), init.body);
+
+      if (found) {
+        status = fixture.response.status;
+        response = (responseType === FetchResponseType.JSON
+          ? fixture.response.body
+          : JSON.stringify(fixture.response.body)) as T;
+        return response;
+      }
+
+      return undefined;
+    }
 
     init.headers = {
       cookie: nextCookies.toString(),
@@ -67,6 +85,15 @@ const appFetch = async <T>({
       response = (await req.text()) as unknown as T;
     }
 
+    // Record mode: save response to fixtures
+    if (mockMode === MockMode.RECORD) {
+      await fixtureManager.write(method, String(url), init.body, {
+        status: req.status,
+        headers: fixtureManager.extractHeaders(req.headers),
+        body: response
+      });
+    }
+
     logger.trace(`FETCH RESPONSE`, { url, response, ip });
   } catch (error) {
     const logType = status === 500 ? 'fatal' : 'error';

package/utils/format-error-message.ts

@@ -0,0 +1,7 @@
+export const formatErrorMessage = (errors: any): string => {
+  if (typeof errors === 'string') return errors
+  if (Array.isArray(errors)) return errors.join(', ')
+  if (typeof errors === 'object' && errors !== null)
+    return Object.values(errors).flat().join(', ')
+  return 'An error occurred'
+}

package/utils/index.ts

@@ -9,6 +9,7 @@ export * from './generate-commerce-search-params';
 export * from './get-currency-label';
 export * from './pz-segments';
 export * from './get-checkout-path';
+export * from './format-error-message';
 
 export function getCookie(name: string) {
   if (typeof document === 'undefined') {
@@ -62,7 +63,13 @@ export function setCookie(
 export function removeCookie(name: string) {
   const date = 'Thu, 01 Jan 1970 00:00:00 UTC';
 
-  document.cookie = `${name}=; expires=${date}; path=/;`;
+  const domain =
+    settings.localization.localeUrlStrategy === LocaleUrlStrategy.Subdomain
+      ? getRootHostname(document.location.href)
+      : null;
+
+  const domainStr = domain ? ` domain=${domain};` : '';
+  document.cookie = `${name}=; expires=${date}; path=/;${domainStr}`;
 }
 
 /**

package/with-pz-config.js

@@ -12,7 +12,8 @@ const defaultConfig = {
   output: 'standalone',
   compress: false,
   env: {
-    NEXT_PUBLIC_SENTRY_DSN: process.env.SENTRY_DSN
+    NEXT_PUBLIC_SENTRY_DSN: process.env.SENTRY_DSN,
+    ...(process.env.PZ_MOCK && { PZ_MOCK: process.env.PZ_MOCK })
   },
   images: {
     remotePatterns: [
@@ -68,8 +69,7 @@ const defaultConfig = {
         acc[`@akinon/${plugin}`] = false;
         return acc;
       }, {}),
-      translations: false,
-      '@opentelemetry/exporter-jaeger': false
+      translations: false
     };
     // Ensure webpack can resolve deps from the app's node_modules when
     // compiling transpiled packages (e.g. @akinon/next) whose imports