@easypayment/medusa-paypal 0.7.1 → 0.7.3

package/src/modules/paypal/payment-provider/index.ts

@@ -1,19 +1,15 @@
-import { ModuleProvider, Modules } from "@medusajs/framework/utils"
-import PayPalPaymentProvider from "./service"
-import PayPalAdvancedCardProvider from "./card-service"
-
-/**
- * Payment Module Provider definition
- * Medusa will scan `services` to register payment providers on boot.
- */
-export default ModuleProvider(Modules.PAYMENT, {
-  services: [
-    PayPalPaymentProvider,
-    PayPalAdvancedCardProvider,
-  ],
-})
-
-export {
-  PayPalPaymentProvider,
-  PayPalAdvancedCardProvider,
-}
+import { ModuleProvider, Modules } from "@medusajs/framework/utils"
+import PayPalPaymentProvider from "./service"
+import PayPalAdvancedCardProvider from "./card-service"
+
+export default ModuleProvider(Modules.PAYMENT, {
+  services: [
+    PayPalPaymentProvider,
+    PayPalAdvancedCardProvider,
+  ],
+})
+
+export {
+  PayPalPaymentProvider,
+  PayPalAdvancedCardProvider,
+}

package/src/modules/paypal/payment-provider/service.ts

@@ -34,6 +34,8 @@ import { getPayPalWebhookActionAndData } from "./webhook-utils"
 
 type Options = {}
 
+const BN_CODE = "MBJTechnolabs_SI_SPB"
+
 function generateSessionId() {
   try {
     return randomUUID()
@@ -128,6 +130,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
         headers: {
           Authorization: `Basic ${_fbAuth}`,
           "Content-Type": "application/x-www-form-urlencoded",
+          "PayPal-Partner-Attribution-Id": BN_CODE,
         },
         body: "grant_type=client_credentials",
       })
@@ -148,6 +151,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
       headers: {
         Authorization: `Basic ${auth}`,
         "Content-Type": "application/x-www-form-urlencoded",
+        "PayPal-Partner-Attribution-Id": BN_CODE,
       },
       body: "grant_type=client_credentials",
     })
@@ -168,6 +172,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
       headers: {
         Authorization: `Bearer ${accessToken}`,
         "Content-Type": "application/json",
+        "PayPal-Partner-Attribution-Id": BN_CODE,
       },
     })
 
@@ -259,7 +264,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
       await paypal.recordAuditEvent(eventType, metadata)
       await paypal.recordMetric(eventType)
     } catch {
-      // ignore
     }
   }
 
@@ -269,7 +273,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
     try {
       await paypal.recordMetric(metricName)
     } catch {
-      // ignore
     }
   }
 
@@ -279,7 +282,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
     try {
       await paypal.recordPaymentLog(eventType, metadata)
     } catch {
-      // ignore
     }
   }
 
@@ -363,7 +365,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
     const returnStatus = paymentActionRaw === "authorize" ? "authorized" : "captured"
     const timestampKey = paymentActionRaw === "authorize" ? "authorized_at" : "captured_at"
 
-    // ── CASE 1: Already processed (has capture_id, authorization_id, or timestamp) ──
     if (
       existingPayPal.capture_id ||
       existingPayPal.authorization_id ||
@@ -380,11 +381,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
       }
     }
 
-    // ── CASE 2: Has order_id — fetch current status from PayPal ──────────────
-    // This is the KEY fix: capture-order already processed the payment but
-    // Medusa's cart/complete workflow calls authorizePayment again with the
-    // original session data (before capture-order wrote authorization_id).
-    // We fetch the live PayPal order to get the real status.
     const orderId = String(existingPayPal.order_id || data.order_id || "")
     if (orderId) {
       try {
@@ -393,7 +389,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
         const capture = order?.purchase_units?.[0]?.payments?.captures?.[0]
         const authorization = order?.purchase_units?.[0]?.payments?.authorizations?.[0]
 
-        // Order was already captured or authorized by capture-order route
         if (capture?.id || authorization?.id) {
           console.info("[PayPal] authorizePayment: order already processed by PayPal, returning", returnStatus)
           return {
@@ -412,8 +407,6 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
           }
         }
 
-        // Order exists and is APPROVED — customer completed PayPal flow
-        // but capture-order hasn't run yet (edge case). Mark as authorized.
         if (["APPROVED", "CREATED", "SAVED"].includes(String(order?.status || "").toUpperCase())) {
           console.info("[PayPal] authorizePayment: order approved, marking authorized")
           return {
@@ -430,14 +423,10 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
           }
         }
       } catch (e: any) {
-        // Non-fatal — log and fall through to creating a new order below
         console.warn("[PayPal] authorizePayment: order lookup failed:", e?.message)
       }
     }
 
-    // ── CASE 3: No order_id — create a new PayPal order ──────────────────────
-    // This handles the rare case where Medusa calls authorizePayment before
-    // the frontend has created a PayPal order (e.g. admin-created orders).
     const requestId = this.getIdempotencyKey(input, "authorize")
     let debugId: string | null = null
     const orderIntent = paymentActionRaw === "authorize" ? "AUTHORIZE" : "CAPTURE"
@@ -469,6 +458,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
           Authorization: `Bearer ${accessToken}`,
           "Content-Type": "application/json",
           "PayPal-Request-Id": requestId,
+          "PayPal-Partner-Attribution-Id": BN_CODE,
         },
         body: JSON.stringify(orderPayload),
       })
@@ -505,6 +495,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
               Authorization: `Bearer ${accessToken}`,
               "Content-Type": "application/json",
               "PayPal-Request-Id": `${requestId}-auth`,
+              "PayPal-Partner-Attribution-Id": BN_CODE,
             },
           }
         )
@@ -687,6 +678,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
               Authorization: `Bearer ${accessToken}`,
               "Content-Type": "application/json",
               "PayPal-Request-Id": `${requestId}-auth`,
+              "PayPal-Partner-Attribution-Id": BN_CODE,
             },
           }
         )
@@ -737,6 +729,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
           Authorization: `Bearer ${accessToken}`,
           "Content-Type": "application/json",
           "PayPal-Request-Id": requestId,
+          "PayPal-Partner-Attribution-Id": BN_CODE,
         },
         body: JSON.stringify(capturePayload),
       })
@@ -818,19 +811,11 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
 
     const requestId = this.getIdempotencyKey(input, `refund-${captureId}`)
 
-    // ── IMPORTANT: Use input.amount (major units e.g. 20.00) NOT data.amount ──
-    // Medusa v2 passes the refund amount via input.amount in major currency units.
-    // data.amount is the original session amount in minor units (e.g. 2000 cents).
-    // formatAmountForPayPal divides by 100, so using data.amount would give 0.20
-    // instead of 20.00. We must use input.amount directly and format it as-is.
     const currencyOverride = await this.resolveCurrencyOverride()
     const currencyCode = normalizeCurrencyCode(
       data.currency_code || currencyOverride || "EUR"
     )
 
-    // input.amount is already in major units (e.g. 20.00 EUR)
-    // Just convert to string with correct decimal places
-    // getCurrencyExponent is already available via the amounts utils
     const exponent = currencyCode.toUpperCase() === "JPY" ? 0
       : ["BHD", "JOD", "KWD", "OMR", "TND"].includes(currencyCode.toUpperCase()) ? 3
       : 2
@@ -861,6 +846,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
           Authorization: `Bearer ${accessToken}`,
           "Content-Type": "application/json",
           "PayPal-Request-Id": requestId,
+          "PayPal-Partner-Attribution-Id": BN_CODE,
         },
         body: JSON.stringify(refundPayload),
       })
@@ -952,6 +938,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
               Authorization: `Bearer ${accessToken}`,
               "Content-Type": "application/json",
               "PayPal-Request-Id": requestId,
+              "PayPal-Partner-Attribution-Id": BN_CODE,
             },
           }
         )
@@ -981,6 +968,7 @@ class PayPalPaymentProvider extends AbstractPaymentProvider<Options> {
             Authorization: `Bearer ${accessToken}`,
             "Content-Type": "application/json",
             "PayPal-Request-Id": requestId,
+            "PayPal-Partner-Attribution-Id": BN_CODE,
           },
           body: JSON.stringify({}),
         })

package/src/modules/paypal/service.ts

@@ -23,6 +23,10 @@ class PayPalModuleService extends MedusaService({
 }) {
   protected cfg = getPayPalConfig()
 
+  private get bnCode(): string {
+    return this.cfg.bnCode || "MBJTechnolabs_SI_SPB"
+  }
+
   private async getSettingsData() {
     const settings = await this.getSettings()
     return (settings?.data || {}) as Record<string, any>
@@ -198,7 +202,6 @@ class PayPalModuleService extends MedusaService({
       throw new Error("Missing PayPal partner merchant id configuration.")
     }
 
-    const { onboarding } = await this.ensureSettingsDefaults()
     const baseUrl = env === "live" ? "https://api-m.paypal.com" : "https://api-m.sandbox.paypal.com"
     const accessToken = accessTokenOverride ?? await this.getAppAccessToken()
 
@@ -211,7 +214,7 @@ class PayPalModuleService extends MedusaService({
         headers: {
           "Content-Type": "application/json",
           Authorization: `Bearer ${accessToken}`,
-          ...(onboarding.bn_code ? { "PayPal-Partner-Attribution-Id": onboarding.bn_code } : {}),
+          "PayPal-Partner-Attribution-Id": this.bnCode,
         },
       }
     )
@@ -248,6 +251,7 @@ class PayPalModuleService extends MedusaService({
       headers: {
         "Content-Type": "application/x-www-form-urlencoded",
         Authorization: `Basic ${basic}`,
+        "PayPal-Partner-Attribution-Id": this.bnCode,
       },
       body,
     })
@@ -304,6 +308,7 @@ class PayPalModuleService extends MedusaService({
           Authorization: `Bearer ${accessToken}`,
           "Content-Type": "application/json",
           Accept: "application/json",
+          "PayPal-Partner-Attribution-Id": this.bnCode,
         },
       })
       if (userInfoResp.ok) {
@@ -329,6 +334,7 @@ class PayPalModuleService extends MedusaService({
             headers: {
               Authorization: `Bearer ${accessToken}`,
               "Content-Type": "application/json",
+              "PayPal-Partner-Attribution-Id": this.bnCode,
             },
           }
         )
@@ -467,6 +473,7 @@ class PayPalModuleService extends MedusaService({
     form.set("return_url", return_url)
     form.set("return_url_description", "Return to your shop.")
     form.set("partner_merchant_id", partner_merchant_id)
+    form.set("from", "medusa")
 
     const products = input?.products?.length ? input.products : ["PPCP"]
 
@@ -621,6 +628,7 @@ class PayPalModuleService extends MedusaService({
       headers: {
         "Content-Type": "application/x-www-form-urlencoded",
         Authorization: `Basic ${basic}`,
+        "PayPal-Partner-Attribution-Id": this.bnCode,
       },
       body: tokenBody,
     })
@@ -656,7 +664,7 @@ class PayPalModuleService extends MedusaService({
         headers: {
           "Content-Type": "application/json",
           Authorization: `Bearer ${sellerAccessToken}`,
-          ...(onboarding.bn_code ? { "PayPal-Partner-Attribution-Id": onboarding.bn_code } : {}),
+          "PayPal-Partner-Attribution-Id": this.bnCode,
         },
       }
     )
@@ -900,6 +908,7 @@ class PayPalModuleService extends MedusaService({
       headers: {
         Authorization: `Bearer ${accessToken}`,
         "Content-Type": "application/json",
+        "PayPal-Partner-Attribution-Id": this.bnCode,
       },
     })
 
@@ -920,6 +929,7 @@ class PayPalModuleService extends MedusaService({
         headers: {
           Authorization: `Bearer ${accessToken}`,
           "Content-Type": "application/json",
+          "PayPal-Partner-Attribution-Id": this.bnCode,
         },
         body: JSON.stringify({
           url: webhookUrl,
@@ -1093,7 +1103,11 @@ class PayPalModuleService extends MedusaService({
 
     const res = await fetch(`${baseUrl}/v1/oauth2/token`, {
       method: "POST",
-      headers: { "Content-Type": "application/x-www-form-urlencoded", Authorization: `Basic ${basic}` },
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Authorization: `Basic ${basic}`,
+        "PayPal-Partner-Attribution-Id": this.bnCode,
+      },
       body,
     })
 
@@ -1125,8 +1139,8 @@ class PayPalModuleService extends MedusaService({
         Authorization: `Bearer ${accessToken}`,
         "Content-Type": "application/json",
         Accept: "application/json",
+        "PayPal-Partner-Attribution-Id": this.bnCode,
         ...(opts?.locale ? { "Accept-Language": opts.locale } : {}),
-        ...(this.cfg.bnCode ? { "PayPal-Partner-Attribution-Id": this.cfg.bnCode } : {}),
       },
     })
 
@@ -1230,6 +1244,7 @@ class PayPalModuleService extends MedusaService({
       headers: {
         Authorization: `Basic ${auth}`,
         "Content-Type": "application/x-www-form-urlencoded",
+        "PayPal-Partner-Attribution-Id": this.bnCode,
       },
       body: "grant_type=client_credentials",
     })
@@ -1247,6 +1262,7 @@ class PayPalModuleService extends MedusaService({
       headers: {
         Authorization: `Bearer ${accessToken}`,
         "Content-Type": "application/json",
+        "PayPal-Partner-Attribution-Id": this.bnCode,
       },
     })
 

package/src/modules/paypal/types/config.ts

@@ -10,11 +10,11 @@ export type PayPalModuleConfig = {
 }
 
 const STATIC_CFG: PayPalModuleConfig = {
-  partnerServiceUrl: "https://mbjtechnolabs.com/ppcp-seller-onboarding/seller-onboarding.php",
+  partnerServiceUrl: "https://mbjtechnolabs.com/ppcp-seller-onboarding/seller-onboarding.php?from=medusa",
   partnerJsUrl: "https://www.paypal.com/webapps/merchantboarding/js/lib/lightbox/partner.js",
   backendUrl: "http://localhost:9000",
   sellerNonce: "a1233wtergfsdt4365tzrshgfbaewa36AGa1233wtergfsdt4365tzrshgfbaewa36AG",
-  bnCode: "",
+  bnCode: "MBJTechnolabs_SI_SPB",
   partnerMerchantIdSandbox: "K6QLN2LPGQRHL",
   partnerMerchantIdLive: "GT5R877JNBPLL",
   alertWebhookUrls: [],

package/src/modules/paypal/utils/paypal-auth.ts

@@ -1,32 +1,31 @@
-/**
- * Shared PayPal API authentication helpers.
- * Import these instead of copying into each route.
- */
-export function getPayPalApiBase(environment: string): string {
-  return environment === "live"
-    ? "https://api-m.paypal.com"
-    : "https://api-m.sandbox.paypal.com"
-}
-
-export async function getPayPalAccessToken(opts: {
-  environment: string
-  client_id: string
-  client_secret: string
-}): Promise<{ accessToken: string; base: string }> {
-  const base = getPayPalApiBase(opts.environment)
-  const auth = Buffer.from(`${opts.client_id}:${opts.client_secret}`).toString("base64")
-  const resp = await fetch(`${base}/v1/oauth2/token`, {
-    method: "POST",
-    headers: {
-      Authorization: `Basic ${auth}`,
-      "Content-Type": "application/x-www-form-urlencoded",
-    },
-    body: "grant_type=client_credentials",
-  })
-  const text = await resp.text()
-  if (!resp.ok) {
-    throw new Error(`PayPal token error (${resp.status}): ${text}`)
-  }
-  const json = JSON.parse(text)
-  return { accessToken: String(json.access_token), base }
-}
+export function getPayPalApiBase(environment: string): string {
+  return environment === "live"
+    ? "https://api-m.paypal.com"
+    : "https://api-m.sandbox.paypal.com"
+}
+
+const BN_CODE = "MBJTechnolabs_SI_SPB"
+
+export async function getPayPalAccessToken(opts: {
+  environment: string
+  client_id: string
+  client_secret: string
+}): Promise<{ accessToken: string; base: string }> {
+  const base = getPayPalApiBase(opts.environment)
+  const auth = Buffer.from(`${opts.client_id}:${opts.client_secret}`).toString("base64")
+  const resp = await fetch(`${base}/v1/oauth2/token`, {
+    method: "POST",
+    headers: {
+      Authorization: `Basic ${auth}`,
+      "Content-Type": "application/x-www-form-urlencoded",
+      "PayPal-Partner-Attribution-Id": BN_CODE,
+    },
+    body: "grant_type=client_credentials",
+  })
+  const text = await resp.text()
+  if (!resp.ok) {
+    throw new Error(`PayPal token error (${resp.status}): ${text}`)
+  }
+  const json = JSON.parse(text)
+  return { accessToken: String(json.access_token), base }
+}

package/src/modules/paypal/webhook-processor.ts

@@ -2,7 +2,6 @@ import type { MedusaContainer } from "@medusajs/framework/types"
 import { Modules } from "@medusajs/framework/utils"
 import { isPayPalProviderId } from "./utils/provider-ids"
 
-// ─── Event → Medusa status mapping ───────────────────────────────────────────
 
 export const EVENT_STATUS_MAP: Record<
   string,
@@ -23,9 +22,6 @@ export const EVENT_STATUS_MAP: Record<
   "PAYMENT.REFUND.DENIED": "error",
 }
 
-// ─── Status transition guard ──────────────────────────────────────────────────
-// Only allow forward/meaningful moves.
-// Prevents a late-arriving webhook from downgrading an already-captured payment.
 
 const ALLOWED_TRANSITIONS: Record<string, Set<string>> = {
   pending: new Set(["authorized", "captured", "canceled", "error"]),
@@ -39,7 +35,6 @@ export function isTransitionAllowed(from: string, to: string): boolean {
   return ALLOWED_TRANSITIONS[from]?.has(to) ?? false
 }
 
-// ─── Event type helpers ───────────────────────────────────────────────────────
 
 export const SUPPORTED_EVENT_PREFIXES = [
   "PAYMENT.CAPTURE.",
@@ -52,9 +47,6 @@ export function isAllowedEventType(eventType: string): boolean {
   return SUPPORTED_EVENT_PREFIXES.some((prefix) => eventType.startsWith(prefix))
 }
 
-// ─── Error classification ─────────────────────────────────────────────────────
-// Non-retryable: event is permanently unprocessable (wrong cart, missing session).
-// Retryable: transient failure (DB down, network error) — worth trying again.
 
 const NON_RETRYABLE_PATTERNS = [
   "payment collection not found",
@@ -71,7 +63,6 @@ export function isRetryableError(error: unknown): boolean {
   return !NON_RETRYABLE_PATTERNS.some((p) => message.includes(p))
 }
 
-// ─── Retry schedule ───────────────────────────────────────────────────────────
 
 const RETRY_SCHEDULE_MINUTES = [2, 10, 30, 60, 120]
 export const MAX_WEBHOOK_ATTEMPTS = RETRY_SCHEDULE_MINUTES.length + 1
@@ -83,7 +74,6 @@ export function computeNextRetryAt(attemptCount: number): Date | null {
   return new Date(Date.now() + delayMinutes * 60 * 1000)
 }
 
-// ─── Payload normalisation ────────────────────────────────────────────────────
 
 export function normalizeResource(payload: Record<string, any>): Record<string, any> {
   const resource = payload?.resource
@@ -109,7 +99,6 @@ export function normalizeEventVersion(payload: Record<string, any>): string | nu
   return String(raw).trim().replace(/^v/i, "")
 }
 
-// ─── Identifier extraction ────────────────────────────────────────────────────
 
 export interface ExtractedIdentifiers {
   orderId: string | null
@@ -160,7 +149,6 @@ export function extractIdentifiers(
   return { orderId, captureId, refundId, cartId }
 }
 
-// ─── Session lookup ───────────────────────────────────────────────────────────
 
 interface ResolvedSession {
   sessionId: string
@@ -216,7 +204,6 @@ async function findPayPalSession(
   }
 }
 
-// ─── Session update ───────────────────────────────────────────────────────────
 
 function mergeRefunds(existing: any[], incoming: any[]): any[] {
   const seen = new Set<string>()
@@ -270,7 +257,6 @@ async function applyStatusToSession(
   })
 }
 
-// ─── Main event processor ─────────────────────────────────────────────────────
 
 export interface ProcessResult {
   orderId: string | null

package/src/providers/paypal/index.ts

@@ -1,10 +1,8 @@
-import { ModuleProvider, Modules } from "@medusajs/framework/utils"
-import { PayPalPaymentProvider } from "../../modules/paypal/payment-provider/service"
-
-// Medusa Payment Module Provider entrypoint (doc-aligned)
-export default ModuleProvider(Modules.PAYMENT, {
-  services: [PayPalPaymentProvider],
-})
-
-// Optional named export (doesn't hurt, can help for testing/imports)
-export { PayPalPaymentProvider }
+import { ModuleProvider, Modules } from "@medusajs/framework/utils"
+import { PayPalPaymentProvider } from "../../modules/paypal/payment-provider/service"
+
+export default ModuleProvider(Modules.PAYMENT, {
+  services: [PayPalPaymentProvider],
+})
+
+export { PayPalPaymentProvider }

package/src/providers/paypal_card/index.ts

@@ -1,10 +1,8 @@
-import { ModuleProvider, Modules } from "@medusajs/framework/utils"
-import { PayPalAdvancedCardProvider } from "../../modules/paypal/payment-provider/card-service"
-
-// Medusa Payment Module Provider entrypoint (doc-aligned)
-export default ModuleProvider(Modules.PAYMENT, {
-  services: [PayPalAdvancedCardProvider],
-})
-
-// Optional named export
-export { PayPalAdvancedCardProvider }
+import { ModuleProvider, Modules } from "@medusajs/framework/utils"
+import { PayPalAdvancedCardProvider } from "../../modules/paypal/payment-provider/card-service"
+
+export default ModuleProvider(Modules.PAYMENT, {
+  services: [PayPalAdvancedCardProvider],
+})
+
+export { PayPalAdvancedCardProvider }

package/src/subscribers/paypal-order-invoice.ts

@@ -3,8 +3,6 @@ import type PayPalModuleService from "../modules/paypal/service"
 import { getPayPalAccessToken } from "../modules/paypal/utils/paypal-auth"
 import { isPayPalProviderId } from "../modules/paypal/utils/provider-ids"
 
-// PayPal orders can only be PATCHed in CREATED or APPROVED status.
-// Once COMPLETED (post-capture) the order is immutable.
 const PATCHABLE_STATUSES = new Set(["CREATED", "APPROVED", "SAVED"])
 
 export default async function paypalOrderInvoiceHandler({
@@ -18,7 +16,6 @@ export default async function paypalOrderInvoiceHandler({
     const query = container.resolve("query") as any
     const paypal = container.resolve<PayPalModuleService>("paypal_onboarding")
 
-    // Fetch the Medusa order with payment session data
     const { data: orders } = await query.graph({
       entity: "order",
       fields: [
@@ -36,7 +33,6 @@ export default async function paypalOrderInvoiceHandler({
     const order = orders?.[0]
     if (!order) return
 
-    // Find the PayPal payment session
     const sessions = (order.payment_collections || []).flatMap(
       (pc: any) => pc.payment_sessions || []
     )
@@ -69,7 +65,6 @@ export default async function paypalOrderInvoiceHandler({
       return
     }
 
-    // Build the target invoice_id using display_id (ideal format)
     const settings = await paypal.getSettings().catch(() => ({}))
     const settingsData =
       settings && typeof settings === "object" && "data" in settings
@@ -87,14 +82,9 @@ export default async function paypalOrderInvoiceHandler({
 
     if (!invoiceId) return
 
-    // Get PayPal access token
     const creds = await paypal.getActiveCredentials()
     const { accessToken, base } = await getPayPalAccessToken(creds)
 
-    // Check PayPal order status before attempting PATCH.
-    // PayPal only allows PATCH on CREATED or APPROVED orders.
-    // COMPLETED orders (post-capture) are immutable, so skip PATCH and
-    // log the reconciliation mapping instead.
     let paypalOrderStatus = ""
     let currentInvoiceId = ""
     try {
@@ -114,7 +104,6 @@ export default async function paypalOrderInvoiceHandler({
       )
     }
 
-    // Always log the display_id -> paypalOrderId mapping for reconciliation
     console.info("[PayPal] invoice reconciliation mapping:", {
       medusaOrderId: orderId,
       displayId,
@@ -124,7 +113,6 @@ export default async function paypalOrderInvoiceHandler({
       currentInvoiceId,
     })
 
-    // If order is COMPLETED, invoice_id is immutable — skip PATCH
     if (paypalOrderStatus && !PATCHABLE_STATUSES.has(paypalOrderStatus)) {
       console.info(
         `[PayPal] invoice_id PATCH skipped — order status is ${paypalOrderStatus} (immutable).`,
@@ -133,7 +121,6 @@ export default async function paypalOrderInvoiceHandler({
       return
     }
 
-    // If invoice_id already matches target, skip PATCH
     if (currentInvoiceId === invoiceId) {
       console.info(
         `[PayPal] invoice_id already "${invoiceId}" — skipping PATCH`
@@ -141,8 +128,6 @@ export default async function paypalOrderInvoiceHandler({
       return
     }
 
-    // Attempt PATCH only for CREATED/APPROVED orders.
-    // This handles the authorize-only flow where capture hasn't happened yet.
     const patchResp = await fetch(
       `${base}/v2/checkout/orders/${paypalOrderId}`,
       {
@@ -177,7 +162,6 @@ export default async function paypalOrderInvoiceHandler({
       })
     }
   } catch (e: any) {
-    // Non-fatal — never block order placement
     console.warn("[PayPal] paypalOrderInvoiceHandler error:", e?.message || e)
   }
 }