npm - strapi-plugin-payone-provider - Versions diffs - 1.1.2 → 1.2.4 - Mend

strapi-plugin-payone-provider 1.1.2 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/README.md +1045 -330
package/admin/src/index.js +4 -1
package/admin/src/pages/App/components/AppHeader.js +37 -0
package/admin/src/pages/App/components/AppTabs.js +126 -0
package/admin/src/pages/App/components/ConfigurationPanel.js +34 -35
package/admin/src/pages/App/components/GooglePaybutton.js +300 -0
package/admin/src/pages/App/components/HistoryPanel.js +25 -38
package/admin/src/pages/App/components/PaymentActionsPanel.js +95 -280
package/admin/src/pages/App/components/TransactionHistoryItem.js +4 -1
package/admin/src/pages/App/components/paymentActions/AuthorizationForm.js +93 -0
package/admin/src/pages/App/components/paymentActions/CaptureForm.js +64 -0
package/admin/src/pages/App/components/paymentActions/PaymentMethodSelector.js +52 -0
package/admin/src/pages/App/components/paymentActions/PaymentResult.js +85 -0
package/admin/src/pages/App/components/paymentActions/PreauthorizationForm.js +93 -0
package/admin/src/pages/App/components/paymentActions/RefundForm.js +89 -0
package/admin/src/pages/App/index.js +41 -465
package/admin/src/pages/App/styles.css +294 -0
package/admin/src/pages/constants/paymentConstants.js +37 -0
package/admin/src/pages/hooks/usePaymentActions.js +271 -0
package/admin/src/pages/hooks/useSettings.js +111 -0
package/admin/src/pages/hooks/useTransactionHistory.js +87 -0
package/admin/src/pages/utils/api.js +10 -0
package/admin/src/pages/utils/injectGooglePayScript.js +31 -0
package/admin/src/pages/utils/paymentUtils.js +113 -13
package/package.json +1 -1
package/server/controllers/payone.js +71 -64
package/server/routes/index.js +17 -0
package/server/services/paymentService.js +214 -0
package/server/services/payone.js +25 -648
package/server/services/settingsService.js +59 -0
package/server/services/testConnectionService.js +190 -0
package/server/services/transactionService.js +114 -0
package/server/utils/normalize.js +51 -0
package/server/utils/paymentMethodParams.js +126 -0
package/server/utils/requestBuilder.js +110 -0
package/server/utils/responseParser.js +80 -0

package/README.md CHANGED Viewed

@@ -10,13 +10,8 @@ A comprehensive Strapi plugin that integrates the Payone payment gateway into yo
 - [Configuration](#configuration)
 - [Getting Started](#getting-started)
 - [Usage](#usage)
-  - [Admin Panel](#admin-panel)
-  - [API Endpoints](#api-endpoints)
+- [Payment Methods & Operations](#-payment-methods--operations)
 - [Supported Payment Methods](#supported-payment-methods)
-- [Payment Operations](#payment-operations)
-- [Transaction History](#transaction-history)
-- [Troubleshooting](#troubleshooting)
-- [License](#license)
 ## ✨ Features
@@ -24,8 +19,8 @@ A comprehensive Strapi plugin that integrates the Payone payment gateway into yo
 - **Payment Operations**:
   - Preauthorization (reserve funds)
   - Authorization (immediate charge)
-  - Capture (complete preauthorized transactions) — currently Credit Card only
-  - Refund (return funds to customers) — currently Credit Card only
+  - Capture (complete preauthorized transactions)
+  - Refund (return funds to customers)
 - **Admin Panel**:
   - Easy configuration interface
   - Transaction history viewer with filtering
@@ -57,50 +52,17 @@ You will need the following credentials from your Payone account:
 ## 📦 Installation
-### Option 1: Install from npm (if published)
+### Install from npm
 ```bash
-npm install payone-provider
-```
-### Option 2: Manual Installation
-1. Copy the `payone-provider` folder to your Strapi project's `src/plugins/` directory:
-```bash
-# From your Strapi project root
-mkdir -p src/plugins
-cp -r /path/to/payone-provider src/plugins/
-```
-2. Install the plugin dependencies:
-```bash
-npm install
-```
-3. Enable the plugin by adding it to your `config/plugins.js` (or `config/plugins.ts`):
-```javascript
-module.exports = {
-  // ... other plugins
-  'payone-provider': {
-    enabled: true,
-    resolve: './src/plugins/payone-provider',
-  },
-};
-```
+# Using npm
+npm install strapi-plugin-payone-provider
-4. Rebuild your Strapi admin panel:
+# Using yarn
+yarn add strapi-plugin-payone-provider
-```bash
-npm run build
-```
-5. Restart your Strapi application:
-```bash
-npm run develop
+# Using pnpm
+pnpm add strapi-plugin-payone-provider
 ```
 ## ⚙️ Configuration
@@ -122,49 +84,6 @@ After installation, you need to configure your Payone credentials:
 5. Click **"Test Connection"** to verify your credentials
 6. Click **"Save Configuration"** to store your settings
-### Manual Configuration (Alternative)
-You can also configure the plugin programmatically by adding settings to your `config/plugins.js`:
-```javascript
-module.exports = {
-  'payone-provider': {
-    enabled: true,
-    resolve: './src/plugins/payone-provider',
-    config: {
-      settings: {
-        aid: 'YOUR_ACCOUNT_ID',
-        portalid: 'YOUR_PORTAL_ID',
-        mid: 'YOUR_MERCHANT_ID',
-        key: 'YOUR_PORTAL_KEY',
-        mode: 'test', // or 'live'
-        api_version: '3.10',
-      },
-    },
-  },
-};
-```
-> ⚠️ **Security Warning**: Never commit your production credentials to version control. Use environment variables instead:
-```javascript
-module.exports = {
-  'payone-provider': {
-    enabled: true,
-    config: {
-      settings: {
-        aid: process.env.PAYONE_AID,
-        portalid: process.env.PAYONE_PORTAL_ID,
-        mid: process.env.PAYONE_MID,
-        key: process.env.PAYONE_KEY,
-        mode: process.env.PAYONE_MODE || 'test',
-        api_version: '3.10',
-      },
-    },
-  },
-};
-```
 ## 🚀 Getting Started
 ### 1. Test Your Connection
@@ -179,65 +98,62 @@ After configuring your credentials:
 ### 2. Try a Test Payment
 1. Go to the **Payment Actions** tab
-2. Try a **Preauthorization** operation (currently test UI supports Credit Card only):
+2. Try a **Preauthorization** operation:
    - Amount: 1000 (equals 10.00 EUR in cents)
    - Reference: Leave empty for auto-generation
    - Click **"Execute Preauthorization"**
 3. Check the **Transaction History** tab to see the logged transaction
-### 3. Review Transaction History
-1. Navigate to the **Transaction History** tab
-2. View all payment operations
-3. Use filters to search for specific transactions
-4. Click on any transaction to view full details
 ## 📖 Usage
-### Admin Panel
+### Base URL
-The plugin adds a new menu item **"Payone Provider"** to your Strapi admin panel with three tabs:
+All API endpoints are available at:
-#### 1. Configuration Tab
+**Content API (Frontend)**: `/api/strapi-plugin-payone-provider`
-- Configure Payone API credentials
-- Test connection to Payone servers
-- Switch between test and live modes
+**Admin API**: `/strapi-plugin-payone-provider`
-#### 2. Transaction History Tab
+> ⚠️ **Authentication Required**: All endpoints require authentication. Include your Bearer token in the Authorization header.
-- View all payment transactions
-- Filter by status, type, transaction ID, reference, or date range
-- View detailed request/response data for each transaction
-- Pagination support for large transaction lists
+### Common Request Headers
+```javascript
+{
+  "Content-Type": "application/json",
+  "Authorization": "Bearer YOUR_AUTH_TOKEN"
+}
+```
-#### 3. Payment Actions Tab
+### Common Response Fields
-- Test payment operations without writing code
-- Execute preauthorizations, authorizations, captures, and refunds
-- View real-time results and error messages
+All responses include:
-### API Endpoints
+- `status`: Transaction status (APPROVED, ERROR, REDIRECT, etc.)
+- `txid`: Transaction ID (for successful transactions)
+- `errorcode`: Error code (if status is ERROR)
+- `errormessage`: Error message (if status is ERROR)
-The plugin provides REST API endpoints for programmatic access:
+---
-#### Content API Endpoints (Public with Auth Policy)
+## 💳 Payment Methods & Operations
-All content API endpoints require authentication via the `isAuth` policy. These are meant for your frontend application.
+### Credit Card
-Base URL: `/api/payone-provider`
+<details>
+<summary><strong>Credit Card Payment Method</strong></summary>
-##### POST `/api/payone-provider/preauthorization`
+#### Preauthorization
-Reserve funds on a customer's card without immediate charge.
+**URL**: `POST /api/strapi-plugin-payone-provider/preauthorization`
-**Request Body:**
+**Request Body**:
 ```json
 {
   "amount": 1000,
   "currency": "EUR",
-  "reference": "ORDER-12345",
+  "reference": "PAY1234567890ABCDEF",
   "clearingtype": "cc",
   "cardtype": "V",
   "cardpan": "4111111111111111",
@@ -245,15 +161,24 @@ Reserve funds on a customer's card without immediate charge.
   "cardcvc2": "123",
   "firstname": "John",
   "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
   "street": "Main Street 123",
   "zip": "12345",
   "city": "Berlin",
   "country": "DE",
-  "email": "john.doe@example.com"
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
 }
 ```
-**Response:**
+**Response**:
 ```json
 {
@@ -265,307 +190,1097 @@ Reserve funds on a customer's card without immediate charge.
 }
 ```
-##### POST `/api/payone-provider/authorization`
+#### Authorization
+**URL**: `POST /api/strapi-plugin-payone-provider/authorization`
+**Request Body**: (Same as Preauthorization)
-Immediately charge a customer's card.
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "cc",
+  "cardtype": "V",
+  "cardpan": "4111111111111111",
+  "cardexpiredate": "2512",
+  "cardcvc2": "123",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
-**Request Body:** (Same as preauthorization)
+**Response**:
-> Note: For redirect-based methods (PayPal, Online Banking) you must provide `successurl`, `errorurl`, and `backurl`. The plugin will auto-fill safe defaults when missing, using `settings.return_base` or `PAYONE_RETURN_BASE`/`FRONTEND_URL`/`NEXT_PUBLIC_SITE_URL`.
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789",
+    "userid": "987654321"
+  }
+}
+```
-##### POST `/api/payone-provider/capture`
+#### Capture
-Complete a preauthorized transaction and capture the funds.
+**URL**: `POST /api/strapi-plugin-payone-provider/capture`
-**Request Body:**
+**Request Body**:
 ```json
 {
   "txid": "123456789",
   "amount": 1000,
-  "currency": "EUR"
+  "currency": "EUR",
+  "sequencenumber": 1
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
 }
 ```
-##### POST `/api/payone-provider/refund`
+#### Refund
-Refund a captured transaction.
+**URL**: `POST /api/strapi-plugin-payone-provider/refund`
-**Request Body:**
+**Request Body**:
 ```json
 {
   "txid": "123456789",
   "amount": -1000,
   "currency": "EUR",
-  "reference": "REFUND-12345",
+  "reference": "REF1234567890ABCDEF",
   "sequencenumber": 2
 }
 ```
-#### Admin API Endpoints
+**Response**:
-These endpoints require admin authentication and are available at `/payone-provider/`.
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
-- `GET /payone-provider/settings` - Get current settings
-- `PUT /payone-provider/settings` - Update settings
-- `GET /payone-provider/transaction-history` - Get transaction history
-- `POST /payone-provider/test-connection` - Test Payone connection
-- All payment operation endpoints (same as content API)
+</details>
-### JavaScript/TypeScript Usage Example
+---
-```javascript
-// In your frontend application
-import axios from 'axios';
-const processPayment = async (orderData) => {
-  try {
-    // Step 1: Preauthorize the payment
-    const preauth = await axios.post(
-      'http://localhost:1337/api/payone-provider/preauthorization',
-      {
-        amount: orderData.amount, // in cents, e.g., 1000 = 10.00 EUR
-        currency: 'EUR',
-        reference: orderData.orderId,
-        clearingtype: 'cc',
-        cardtype: 'V', // Visa
-        cardpan: orderData.cardNumber,
-        cardexpiredate: orderData.cardExpiry, // YYMM format
-        cardcvc2: orderData.cardCvc,
-        firstname: orderData.firstName,
-        lastname: orderData.lastName,
-        street: orderData.street,
-        zip: orderData.zip,
-        city: orderData.city,
-        country: orderData.country,
-        email: orderData.email,
-      },
-      {
-        headers: {
-          Authorization: `Bearer ${yourAuthToken}`,
-        },
-      }
-    );
-    if (preauth.data.data.status === 'APPROVED') {
-      const txid = preauth.data.data.txid;
-      // Step 2: Capture the preauthorized amount
-      const capture = await axios.post(
-        'http://localhost:1337/api/payone-provider/capture',
-        {
-          txid: txid,
-          amount: orderData.amount,
-          currency: 'EUR',
-        },
-        {
-          headers: {
-            Authorization: `Bearer ${yourAuthToken}`,
-          },
-        }
-      );
-      return {
-        success: true,
-        transactionId: txid,
-      };
-    }
-  } catch (error) {
-    console.error('Payment failed:', error);
-    return {
-      success: false,
-      error: error.message,
-    };
-  }
-};
+### PayPal
+<details>
+<summary><strong>PayPal Payment Method</strong></summary>
+#### Preauthorization
+**URL**: `POST /api/strapi-plugin-payone-provider/preauthorization`
+**Request Body**:
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "PPE",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
 ```
-## 💳 Payment Operations
+**Response**:
-## ✅ Supported Payment Methods
+```json
+{
+  "data": {
+    "status": "REDIRECT",
+    "txid": "123456789",
+    "redirecturl": "https://secure.pay1.de/redirect/..."
+  }
+}
+```
-The plugin supports the following Payone clearing types. Required fields are listed per method. All methods also require the common customer and address fields shown below.
+#### Authorization
-Common required fields (all methods):
+**URL**: `POST /api/strapi-plugin-payone-provider/authorization`
-- `amount` (in cents), `currency`, `reference` (max 20 chars; auto-normalized)
-- `firstname`, `lastname`, `email`, `telephonenumber`
-- `street`, `zip`, `city`, `country`
+**Request Body**: (Same as Preauthorization)
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "PPE",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
-Credit Card (`clearingtype = cc`):
+**Response**:
-- Required: `cardtype` (V/M/A...), `cardpan`, `cardexpiredate` (MMyy), `cardcvc2`
-- Operations: preauthorization, authorization, capture, refund
-- Test payment in Admin currently supported for Credit Card only
+```json
+{
+  "data": {
+    "status": "REDIRECT",
+    "txid": "123456789",
+    "redirecturl": "https://secure.pay1.de/redirect/..."
+  }
+}
+```
-PayPal Wallet (`clearingtype = wlt`, `wallettype = PPE`):
+#### Capture
-- Required: `successurl`, `errorurl`, `backurl` (redirect URLs)
-- Recommended shipping fields: `shipping_firstname`, `shipping_lastname`, `shipping_street`, `shipping_zip`, `shipping_city`, `shipping_country`
-- Operations: preauthorization, authorization (capture/refund roadmap)
+**URL**: `POST /api/strapi-plugin-payone-provider/capture`
-SEPA Direct Debit (`clearingtype = elv`):
+**Request Body**:
-- Required: `iban`, `bic`, `bankaccountholder`, `bankcountry`
-- Operations: preauthorization, authorization (capture/refund roadmap)
+```json
+{
+  "txid": "123456789",
+  "amount": 1000,
+  "currency": "EUR",
+  "sequencenumber": 1,
+  "capturemode": "full"
+}
+```
-Online Banking/PNT (`clearingtype = sb`):
+**Response**:
-- Required: `onlinebanktransfertype` (e.g. `PNT`), `bankcountry`, redirect URLs (`successurl`, `errorurl`, `backurl`)
-- Operations: authorization (capture/refund roadmap)
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
-Notes:
+#### Refund
-- The plugin normalizes `reference` server-side to comply with Payone (alphanumeric only, max 20 chars, auto-generated fallback).
-- For redirect flows, the plugin auto-fills redirect URLs when missing using a base URL from settings or environment.
+**URL**: `POST /api/strapi-plugin-payone-provider/refund`
-### Preauthorization vs Authorization
+**Request Body**:
-- **Preauthorization**: Reserves funds on the customer's card but doesn't charge it immediately. Use this when you need to verify funds availability before fulfilling an order (e.g., hotel bookings, rentals). You must later call "Capture" to actually charge the card.
+```json
+{
+  "txid": "123456789",
+  "amount": -1000,
+  "currency": "EUR",
+  "reference": "REF1234567890ABCDEF",
+  "sequencenumber": 2
+}
+```
-- **Authorization**: Immediately charges the customer's card. Use this for instant payments (e.g., e-commerce purchases).
+**Response**:
-### Capture
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
-After a successful preauthorization, you must capture the transaction to receive the funds. Captures can be:
+</details>
-- **Full capture**: Capture the entire preauthorized amount
-- **Partial capture**: Capture less than the preauthorized amount
+---
-### Refund
+### Google Pay
-Refunds return money to the customer. Important notes:
+<details>
+<summary><strong>Google Pay Payment Method</strong></summary>
-- Amount must be negative (e.g., -1000 for 10.00 EUR)
-- Requires a valid transaction ID (txid)
-- Requires a sequence number (start with 2, increment for each additional refund on same transaction)
+#### Overview
-> Current limitation: Capture and Refund are implemented for Credit Card only. Support for PayPal/SEPA/Online Banking will be added in future updates.
+Google Pay integration requires obtaining an encrypted payment token from Google Pay API and sending it to Payone. The token must be Base64 encoded before sending to Payone.
-## 📊 Transaction History
+#### Getting Google Pay Token
-All payment operations are automatically logged to the transaction history. Each entry includes:
+**1. Include Google Pay Script**
-- **Transaction ID (txid)**: Payone's unique transaction identifier
-- **Reference**: Your custom order/payment reference
-- **Type**: Operation type (authorization, preauthorization, capture, refund)
-- **Amount**: Transaction amount in cents
-- **Currency**: Currency code (EUR, USD, etc.)
-- **Status**: APPROVED, ERROR, REDIRECT, etc.
-- **Timestamp**: When the transaction occurred
-- **Raw Request/Response**: Complete API request and response data for debugging
+```html
+<script async src="https://pay.google.com/gp/p/js/pay.js"></script>
+```
-### Filtering Transactions
+**2. Initialize Google Pay**
-Use the filters in the Transaction History tab to find specific transactions:
+```javascript
+const paymentsClient = new google.payments.api.PaymentsClient({
+  environment: 'TEST', // or "PRODUCTION" for live
+});
-- **Status**: Filter by APPROVED, ERROR, etc.
-- **Type**: Filter by operation type
-- **Transaction ID**: Search by specific txid
-- **Reference**: Search by your order reference
-- **Date Range**: Filter by date
+const baseRequest = {
+  apiVersion: 2,
+  apiVersionMinor: 0,
+};
-## 🔍 Troubleshooting
+const allowedCardNetworks = ['MASTERCARD', 'VISA'];
+const allowedAuthMethods = ['PAN_ONLY', 'CRYPTOGRAM_3DS'];
-### Connection Test Fails
+const tokenizationSpecification = {
+  type: 'PAYMENT_GATEWAY',
+  parameters: {
+    gateway: 'payonegmbh',
+    gatewayMerchantId: 'YOUR_PAYONE_MERCHANT_ID', // Use your Payone MID or Portal ID
+  },
+};
-**Problem**: "Authentication failed" or "Invalid credentials"
+const cardPaymentMethod = {
+  type: 'CARD',
+  parameters: {
+    allowedCardNetworks,
+    allowedAuthMethods,
+  },
+  tokenizationSpecification,
+};
-**Solutions**:
+const isReadyToPayRequest = Object.assign({}, baseRequest);
+isReadyToPayRequest.allowedPaymentMethods = [cardPaymentMethod];
-1. Verify your AID, Portal ID, Merchant ID, and Portal Key are correct
-2. Ensure you're using the correct mode (test/live)
-3. Check that your Payone account is active and not suspended
-4. Verify the Portal Key is the MD5 hash key from your Payone PMI
+paymentsClient.isReadyToPay(isReadyToPayRequest).then(function (response) {
+  if (response.result) {
+    // Google Pay is available, show button
+  }
+});
+```
-### Payment Gets Rejected
+**3. Create Payment Button and Get Token**
-**Problem**: Transactions return ERROR status
+```javascript
+const paymentDataRequest = Object.assign({}, baseRequest);
+paymentDataRequest.allowedPaymentMethods = [cardPaymentMethod];
+paymentDataRequest.transactionInfo = {
+  totalPriceStatus: 'FINAL',
+  totalPrice: '10.00',
+  currencyCode: 'EUR',
+};
+paymentDataRequest.merchantInfo = {
+  merchantId: 'YOUR_GOOGLE_MERCHANT_ID', // Optional: from Google Console
+  merchantName: 'Your Merchant Name',
+};
-**Common Causes**:
+const button = paymentsClient.createButton({
+  onClick: async () => {
+    try {
+      const paymentData = await paymentsClient.loadPaymentData(paymentDataRequest);
+      const token = paymentData.paymentMethodData.tokenizationData.token;
-1. **Invalid card data**: Check card number, expiry date, and CVC
-2. **Insufficient funds**: Test cards may have limits
-3. **Duplicate reference**: Each transaction needs a unique reference
-4. **Missing required fields**: Ensure all required customer data is provided
-5. **Test mode restrictions**: Some features may be limited in test mode
+      // Token is a JSON string, encode it to Base64 for Payone
+      const base64Token = btoa(unescape(encodeURIComponent(token)));
-**Debug Steps**:
+      // Send to your backend
+      await fetch('/api/strapi-plugin-payone-provider/preauthorization', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          Authorization: 'Bearer YOUR_TOKEN',
+        },
+        body: JSON.stringify({
+          amount: 1000,
+          currency: 'EUR',
+          reference: 'PAY1234567890ABCDEF',
+          googlePayToken: base64Token,
+        }),
+      });
+    } catch (error) {
+      console.error('Google Pay error:', error);
+    }
+  },
+});
-1. Check the Transaction History for error codes and messages
-2. Review the raw response data for detailed error information
-3. Consult the Payone API documentation for error code meanings
-4. Check your Strapi server logs for detailed error traces
+document.getElementById('google-pay-button').appendChild(button);
+```
-### Plugin Not Appearing in Admin
+**Token Format**
-**Problem**: Payone Provider menu item doesn't appear
+The token from Google Pay is a JSON string with the following structure:
-**Solutions**:
+```json
+{
+  "signature": "MEUCIFr4ETGzv0uLZX3sR+i1ScARXnRBrncyYFDX/TI/VSLCAiEAvC/Q4dqXMQhwcSdg/ZvXj8+up0wXsfHja3V/6z48/vk=",
+  "intermediateSigningKey": {
+    "signedKey": "{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE7PWUi+e6WPUhNmTSQ2WN006oWlcWy0FtBWizw9sph1wvX9XcXUNRLcfcsmCBfI5IsKQkjAmYxpCSB+L5sIudLw\\u003d\\u003d\",\"keyExpiration\":\"1722393105282\"}",
+    "signatures": ["MEUCIQCpU30A3g2pP93IBE5NxgO9ZcJlGF9YPzCZS7H4/IR1CQIgF6+I5t8olT8YsRDUcj7w3R1bvX4ZCcyFXE2+YXa+3H0="]
+  },
+  "protocolVersion": "ECv2",
+  "signedMessage": "{\"encryptedMessage\":\"...\",\"ephemeralPublicKey\":\"...\",\"tag\":\"...\"}"
+}
+```
-1. Ensure the plugin is enabled in `config/plugins.js`
-2. Run `npm run build` to rebuild the admin panel
-3. Clear your browser cache and refresh
-4. Restart your Strapi server
-5. Check browser console for JavaScript errors
+**Important**: The token must be Base64 encoded before sending to Payone.
-### API Requests Return 403 Forbidden
+#### Preauthorization
-**Problem**: Content API endpoints return authorization errors
+**URL**: `POST /api/strapi-plugin-payone-provider/preauthorization`
-**Solutions**:
+**Request Body**:
-1. Ensure you're sending a valid authentication token
-2. Check that the `isAuth` policy is properly configured
-3. Verify your user has the necessary permissions
-4. Review Strapi's role and permissions settings
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "GGP",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "googlePayToken": "BASE64_ENCODED_TOKEN",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
-### Transactions Not Logging
+**Payone Request Parameters** (automatically added by plugin):
-**Problem**: Transaction history is empty
+```json
+{
+  "request": "preauthorization",
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "GGP",
+  "add_paydata[paymentmethod_token_data]": "BASE64_ENCODED_TOKEN",
+  "add_paydata[paymentmethod]": "GGP",
+  "add_paydata[paymentmethod_type]": "GOOGLEPAY",
+  "add_paydata[gatewayid]": "payonegmbh",
+  "add_paydata[gateway_merchantid]": "YOUR_PAYONE_MERCHANT_ID",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back"
+}
+```
-**Solutions**:
+**Response**:
-1. Check that requests are actually reaching Payone (check server logs)
-2. Verify database write permissions
-3. Check for JavaScript errors in the browser console
-4. Ensure the plugin store is accessible
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
-## 🔐 Security Best Practices
+#### Authorization
-1. **Never expose your Portal Key**: Keep it secure and never commit it to version control
-2. **Use environment variables**: Store credentials in `.env` files (excluded from git)
-3. **Enable HTTPS**: Always use HTTPS in production for API requests
-4. **Validate user input**: Always validate and sanitize payment data on the server side
-5. **Use test mode**: Test thoroughly in test mode before going live
-6. **Monitor transactions**: Regularly review transaction history for suspicious activity
-7. **PCI Compliance**: If handling card data directly, ensure PCI DSS compliance
+**URL**: `POST /api/strapi-plugin-payone-provider/authorization`
-## 📝 License
+**Request Body**: (Same as Preauthorization, include `googlePayToken`)
-MIT
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "GGP",
+  "googlePayToken": "BASE64_ENCODED_TOKEN",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back"
+}
+```
-## 🤝 Support
+**Response**:
-If you encounter issues or need help:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
-1. Check this README thoroughly
-2. Review your Strapi server logs
-3. Consult the [Payone API Documentation](https://docs.payone.com/)
-4. Check the Transaction History for detailed error messages
+#### Capture
-## 🔄 Updates
+**URL**: `POST /api/strapi-plugin-payone-provider/capture`
-To update the plugin:
+**Request Body**:
-```bash
-npm update payone-provider
-npm run build
+```json
+{
+  "txid": "123456789",
+  "amount": 1000,
+  "currency": "EUR",
+  "sequencenumber": 1
+}
 ```
-Then restart your Strapi application.
+**Response**:
----
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+#### Refund
+**URL**: `POST /api/strapi-plugin-payone-provider/refund`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": -1000,
+  "currency": "EUR",
+  "reference": "REF1234567890ABCDEF",
+  "sequencenumber": 2
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+#### Required Parameters for Google Pay
+- `clearingtype`: Must be `"wlt"` (wallet)
+- `wallettype`: Must be `"GGP"` (Google Pay)
+- `add_paydata[paymentmethod_token_data]`: Base64 encoded Google Pay token (automatically added by plugin)
+- `add_paydata[paymentmethod]`: `"GGP"` (automatically added by plugin)
+- `add_paydata[paymentmethod_type]`: `"GOOGLEPAY"` (automatically added by plugin)
+- `add_paydata[gatewayid]`: `"payonegmbh"` (automatically added by plugin)
+- `add_paydata[gateway_merchantid]`: Your Payone Merchant ID (automatically added by plugin)
+- Shipping address parameters (required for wallet payments)
+</details>
+---
+### Apple Pay
+<details>
+<summary><strong>Apple Pay Payment Method</strong></summary>
+#### Preauthorization
+**URL**: `POST /api/strapi-plugin-payone-provider/preauthorization`
+**Request Body**:
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "APL",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "REDIRECT",
+    "txid": "123456789",
+    "redirecturl": "https://secure.pay1.de/redirect/..."
+  }
+}
+```
+#### Authorization
+**URL**: `POST /api/strapi-plugin-payone-provider/authorization`
+**Request Body**: (Same as Preauthorization)
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "wlt",
+  "wallettype": "APL",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "shipping_firstname": "John",
+  "shipping_lastname": "Doe",
+  "shipping_street": "Main Street 123",
+  "shipping_zip": "12345",
+  "shipping_city": "Berlin",
+  "shipping_country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "REDIRECT",
+    "txid": "123456789",
+    "redirecturl": "https://secure.pay1.de/redirect/..."
+  }
+}
+```
+#### Capture
+**URL**: `POST /api/strapi-plugin-payone-provider/capture`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": 1000,
+  "currency": "EUR",
+  "sequencenumber": 1,
+  "capturemode": "full"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+#### Refund
+**URL**: `POST /api/strapi-plugin-payone-provider/refund`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": -1000,
+  "currency": "EUR",
+  "reference": "REF1234567890ABCDEF",
+  "sequencenumber": 2
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+</details>
+---
+### SEPA Direct Debit
+<details>
+<summary><strong>SEPA Direct Debit Payment Method</strong></summary>
+#### Preauthorization
+**URL**: `POST /api/strapi-plugin-payone-provider/preauthorization`
+**Request Body**:
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "elv",
+  "iban": "DE89370400440532013000",
+  "bic": "COBADEFFXXX",
+  "bankaccountholder": "John Doe",
+  "bankcountry": "DE",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789",
+    "userid": "987654321"
+  }
+}
+```
+#### Authorization
+**URL**: `POST /api/strapi-plugin-payone-provider/authorization`
+**Request Body**: (Same as Preauthorization)
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "elv",
+  "iban": "DE89370400440532013000",
+  "bic": "COBADEFFXXX",
+  "bankaccountholder": "John Doe",
+  "bankcountry": "DE",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789",
+    "userid": "987654321"
+  }
+}
+```
+#### Capture
+**URL**: `POST /api/strapi-plugin-payone-provider/capture`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": 1000,
+  "currency": "EUR",
+  "sequencenumber": 1
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+#### Refund
+**URL**: `POST /api/strapi-plugin-payone-provider/refund`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": -1000,
+  "currency": "EUR",
+  "reference": "REF1234567890ABCDEF",
+  "sequencenumber": 2
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+</details>
+---
+### Sofort Banking
+<details>
+<summary><strong>Sofort Banking Payment Method</strong></summary>
+#### Preauthorization
+**URL**: `POST /api/strapi-plugin-payone-provider/preauthorization`
+**Request Body**:
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "sb",
+  "onlinebanktransfertype": "PNT",
+  "bankcountry": "DE",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "REDIRECT",
+    "txid": "123456789",
+    "redirecturl": "https://secure.pay1.de/redirect/..."
+  }
+}
+```
+#### Authorization
+**URL**: `POST /api/strapi-plugin-payone-provider/authorization`
+**Request Body**: (Same as Preauthorization)
+```json
+{
+  "amount": 1000,
+  "currency": "EUR",
+  "reference": "PAY1234567890ABCDEF",
+  "clearingtype": "sb",
+  "onlinebanktransfertype": "PNT",
+  "bankcountry": "DE",
+  "firstname": "John",
+  "lastname": "Doe",
+  "email": "john.doe@example.com",
+  "telephonenumber": "+4917512345678",
+  "street": "Main Street 123",
+  "zip": "12345",
+  "city": "Berlin",
+  "country": "DE",
+  "successurl": "https://www.example.com/success",
+  "errorurl": "https://www.example.com/error",
+  "backurl": "https://www.example.com/back",
+  "salutation": "Herr",
+  "gender": "m",
+  "ip": "127.0.0.1",
+  "language": "de",
+  "customer_is_present": "yes"
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "REDIRECT",
+    "txid": "123456789",
+    "redirecturl": "https://secure.pay1.de/redirect/..."
+  }
+}
+```
+#### Capture
+**URL**: `POST /api/strapi-plugin-payone-provider/capture`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": 1000,
+  "currency": "EUR",
+  "sequencenumber": 1
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+#### Refund
+**URL**: `POST /api/strapi-plugin-payone-provider/refund`
+**Request Body**:
+```json
+{
+  "txid": "123456789",
+  "amount": -1000,
+  "currency": "EUR",
+  "reference": "REF1234567890ABCDEF",
+  "sequencenumber": 2
+}
+```
+**Response**:
+```json
+{
+  "data": {
+    "status": "APPROVED",
+    "txid": "123456789"
+  }
+}
+```
+</details>
+---
+## ✅ Supported Payment Methods
+Click on any payment method to see detailed API documentation:
+- [Credit Card](#credit-card)
+- [PayPal](#paypal)
+- [Google Pay](#google-pay)
+- [Apple Pay](#apple-pay)
+- [SEPA Direct Debit](#sepa-direct-debit)
+- [Sofort Banking](#sofort-banking)
+---
+## 📝 Notes
+### Important Parameters
+- **amount**: Always in cents (e.g., 1000 = 10.00 EUR)
+- **reference**: Max 20 characters, alphanumeric only. Auto-normalized by the plugin.
+- **cardexpiredate**: Format is YYMM (e.g., "2512" = December 2025)
+- **sequencenumber**: Start with 1 for capture, 2 for first refund, increment for subsequent refunds
+- **Refund amount**: Must be negative (e.g., -1000 for 10.00 EUR refund)
+### Redirect URLs
+For redirect-based payment methods (PayPal, Google Pay, Apple Pay, Sofort), you must provide:
+- `successurl`: URL to redirect after successful payment
+- `errorurl`: URL to redirect after payment error
+- `backurl`: URL to redirect if user cancels payment
+### Preauthorization vs Authorization
+- **Preauthorization**: Reserves funds but doesn't charge immediately. Requires a Capture call later.
+- **Authorization**: Immediately charges the customer's payment method.
+### Capture Mode
+For wallet payments (PayPal, Google Pay, Apple Pay), you can specify:
-**Made with ❤️ for Strapi**
+- `capturemode: "full"`: Capture the entire preauthorized amount
+- `capturemode: "partial"`: Capture less than the preauthorized amount