strapi-plugin-payone-provider 1.1.3 → 1.3.0

package/server/services/settingsService.js

@@ -0,0 +1,59 @@
+"use strict";
+
+const PLUGIN_NAME = "strapi-plugin-payone-provider";
+
+/**
+ * Get plugin store instance
+ * @param {Object} strapi - Strapi instance
+ * @returns {Object} Plugin store
+ */
+const getPluginStore = (strapi) => {
+  return strapi.store({
+    environment: "",
+    type: "plugin",
+    name: PLUGIN_NAME
+  });
+};
+
+/**
+ * Get Payone settings
+ * @param {Object} strapi - Strapi instance
+ * @returns {Promise<Object>} Settings
+ */
+const getSettings = async (strapi) => {
+  const pluginStore = getPluginStore(strapi);
+  return await pluginStore.get({ key: "settings" });
+};
+
+/**
+ * Update Payone settings
+ * @param {Object} strapi - Strapi instance
+ * @param {Object} settings - Settings to update
+ * @returns {Promise<Object>} Updated settings
+ */
+const updateSettings = async (strapi, settings) => {
+  const pluginStore = getPluginStore(strapi);
+  await pluginStore.set({
+    key: "settings",
+    value: settings
+  });
+  return settings;
+};
+
+/**
+ * Validate settings
+ * @param {Object} settings - Settings to validate
+ * @returns {boolean} True if valid
+ */
+const validateSettings = (settings) => {
+  return !!(settings && settings.aid && settings.portalid && settings.key);
+};
+
+module.exports = {
+  getSettings,
+  updateSettings,
+  validateSettings,
+  getPluginStore,
+  PLUGIN_NAME
+};
+

package/server/services/testConnectionService.js

@@ -0,0 +1,190 @@
+"use strict";
+
+const axios = require("axios");
+const { buildClientRequestParams, toFormData } = require("../utils/requestBuilder");
+const { parseResponse } = require("../utils/responseParser");
+const { getSettings, validateSettings } = require("./settingsService");
+
+const POST_GATEWAY_URL = "https://api.pay1.de/post-gateway/";
+
+/**
+ * Test Payone connection
+ * @param {Object} strapi - Strapi instance
+ * @returns {Promise<Object>} Test result
+ */
+const testConnection = async (strapi) => {
+  try {
+    const settings = await getSettings(strapi);
+
+    if (!validateSettings(settings)) {
+      return {
+        success: false,
+        message: "Payone settings not configured. Please fill in all required fields."
+      };
+    }
+
+    const timestamp = Date.now();
+    const testParams = {
+      request: "authorization",
+      amount: 100,
+      currency: "EUR",
+      reference: `TEST-${timestamp}`,
+      clearingtype: "cc",
+      cardtype: "V",
+      cardpan: "4111111111111111",
+      cardexpiredate: "2512",
+      cardcvc2: "123",
+      firstname: "Test",
+      lastname: "User",
+      street: "Test Street 1",
+      zip: "12345",
+      city: "Test City",
+      country: "DE",
+      email: "test@example.com",
+      salutation: "Herr",
+      gender: "m",
+      telephonenumber: "01752345678",
+      ip: "127.0.0.1",
+      customer_is_present: "yes",
+      language: "de"
+    };
+
+    const requestParams = buildClientRequestParams(settings, testParams, strapi.log);
+    const formData = toFormData(requestParams);
+
+    const response = await axios.post(POST_GATEWAY_URL, formData, {
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      timeout: 30000
+    });
+
+    const result = parseResponse(response.data, strapi.log);
+    const status = result.status || result.Status || result.STATUS;
+    const errorMessage =
+      result.errormessage ||
+      result.Errormessage ||
+      result.ERRORMESSAGE ||
+      result.error ||
+      result.Error?.ErrorMessage ||
+      "";
+    const errorCode =
+      result.errorcode ||
+      result.Errorcode ||
+      result.ERRORCODE ||
+      result.Error?.ErrorCode ||
+      "";
+    const customErrorMessage =
+      result.customerrormessage ||
+      result.Customerrormessage ||
+      result.CUSTOMERRORMESSAGE ||
+      result.Error?.CustomerMessage ||
+      "";
+
+    strapi.log.info("Payone test connection response:", { status, errorCode });
+
+    // Handle error status
+    if (status === "ERROR" || status === "error") {
+      // Authentication errors
+      if (["2006", "920", "921", "922", "401", "403"].includes(errorCode)) {
+        return {
+          success: false,
+          message: `Authentication failed: ${customErrorMessage || errorMessage || "Invalid credentials"}`,
+          errorcode: errorCode
+        };
+      }
+
+      // Check for invalid credentials in message
+      const errorMessageStr = typeof errorMessage === "string" ? errorMessage : JSON.stringify(errorMessage);
+      const errorMessageLower = (errorMessageStr || "").toLowerCase();
+      const authErrorKeywords = [
+        "key incorrect",
+        "invalid key",
+        "portal key",
+        "unauthorized",
+        "not authorized",
+        "unknown aid",
+        "unknown account",
+        "unknown portal",
+        "unknown merchant",
+        "invalid aid",
+        "invalid mid",
+        "invalid portalid"
+      ];
+
+      if (authErrorKeywords.some((keyword) => errorMessageLower.includes(keyword))) {
+        return {
+          success: false,
+          message: `Authentication failed: ${errorMessageStr}`,
+          errorcode: errorCode || "AUTH"
+        };
+      }
+
+      // Reference already exists (911) means credentials are working
+      if (errorCode === "911") {
+        return {
+          success: true,
+          message: "Connection successful! Your Payone credentials are valid.",
+          details: {
+            mode: settings.mode,
+            aid: settings.aid,
+            portalid: settings.portalid,
+            mid: settings.mid
+          }
+        };
+      }
+
+      // Other errors
+      return {
+        success: false,
+        message: `Connection failed: ${customErrorMessage || errorMessageStr || "Unknown error"}`,
+        errorcode: errorCode,
+        details: {
+          status,
+          errorCode,
+          rawResponse: JSON.stringify(result).substring(0, 200)
+        }
+      };
+    }
+
+    // APPROVED status means connection is OK
+    if (status === "APPROVED" || status === "approved") {
+      return {
+        success: true,
+        message: "Connection successful! Your Payone credentials are valid.",
+        details: {
+          mode: settings.mode,
+          aid: settings.aid,
+          portalid: settings.portalid,
+          mid: settings.mid
+        }
+      };
+    }
+
+    // Unexpected response format
+    return {
+      success: false,
+      message: "Unexpected response format from Payone API",
+      response: result,
+      details: {
+        status,
+        keys: Object.keys(result),
+        rawResponse: JSON.stringify(result).substring(0, 200)
+      }
+    };
+  } catch (error) {
+    strapi.log.error("Payone test connection error:", error);
+    return {
+      success: false,
+      message: `Connection error: ${error.message || "Unknown error"}`,
+      error: error.toString(),
+      details: {
+        errorType: error.constructor.name,
+        stack: error.stack ? error.stack.substring(0, 200) : "No stack trace"
+      }
+    };
+  }
+};
+
+module.exports = {
+  testConnection
+};
+

package/server/services/transactionService.js

@@ -0,0 +1,114 @@
+"use strict";
+
+const { getPluginStore, PLUGIN_NAME } = require("./settingsService");
+
+/**
+ * Log transaction to history
+ * @param {Object} strapi - Strapi instance
+ * @param {Object} transactionData - Transaction data
+ * @returns {Promise<void>}
+ */
+const logTransaction = async (strapi, transactionData) => {
+  const pluginStore = getPluginStore(strapi);
+  let transactionHistory =
+    (await pluginStore.get({ key: "transactionHistory" })) || [];
+
+  const logEntry = {
+    id: Date.now().toString(),
+    timestamp: new Date().toISOString(),
+    txid: transactionData.txid || null,
+    reference: transactionData.reference || null,
+    request_type:
+      transactionData.request_type || transactionData.request || "unknown",
+    amount: transactionData.amount || null,
+    currency: transactionData.currency || "EUR",
+    status: transactionData.status || transactionData.Status || "unknown",
+    error_code:
+      transactionData.error_code || transactionData.Error?.ErrorCode || null,
+    error_message:
+      transactionData.error_message ||
+      transactionData.Error?.ErrorMessage ||
+      null,
+    customer_message:
+      transactionData.customer_message ||
+      transactionData.Error?.CustomerMessage ||
+      null,
+    raw_request: transactionData.raw_request || null,
+    raw_response: transactionData.raw_response || transactionData,
+    created_at: new Date().toISOString(),
+    updated_at: new Date().toISOString()
+  };
+
+  transactionHistory.unshift(logEntry);
+
+  // Keep only last 1000 transactions
+  if (transactionHistory.length > 1000) {
+    transactionHistory = transactionHistory.slice(0, 1000);
+  }
+
+  await pluginStore.set({
+    key: "transactionHistory",
+    value: transactionHistory
+  });
+
+  strapi.log.info("Transaction logged:", logEntry);
+};
+
+/**
+ * Get transaction history with filters
+ * @param {Object} strapi - Strapi instance
+ * @param {Object} filters - Filter options
+ * @returns {Promise<Array>} Filtered transaction history
+ */
+const getTransactionHistory = async (strapi, filters = {}) => {
+  const pluginStore = getPluginStore(strapi);
+  let transactionHistory =
+    (await pluginStore.get({ key: "transactionHistory" })) || [];
+
+  // Apply filters
+  if (filters.status) {
+    transactionHistory = transactionHistory.filter(
+      (transaction) => transaction.status === filters.status
+    );
+  }
+
+  if (filters.request_type) {
+    transactionHistory = transactionHistory.filter(
+      (transaction) => transaction.request_type === filters.request_type
+    );
+  }
+
+  if (filters.txid) {
+    transactionHistory = transactionHistory.filter(
+      (transaction) => transaction.txid === filters.txid
+    );
+  }
+
+  if (filters.reference) {
+    transactionHistory = transactionHistory.filter(
+      (transaction) => transaction.reference === filters.reference
+    );
+  }
+
+  if (filters.date_from) {
+    transactionHistory = transactionHistory.filter(
+      (transaction) =>
+        new Date(transaction.timestamp) >= new Date(filters.date_from)
+    );
+  }
+
+  if (filters.date_to) {
+    transactionHistory = transactionHistory.filter(
+      (transaction) =>
+        new Date(transaction.timestamp) <= new Date(filters.date_to)
+    );
+  }
+
+  return transactionHistory;
+};
+
+module.exports = {
+  logTransaction,
+  getTransactionHistory
+};
+

package/server/utils/normalize.js

@@ -0,0 +1,51 @@
+"use strict";
+
+/**
+ * Normalize reference string for Payone API
+ * @param {string} input - Input reference
+ * @param {string} fallbackPrefix - Fallback prefix if input is empty
+ * @returns {string} Normalized reference (max 20 chars)
+ */
+const normalizeReference = (input, fallbackPrefix = "REF") => {
+  try {
+    const raw = input == null ? "" : String(input);
+    let normalized = raw.replace(/[^A-Za-z0-9]/g, "");
+
+    if (!normalized) {
+      normalized = `${fallbackPrefix}${Date.now()}`;
+    }
+
+    return normalized.length > 20 ? normalized.slice(0, 20) : normalized;
+  } catch (_) {
+    const fallback = `${fallbackPrefix}${Date.now()}`;
+    return fallback.slice(0, 20);
+  }
+};
+
+/**
+ * Normalize customer ID for Payone API (max 17 characters)
+ * @param {string|null} customerid - Customer ID
+ * @param {Object|null} logger - Logger instance
+ * @returns {string} Normalized customer ID
+ */
+const normalizeCustomerId = (customerid, logger = null) => {
+  if (!customerid) {
+    const timestamp = Date.now().toString().slice(-10);
+    const random = Math.random().toString(36).substring(2, 6).toUpperCase();
+    return `${timestamp}${random}`.slice(0, 17);
+  }
+
+  const normalized = String(customerid).slice(0, 17);
+  if (customerid.length > 17 && logger) {
+    logger.warn(
+      `customerid exceeds 17 characters: ${customerid.length}, truncated to: ${normalized}`
+    );
+  }
+  return normalized;
+};
+
+module.exports = {
+  normalizeReference,
+  normalizeCustomerId
+};
+

package/server/utils/paymentMethodParams.js

@@ -0,0 +1,126 @@
+"use strict";
+
+/**
+ * Add payment method specific parameters
+ * @param {Object} params - Request parameters
+ * @param {Object} logger - Logger instance
+ * @returns {Object} Updated parameters with payment method defaults
+ */
+const addPaymentMethodParams = (params, logger) => {
+  const updated = { ...params };
+  const clearingtype = updated.clearingtype || "cc";
+
+  // Payment method specific defaults
+  const methodDefaults = {
+    cc: {
+      cardpan: "4111111111111111",
+      cardexpiredate: "2512",
+      cardcvc2: "123",
+      cardtype: "V"
+    },
+    wlt: {
+      wallettype: "PPE"
+    },
+    gpp: {
+      clearingtype: "wlt",
+      wallettype: "GGP"
+    },
+    apl: {
+      clearingtype: "wlt",
+      wallettype: "APL"
+    },
+    elv: {
+      bankcountry: "DE",
+      iban: "DE89370400440532013000",
+      bic: "COBADEFFXXX",
+      bankaccountholder: `${updated.firstname || "Test"} ${updated.lastname || "User"}`
+    },
+    sb: {
+      bankcountry: "DE",
+      onlinebanktransfertype: "PNT"
+    },
+    gp: {
+      bankcountry: "DE",
+      onlinebanktransfertype: "GPY"
+    },
+    idl: {
+      bankcountry: "NL",
+      onlinebanktransfertype: "IDL"
+    },
+    bct: {
+      bankcountry: "BE",
+      onlinebanktransfertype: "BCT"
+    },
+    rec: {
+      recurrence: "recurring"
+    },
+    fnc: {
+      financingtype: "fnc"
+    },
+    iv: {
+      invoicetype: "invoice"
+    }
+  };
+
+  // Handle special cases (gpp, apl) FIRST - set wallettype BEFORE changing clearingtype
+  if (clearingtype === "gpp" || clearingtype === "apl") {
+    if (clearingtype === "gpp") {
+      updated.wallettype = "GGP";
+    } else if (clearingtype === "apl") {
+      updated.wallettype = "APL";
+    }
+    updated.clearingtype = "wlt";
+  }
+
+  const defaults = methodDefaults[clearingtype] || methodDefaults.cc;
+
+  // Apply defaults (but don't override wallettype if already set)
+  Object.entries(defaults).forEach(([key, value]) => {
+    if (key === "wallettype" && updated.wallettype) {
+      return; // Don't override wallettype if already set
+    }
+    if (!updated[key]) {
+      updated[key] = value;
+    }
+  });
+  
+  // Ensure wallettype is set for wallet payments
+  if (updated.clearingtype === "wlt" && !updated.wallettype) {
+    if (clearingtype === "gpp" || updated.paymentMethod === "gpp" || updated["add_paydata[paymentmethod_token_data]"]) {
+      updated.wallettype = "GGP";
+    } else if (clearingtype === "apl" || updated.paymentMethod === "apl") {
+      updated.wallettype = "APL";
+    } else {
+      updated.wallettype = "PPE";
+    }
+  }
+  
+  // Remove cardtype if clearingtype is wallet payment
+  if (updated.clearingtype === "wlt" && updated.cardtype) {
+    delete updated.cardtype;
+  }
+
+
+  // Common defaults
+  const commonDefaults = {
+    salutation: "Herr",
+    gender: "m",
+    telephonenumber: "01752345678",
+    ip: "127.0.0.1",
+    language: "de",
+    customer_is_present: "yes"
+  };
+
+  Object.entries(commonDefaults).forEach(([key, value]) => {
+    if (!updated[key]) {
+      updated[key] = value;
+    }
+  });
+
+  return updated;
+};
+
+module.exports = {
+  addPaymentMethodParams
+};
+

package/server/utils/requestBuilder.js

@@ -0,0 +1,121 @@
+"use strict";
+
+const crypto = require("crypto");
+const { normalizeCustomerId } = require("./normalize");
+
+/**
+ * Build client request parameters for Payone API
+ * @param {Object} settings - Payone settings
+ * @param {Object} params - Request parameters
+ * @param {Object|null} logger - Logger instance
+ * @returns {Object} Built request parameters
+ */
+const buildClientRequestParams = (settings, params, logger = null) => {
+  const requestParams = {
+    request: params.request,
+    aid: settings.aid,
+    mid: settings.mid,
+    portalid: settings.portalid,
+    mode: settings.mode || "test",
+    encoding: "UTF-8",
+    ...params
+  };
+
+  // Generate MD5 hash key
+  requestParams.key = crypto
+    .createHash("md5")
+    .update(settings.portalKey || settings.key)
+    .digest("hex");
+
+  // Normalize customer ID
+  requestParams.customerid = normalizeCustomerId(
+    requestParams.customerid,
+    logger
+  );
+
+  // Add 3D Secure parameters if enabled and for credit card payments
+  const isCreditCard = requestParams.clearingtype === "cc";
+  // Enable 3DS if setting is true or not explicitly false (default to enabled if not set)
+  const enable3DSecure = settings.enable3DSecure !== false;
+
+  if (isCreditCard && enable3DSecure && (params.request === "preauthorization" || params.request === "authorization")) {
+    requestParams["3dsecure"] = "yes";
+    requestParams.ecommercemode = params.ecommercemode || "internet";
+
+    // Ensure redirect URLs are always provided for 3DS
+    // These are required for 3DS authentication flow
+    if (!requestParams.successurl) {
+      requestParams.successurl = params.successurl || "https://www.example.com/success";
+    }
+    if (!requestParams.errorurl) {
+      requestParams.errorurl = params.errorurl || "https://www.example.com/error";
+    }
+    if (!requestParams.backurl) {
+      requestParams.backurl = params.backurl || "https://www.example.com/back";
+    }
+
+    // Log redirect URLs for debugging
+    if (logger) {
+      logger.info("3DS Redirect URLs:", {
+        successurl: requestParams.successurl,
+        errorurl: requestParams.errorurl,
+        backurl: requestParams.backurl
+      });
+    }
+  } else if (isCreditCard && !enable3DSecure) {
+    requestParams["3dsecure"] = "no";
+  }
+
+  // Set default values
+  const defaults = {
+    salutation: "Herr",
+    gender: "m",
+    telephonenumber: "01752345678",
+    ip: "127.0.0.1",
+    language: "de",
+    customer_is_present: "yes"
+  };
+
+  Object.entries(defaults).forEach(([key, value]) => {
+    if (!requestParams[key]) {
+      requestParams[key] = value;
+    }
+  });
+
+  // Remove cardtype if clearingtype is wallet payment
+  if (requestParams.clearingtype === "wlt" && requestParams.cardtype) {
+    delete requestParams.cardtype;
+  }
+
+  // Ensure wallettype is set for wallet payments
+  if (requestParams.clearingtype === "wlt" && !requestParams.wallettype) {
+    if (requestParams["add_paydata[paymentmethod_token_data]"]) {
+      requestParams.wallettype = "GGP";
+    } else {
+      requestParams.wallettype = "PPE";
+    }
+  }
+
+  return requestParams;
+};
+
+/**
+ * Convert request parameters to form data
+ * @param {Object} requestParams - Request parameters
+ * @returns {URLSearchParams} Form data
+ */
+const toFormData = (requestParams) => {
+  const formData = new URLSearchParams();
+  for (const [key, value] of Object.entries(requestParams)) {
+    if (value !== undefined && value !== null) {
+      formData.append(key, value);
+    }
+  }
+  return formData;
+};
+
+module.exports = {
+  buildClientRequestParams,
+  toFormData
+};
+