npm - strapi-plugin-payone-provider - Versions diffs - 1.5.4 → 1.5.5 - Mend

strapi-plugin-payone-provider 1.5.4 → 1.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/admin/src/pages/App/components/ApplePayButton.js +45 -8
package/package.json +1 -1
package/server/services/applePayService.js +155 -30
package/server/utils/responseParser.js +12 -0

package/admin/src/pages/App/components/ApplePayButton.js CHANGED Viewed

@@ -498,16 +498,28 @@ const ApplePayButton = ({
           merchantSessionPromise.then(session => {
             console.log("[Apple Pay] Merchant session received:", {
               hasMerchantIdentifier: !!session.merchantIdentifier,
+              merchantIdentifier: session.merchantIdentifier,
               domainName: session.domainName,
-              displayName: session.displayName
+              displayName: session.displayName,
+              epochTimestamp: session.epochTimestamp,
+              expiresAt: session.expiresAt,
+              fullSession: session
             });
+            // Validate merchant session
+            if (!session || (!session.merchantIdentifier && !session.merchantSessionIdentifier)) {
+              console.error("[Apple Pay] Invalid merchant session - missing merchantIdentifier");
+              console.error("[Apple Pay] Session object:", JSON.stringify(session, null, 2));
+              throw new Error("Invalid merchant session: missing merchantIdentifier");
+            }
           }).catch(err => {
             console.error("[Apple Pay] Merchant session error:", err);
-            // Don't call onError here - let the dialog handle it
+            // Re-throw so Payment Request API knows validation failed
+            throw err;
           });
           // Complete with the merchant session promise
-          // If it fails, Apple Pay will handle it gracefully
+          // If the promise rejects, Payment Request API will close the dialog
           event.complete(merchantSessionPromise);
         } catch (error) {
           console.error("[Apple Pay] Merchant validation error:", error);
@@ -550,17 +562,42 @@ const ApplePayButton = ({
       let response;
       try {
         response = await request.show();
+        console.log("[Apple Pay] Payment sheet shown successfully");
       } catch (error) {
-        console.error("[Apple Pay] Error showing payment sheet:", error);
+        console.error("[Apple Pay] Error showing payment sheet:", {
+          name: error.name,
+          message: error.message,
+          stack: error.stack
+        });
         // Check if error is due to cancellation (user cancelled)
-        if (error.message && error.message.includes('Cancelled')) {
+        // Payment Request API throws "AbortError" when user cancels
+        if (error.name === 'AbortError' ||
+            (error.message && (
+              error.message.includes('Cancelled') ||
+              error.message.includes('cancel') ||
+              error.message.includes('abort')
+            ))) {
           console.log("[Apple Pay] User cancelled the payment");
           // Don't call onError for user cancellation
           return;
         }
-        // Only call onError if it's defined and it's not a cancellation
-        if (typeof onError === 'function') {
-          onError(error);
+        // If it's a merchant validation error, log it specifically
+        if (error.message && (
+          error.message.includes('merchant') ||
+          error.message.includes('validation') ||
+          error.message.includes('identifier')
+        )) {
+          console.error("[Apple Pay] Merchant validation failed - this may cause the dialog to close");
+          if (typeof onError === 'function') {
+            onError(new Error("Merchant validation failed. Please check your Apple Pay configuration and merchant identifier in Payone settings."));
+          }
+        } else {
+          // For other errors, call onError
+          if (typeof onError === 'function') {
+            onError(error);
+          }
         }
         return;
       }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "strapi-plugin-payone-provider",
-  "version": "1.5.4",
+  "version": "1.5.5",
   "description": "Strapi plugin for Payone payment gateway integration",
   "license": "MIT",
   "maintainers": [

package/server/services/applePayService.js CHANGED Viewed

@@ -214,43 +214,168 @@ const validateApplePayMerchant = async (strapi, params) => {
     strapi.log.info("[Apple Pay] Session initialization result:", {
       status: sessionResponse.status || sessionResponse.Status,
       hasMerchantIdentifier: !!(sessionResponse.merchantIdentifier || sessionResponse.merchantSessionIdentifier),
+      hasApplePaySession: !!(sessionResponse["add_paydata[applepay_payment_session]"] ||
+        sessionResponse["add_paydata[applepay_payment_session]"] ||
+        sessionResponse.add_paydata?.applepay_payment_session),
       fullResponse: JSON.stringify(sessionResponse, null, 2)
     });
-    // If session initialization is successful, return merchant session
-    // Payone will provide the merchant identifier and validation data
+    // If session initialization is successful, extract merchant session from Payone response
+    // Payone returns: add_paydata[applepay_payment_session] = BASE64 encoded merchant session
     // Check for both uppercase and lowercase status
     const responseStatus = sessionResponse.status || sessionResponse.Status;
-    if (responseStatus === "APPROVED" || responseStatus === "REDIRECT" ||
-      responseStatus === "approved" || responseStatus === "redirect") {
-      strapi.log.info("[Apple Pay] Session approved, creating merchant session object");
-      // Get merchant identifier from Payone response or settings
-      const merchantIdentifier = sessionResponse.merchantIdentifier ||
-        sessionResponse.merchantSessionIdentifier ||
-        settings.merchantIdentifier ||
-        settings.mid ||
-        settings.portalid ||
-        `merchant.${domainName}`;
-      // Return merchant session object
-      // In a real implementation, you would get this from Payone's response
-      const merchantSession = {
-        epochTimestamp: Date.now(),
-        expiresAt: Date.now() + (5 * 60 * 1000), // 5 minutes
-        merchantSessionIdentifier: sessionResponse.merchantSessionIdentifier || `merchant.${domainName}`,
-        nonce: sessionResponse.nonce || generateNonce(),
-        merchantIdentifier: merchantIdentifier,
-        domainName: domainName,
-        displayName: merchantName
-      };
-      strapi.log.info("[Apple Pay] Merchant session created:", {
-        merchantIdentifier: merchantSession.merchantIdentifier,
-        domainName: merchantSession.domainName,
-        expiresAt: new Date(merchantSession.expiresAt).toISOString()
+    if (responseStatus === "APPROVED" || responseStatus === "OK" ||
+      responseStatus === "approved" || responseStatus === "ok") {
+      // Extract BASE64 encoded merchant session from Payone response
+      // Payone returns it in: add_paydata[applepay_payment_session]
+      // Try all possible variations of the field name
+      const applePaySessionBase64 =
+        sessionResponse["add_paydata[applepay_payment_session]"] ||
+        sessionResponse["add_paydata[applepay_payment_session]"] ||
+        sessionResponse["add_paydata_applepay_payment_session"] ||
+        sessionResponse.add_paydata?.applepay_payment_session ||
+        sessionResponse.add_paydata?.["applepay_payment_session"] ||
+        sessionResponse["addPaydata[applepay_payment_session]"] ||
+        sessionResponse["addPaydata_applepay_payment_session"] ||
+        null;
+      strapi.log.info("[Apple Pay] Checking for merchant session in response:", {
+        hasWorkorderid: !!sessionResponse.workorderid,
+        workorderid: sessionResponse.workorderid,
+        allKeys: Object.keys(sessionResponse).filter(k => k.includes('applepay') || k.includes('session') || k.includes('paydata')),
+        responseKeys: Object.keys(sessionResponse)
       });
-      return merchantSession;
+      strapi.log.info("[Apple Pay] Extracted Apple Pay session data:", {
+        hasBase64Session: !!applePaySessionBase64,
+        sessionLength: applePaySessionBase64?.length,
+        workorderid: sessionResponse.workorderid
+      });
+      if (applePaySessionBase64) {
+        try {
+          // Decode BASE64 merchant session
+          const merchantSessionJson = Buffer.from(applePaySessionBase64, 'base64').toString('utf-8');
+          const merchantSession = JSON.parse(merchantSessionJson);
+          strapi.log.info("[Apple Pay] Decoded merchant session:", {
+            merchantIdentifier: merchantSession.merchantIdentifier,
+            domainName: merchantSession.domainName,
+            displayName: merchantSession.displayName,
+            hasEpochTimestamp: !!merchantSession.epochTimestamp,
+            hasExpiresAt: !!merchantSession.expiresAt,
+            fullSession: merchantSession
+          });
+          // Validate decoded merchant session
+          if (!merchantSession.merchantIdentifier) {
+            strapi.log.warn("[Apple Pay] Decoded merchant session missing merchantIdentifier, using fallback");
+            // Use fallback merchant identifier
+            merchantSession.merchantIdentifier = settings.merchantIdentifier ||
+              settings.mid ||
+              settings.portalid ||
+              `merchant.${domainName}`;
+          }
+          // Ensure epochTimestamp and expiresAt are in seconds (not milliseconds)
+          if (merchantSession.epochTimestamp && merchantSession.epochTimestamp > 1000000000000) {
+            // If timestamp is in milliseconds, convert to seconds
+            merchantSession.epochTimestamp = Math.floor(merchantSession.epochTimestamp / 1000);
+          }
+          if (merchantSession.expiresAt && merchantSession.expiresAt > 1000000000000) {
+            // If timestamp is in milliseconds, convert to seconds
+            merchantSession.expiresAt = Math.floor(merchantSession.expiresAt / 1000);
+          }
+          // Validate final merchant session
+          if (!merchantSession.merchantIdentifier || merchantSession.merchantIdentifier === 'undefined' || merchantSession.merchantIdentifier === 'null') {
+            throw new Error("Decoded merchant session has invalid merchantIdentifier");
+          }
+          strapi.log.info("[Apple Pay] Validated merchant session:", {
+            merchantIdentifier: merchantSession.merchantIdentifier,
+            domainName: merchantSession.domainName,
+            epochTimestamp: merchantSession.epochTimestamp,
+            expiresAt: merchantSession.expiresAt
+          });
+          return merchantSession;
+        } catch (decodeError) {
+          strapi.log.error("[Apple Pay] Failed to decode merchant session:", {
+            error: decodeError.message,
+            base64Length: applePaySessionBase64?.length,
+            base64Preview: applePaySessionBase64?.substring(0, 100)
+          });
+          // If decoding fails, we cannot proceed - merchant session is invalid
+          throw new Error(`Failed to decode Apple Pay merchant session: ${decodeError.message}`);
+        }
+      } else {
+        // If no session data in response, we need to create a valid merchant session
+        // According to Payone docs, merchant identifier should be obtained from PMI
+        // after domain verification and onboarding
+        strapi.log.warn("[Apple Pay] No Apple Pay session data in response, creating merchant session from settings");
+        // Get merchant identifier from settings
+        // According to Payone docs, merchant identifier should be visible in PMI after onboarding
+        // Path: CONFIGURATION/PAYMENT PORTALS - choose an onboarded Portal - Payment type configuration tab
+        let merchantIdentifier = settings.merchantIdentifier ||
+          settings.mid ||
+          settings.portalid;
+        // If still no merchant identifier, try to construct one from domain
+        // But this is not ideal - merchant identifier should come from Payone PMI
+        if (!merchantIdentifier) {
+          strapi.log.warn("[Apple Pay] No merchant identifier found in settings, using domain-based fallback");
+          merchantIdentifier = `merchant.${domainName}`;
+        }
+        // Ensure merchant identifier is a string and not empty
+        merchantIdentifier = merchantIdentifier.toString().trim();
+        if (!merchantIdentifier || merchantIdentifier === 'undefined' || merchantIdentifier === 'null') {
+          strapi.log.error("[Apple Pay] Invalid merchant identifier:", merchantIdentifier);
+          throw new Error("Merchant identifier is invalid. Please configure a valid merchant identifier in Payone Merchant Interface (PMI) after Apple Pay onboarding. Path: CONFIGURATION → PAYMENT PORTALS → [Your Portal] → Payment type configuration tab");
+        }
+        // Create a valid merchant session object
+        // This format is required by Apple Pay Payment Request API
+        // IMPORTANT: epochTimestamp and expiresAt must be in seconds (Unix timestamp), not milliseconds
+        const merchantSession = {
+          epochTimestamp: Math.floor(Date.now() / 1000), // Unix timestamp in seconds
+          expiresAt: Math.floor((Date.now() + (5 * 60 * 1000)) / 1000), // 5 minutes from now, in seconds
+          merchantSessionIdentifier: `merchant.${domainName}`,
+          nonce: generateNonce(),
+          merchantIdentifier: merchantIdentifier, // Already validated and converted to string
+          domainName: domainName,
+          displayName: merchantName
+        };
+        // Validate merchant session before returning
+        if (!merchantSession.merchantIdentifier || merchantSession.merchantIdentifier === 'undefined' || merchantSession.merchantIdentifier === 'null') {
+          strapi.log.error("[Apple Pay] Created merchant session is missing or invalid merchantIdentifier!", {
+            merchantIdentifier: merchantSession.merchantIdentifier,
+            settings: {
+              hasMerchantIdentifier: !!settings.merchantIdentifier,
+              hasMid: !!settings.mid,
+              hasPortalid: !!settings.portalid,
+              mid: settings.mid,
+              portalid: settings.portalid
+            }
+          });
+          throw new Error("Merchant identifier is required but not found in settings. Please configure merchant identifier in Payone Merchant Interface (PMI) after Apple Pay onboarding.");
+        }
+        strapi.log.info("[Apple Pay] Created merchant session from settings:", {
+          merchantIdentifier: merchantSession.merchantIdentifier,
+          domainName: merchantSession.domainName,
+          displayName: merchantSession.displayName,
+          epochTimestamp: merchantSession.epochTimestamp,
+          expiresAt: merchantSession.expiresAt
+        });
+        return merchantSession;
+      }
     }
     // If initialization failed, return empty object

package/server/utils/responseParser.js CHANGED Viewed

@@ -24,8 +24,20 @@ const parseResponse = (responseText, logger) => {
   const params = new URLSearchParams(responseText);
   const response = {};
   for (const [key, value] of params) {
+    // Store both lowercase and original case
     response[key.toLowerCase()] = value;
     response[key] = value;
+    // Also handle add_paydata fields with brackets
+    // Payone returns: add_paydata[applepay_payment_session]=BASE64_STRING
+    // URLSearchParams handles brackets, but we need to ensure we can access it
+    if (key.includes('add_paydata') || key.includes('addPaydata')) {
+      // Store with original key format
+      response[key] = value;
+      // Also try normalized versions
+      const normalizedKey = key.replace(/\[/g, '_').replace(/\]/g, '');
+      response[normalizedKey] = value;
+    }
   }
   return response;
 };