strapi-plugin-payone-provider 1.5.8-beta.1 → 1.6.0

package/server/services/applePayService.js

@@ -6,183 +6,48 @@ const { getSettings, validateSettings } = require("./settingsService");
 
 const POST_GATEWAY_URL = "https://api.pay1.de/post-gateway/";
 
-/**
- * Initialize Apple Pay session with Payone
- * According to Payone documentation:
- * https://docs.payone.com/payment-methods/apple-pay/apple-pay-without-dev
- * 
- * Request: genericpayment
- * Required parameters:
- * - request="genericpayment"
- * - clearingtype="wlt"
- * - wallettype="APL"
- * - add_paydata[action]="init_applepay_session"
- * - add_paydata[display_name]="Store Name"
- * - add_paydata[domain_name]="yourdomain.com"
- */
+const parseResponse = (responseData) => {
+  if (typeof responseData === 'string') {
+    const params = new URLSearchParams(responseData);
+    const parsed = {};
+    for (const [key, value] of params.entries()) {
+      parsed[key] = value;
+    }
+    return parsed;
+  }
+  return responseData;
+};
+
 const initializeApplePaySession = async (strapi, params) => {
   try {
-    strapi.log.info("[Apple Pay] Initializing Apple Pay session with Payone");
-    strapi.log.info("[Apple Pay] Request params:", JSON.stringify(params, null, 2));
-
     const settings = await getSettings(strapi);
+    const { displayName, domainName } = params;
 
-    if (!validateSettings(settings)) {
-      strapi.log.error("[Apple Pay] Payone settings not configured");
-      throw new Error("Payone settings not configured");
-    }
+    const merchantName = displayName || "Store";
+    const domain = domainName;
 
-    strapi.log.info("[Apple Pay] Settings loaded:", {
-      mode: settings.mode,
-      mid: settings.mid,
-      portalid: settings.portalid,
-      hasKey: !!settings.key
-    });
-
-    const {
-      displayName,
-      domainName,
-      mid,
-      portalid
-    } = params;
-
-    // Get merchant data from settings (test or live mode)
-    const merchantName = displayName || settings.merchantName || settings.displayName || "Test Store";
-    const merchantId = mid || settings.mid || settings.merchantIdentifier;
-    const portalId = portalid || settings.portalid;
-    const accountId = settings.aid;
-    const apiKey = settings.key;
-    const mode = settings.mode || "test"; // test or live
-
-    // Get domain from params or settings or server config
-    const domain = domainName || settings.domainName ||
-      (strapi.config.get("server.url") ? new URL(strapi.config.get("server.url")).hostname : null) ||
-      "localhost";
-
-    // Build request parameters for Apple Pay session initialization
-    // According to Payone documentation: request="genericpayment"
-    const requestParams = {
+    const baseParams = {
       request: "genericpayment",
-      mid: merchantId,
-      aid: accountId,
-      portalid: portalId,
-      key: apiKey,
-      mode: mode, // Use test or live mode from settings
       clearingtype: "wlt",
       wallettype: "APL",
-      currency: "EUR", // Default, can be overridden
+      currency: params.currency,
       "add_paydata[action]": "init_applepay_session",
       "add_paydata[display_name]": merchantName,
       "add_paydata[domain_name]": domain
     };
 
-    strapi.log.info("[Apple Pay] Sending request to Payone:", {
-      url: POST_GATEWAY_URL,
-      mode: mode,
-      merchantName: merchantName,
-      domain: domain,
-      merchantId: merchantId,
-      portalId: portalId
-    });
+    const requestParams = buildClientRequestParams(settings, baseParams, strapi.log);
 
     const formData = toFormData(requestParams);
-
-    strapi.log.info("[Apple Pay] Sending request to Payone API:", {
-      url: POST_GATEWAY_URL,
-      params: {
-        ...requestParams,
-        key: "***HIDDEN***" // Hide API key in logs
-      }
+    const response = await axios.post(`${POST_GATEWAY_URL}Genericpayment`, formData, {
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      timeout: 30000
     });
 
-    let response;
-    try {
-      response = await axios.post(POST_GATEWAY_URL, formData, {
-        headers: { "Content-Type": "application/x-www-form-urlencoded" },
-        timeout: 30000
-      });
-    } catch (axiosError) {
-      strapi.log.error("[Apple Pay] Payone API request failed:", {
-        message: axiosError.message,
-        status: axiosError.response?.status,
-        statusText: axiosError.response?.statusText,
-        data: axiosError.response?.data,
-        config: {
-          url: axiosError.config?.url,
-          method: axiosError.config?.method
-        }
-      });
-      throw axiosError;
-    }
-
-    strapi.log.info("[Apple Pay] ========== PAYONE RESPONSE START ==========");
-    strapi.log.info("[Apple Pay] HTTP Status:", response.status);
-    strapi.log.info("[Apple Pay] HTTP Status Text:", response.statusText);
-    strapi.log.info("[Apple Pay] Response Headers:", JSON.stringify(response.headers, null, 2));
-    strapi.log.info("[Apple Pay] Raw Response Data Type:", typeof response.data);
-    strapi.log.info("[Apple Pay] Raw Response Data:", response.data);
-
-    // Parse response
-    const responseData = parseResponse(response.data, strapi.log);
-
-    strapi.log.info("[Apple Pay] ========== PARSED RESPONSE ==========");
-    strapi.log.info("[Apple Pay] Full Parsed Response (JSON):", JSON.stringify(responseData, null, 2));
-    strapi.log.info("[Apple Pay] Response Type:", typeof responseData);
-    strapi.log.info("[Apple Pay] Is Object:", responseData instanceof Object);
-    strapi.log.info("[Apple Pay] All Response Keys:", Object.keys(responseData));
-    strapi.log.info("[Apple Pay] Response Keys Count:", Object.keys(responseData).length);
-
-    // Log each key-value pair
-    strapi.log.info("[Apple Pay] ========== RESPONSE KEY-VALUE PAIRS ==========");
-    for (const [key, value] of Object.entries(responseData)) {
-      if (typeof value === 'string' && value.length > 200) {
-        strapi.log.info(`[Apple Pay] ${key}:`, value.substring(0, 200) + "... (truncated, length: " + value.length + ")");
-      } else {
-        strapi.log.info(`[Apple Pay] ${key}:`, value);
-      }
-    }
-
-    strapi.log.info("[Apple Pay] ========== IMPORTANT FIELDS ==========");
-    strapi.log.info("[Apple Pay] status:", responseData.status || responseData.Status || "NOT_SET");
-    strapi.log.info("[Apple Pay] Status (lowercase):", responseData.status || "NOT_SET");
-    strapi.log.info("[Apple Pay] Status (uppercase):", responseData.Status || "NOT_SET");
-    strapi.log.info("[Apple Pay] errorcode:", responseData.errorcode || responseData.ErrorCode || responseData.error_code || "none");
-    strapi.log.info("[Apple Pay] errormessage:", responseData.errormessage || responseData.ErrorMessage || responseData.errortxt || responseData.ErrorTxt || responseData.error_message || "none");
-    strapi.log.info("[Apple Pay] workorderid:", responseData.workorderid || responseData.workorderId || responseData.WorkorderId || "none");
-    strapi.log.info("[Apple Pay] txid:", responseData.txid || responseData.TxId || responseData.tx_id || "none");
-
-    // Check for Apple Pay session in various formats
-    strapi.log.info("[Apple Pay] ========== APPLE PAY SESSION CHECK ==========");
-    const applePaySessionKeys = [
-      "add_paydata[applepay_payment_session]",
-      "add_paydata_applepay_payment_session",
-      "addPaydata[applepay_payment_session]",
-      "addPaydata_applepay_payment_session",
-      "applepay_payment_session",
-      "applePayPaymentSession",
-      "payment_session",
-      "paymentSession"
-    ];
-
-    for (const key of applePaySessionKeys) {
-      if (responseData[key]) {
-        strapi.log.info(`[Apple Pay] Found Apple Pay session in key: ${key}`);
-        strapi.log.info(`[Apple Pay] Session value length: ${responseData[key].length}`);
-        strapi.log.info(`[Apple Pay] Session value preview: ${responseData[key].substring(0, 100)}...`);
-      }
-    }
-
-    // Check add_paydata object if it exists
-    if (responseData.add_paydata) {
-      strapi.log.info("[Apple Pay] add_paydata object exists:", typeof responseData.add_paydata);
-      strapi.log.info("[Apple Pay] add_paydata keys:", Object.keys(responseData.add_paydata));
-      strapi.log.info("[Apple Pay] add_paydata content:", JSON.stringify(responseData.add_paydata, null, 2));
-    }
-
-    strapi.log.info("[Apple Pay] ========== PAYONE RESPONSE END ==========");
+    const responseData = parseResponse(response.data);
 
     if (responseData.errorcode || responseData.ErrorCode) {
-      strapi.log.warn("[Apple Pay] Response contains error:", {
+      strapi.log.error("[Apple Pay] Payone error:", {
         errorcode: responseData.errorcode || responseData.ErrorCode,
         errormessage: responseData.errormessage || responseData.ErrorMessage
       });
@@ -199,374 +64,51 @@ const initializeApplePaySession = async (strapi, params) => {
   }
 };
 
-/**
- * Validate Apple Pay merchant with Payone
- * This is called when Apple Pay requests merchant validation
- */
 const validateApplePayMerchant = async (strapi, params) => {
-  try {
-    strapi.log.info("[Apple Pay] Validating merchant with Payone");
-    strapi.log.info("[Apple Pay] Validation params:", JSON.stringify({
-      validationURL: params.validationURL,
-      domain: params.domain,
-      displayName: params.displayName,
-      mid: params.mid,
-      portalid: params.portalid
-    }, null, 2));
-
-    const settings = await getSettings(strapi);
-
-    if (!validateSettings(settings)) {
-      strapi.log.error("[Apple Pay] Payone settings not configured for merchant validation");
-      throw new Error("Payone settings not configured");
-    }
-
-    // Log all settings to verify MerchantId is being read correctly
-    strapi.log.info("[Apple Pay] ========== SETTINGS FROM CONFIG ==========");
-    strapi.log.info("[Apple Pay] Full Settings Object:", JSON.stringify(settings, null, 2));
-    strapi.log.info("[Apple Pay] Settings Keys:", Object.keys(settings || {}));
-    strapi.log.info("[Apple Pay] MerchantId (mid) from config:", settings.mid || "NOT_SET");
-    strapi.log.info("[Apple Pay] MerchantId type:", typeof settings.mid);
-    strapi.log.info("[Apple Pay] MerchantId length:", settings.mid ? settings.mid.length : 0);
-    strapi.log.info("[Apple Pay] merchantIdentifier from config:", settings.merchantIdentifier || "NOT_SET");
-    strapi.log.info("[Apple Pay] portalid from config:", settings.portalid || "NOT_SET");
-    strapi.log.info("[Apple Pay] mode from config:", settings.mode || "NOT_SET");
-    strapi.log.info("[Apple Pay] ==========================================");
-
-    const {
-      validationURL,
-      mid,
-      portalid,
-      domain,
-      displayName
-    } = params;
-
-    // Get merchant data from settings (test or live mode)
-    const merchantName = displayName || settings.merchantName || settings.displayName || "Test Store";
+  const settings = await getSettings(strapi);
 
-    // Use MerchantId (mid) from config as merchantIdentifier
-    // Priority: params.mid > settings.mid > settings.merchantIdentifier
-    const merchantId = mid || settings.mid || settings.merchantIdentifier;
-    const portalId = portalid || settings.portalid;
-
-    strapi.log.info("[Apple Pay] ========== MERCHANT ID SELECTION ==========");
-    strapi.log.info("[Apple Pay] mid from params:", mid || "NOT_PROVIDED");
-    strapi.log.info("[Apple Pay] settings.mid:", settings.mid || "NOT_SET");
-    strapi.log.info("[Apple Pay] settings.merchantIdentifier:", settings.merchantIdentifier || "NOT_SET");
-    strapi.log.info("[Apple Pay] Selected merchantId:", merchantId || "NOT_SET");
-    strapi.log.info("[Apple Pay] Selected merchantId type:", typeof merchantId);
-    strapi.log.info("[Apple Pay] Selected merchantId length:", merchantId ? merchantId.length : 0);
-    strapi.log.info("[Apple Pay] ==========================================");
-
-    // Get domain from params or settings or server config
-    const domainName = domain || settings.domainName ||
-      (strapi.config.get("server.url") ? new URL(strapi.config.get("server.url")).hostname : null) ||
-      "localhost";
+  if (!validateSettings(settings)) {
+    strapi.log.error("Payone settings not configured");
+    return null;
+  }
 
-    // For Payone integration without developer account,
-    // Payone handles merchant validation
-    // We need to initialize the session first
-    const sessionParams = {
-      displayName: merchantName,
-      domainName: domainName,
-      mid: merchantId,
-      portalid: portalId
-    };
+  const sessionResponse = await initializeApplePaySession(strapi, params);
+  const applePaySessionBase64 = sessionResponse["add_paydata[applepay_payment_session]"] ||
+    sessionResponse.add_paydata?.applepay_payment_session;
 
-    strapi.log.info("[Apple Pay] Initializing session with params:", JSON.stringify(sessionParams, null, 2));
+  if (sessionResponse.status === "OK" && applePaySessionBase64 && applePaySessionBase64.length > 0) {
+    const merchantSessionJson = Buffer.from(applePaySessionBase64, 'base64').toString('utf-8');
+    const merchantSession = JSON.parse(merchantSessionJson);
 
-    // Initialize Apple Pay session with Payone
-    let sessionResponse;
-    try {
-      sessionResponse = await initializeApplePaySession(strapi, sessionParams);
-    } catch (error) {
-      strapi.log.error("[Apple Pay] Failed to initialize session with Payone:", {
-        message: error.message,
-        status: error.response?.status,
-        data: error.response?.data,
-        stack: error.stack
-      });
-      // DO NOT return empty object - throw error instead
-      // Empty object causes Apple Pay to close dialog without proper error message
-      throw new Error(`Failed to initialize Apple Pay session with Payone: ${error.message}. Please check your Payone configuration and ensure Apple Pay is properly set up in PMI.`);
+    if (merchantSession.epochTimestamp && merchantSession.epochTimestamp > 1000000000000) {
+      merchantSession.epochTimestamp = Math.floor(merchantSession.epochTimestamp / 1000);
     }
 
-    strapi.log.info("[Apple Pay] Session initialization result:", {
-      status: sessionResponse.status || sessionResponse.Status,
-      hasMerchantIdentifier: !!(sessionResponse.merchantIdentifier || sessionResponse.merchantSessionIdentifier),
-      hasApplePaySession: !!(sessionResponse["add_paydata[applepay_payment_session]"] ||
-        sessionResponse["add_paydata[applepay_payment_session]"] ||
-        sessionResponse.add_paydata?.applepay_payment_session),
-      fullResponse: JSON.stringify(sessionResponse, null, 2)
-    });
-
-    // If session initialization is successful, extract merchant session from Payone response
-    // Payone returns: add_paydata[applepay_payment_session] = BASE64 encoded merchant session
-    // Check for both uppercase and lowercase status
-    const responseStatus = sessionResponse.status || sessionResponse.Status;
-    if (responseStatus === "APPROVED" || responseStatus === "OK" ||
-      responseStatus === "approved" || responseStatus === "ok") {
-
-      // Extract BASE64 encoded merchant session from Payone response
-      // Payone returns it in: add_paydata[applepay_payment_session]
-      // Try all possible variations of the field name
-      const applePaySessionBase64 =
-        sessionResponse["add_paydata[applepay_payment_session]"] ||
-        sessionResponse["add_paydata[applepay_payment_session]"] ||
-        sessionResponse["add_paydata_applepay_payment_session"] ||
-        sessionResponse.add_paydata?.applepay_payment_session ||
-        sessionResponse.add_paydata?.["applepay_payment_session"] ||
-        sessionResponse["addPaydata[applepay_payment_session]"] ||
-        sessionResponse["addPaydata_applepay_payment_session"] ||
-        null;
-
-      strapi.log.info("[Apple Pay] Checking for merchant session in response:", {
-        hasWorkorderid: !!sessionResponse.workorderid,
-        workorderid: sessionResponse.workorderid,
-        allKeys: Object.keys(sessionResponse).filter(k => k.includes('applepay') || k.includes('session') || k.includes('paydata')),
-        responseKeys: Object.keys(sessionResponse)
-      });
-
-      strapi.log.info("[Apple Pay] Extracted Apple Pay session data:", {
-        hasBase64Session: !!applePaySessionBase64,
-        sessionLength: applePaySessionBase64?.length,
-        workorderid: sessionResponse.workorderid,
-        allResponseKeys: Object.keys(sessionResponse),
-        responseSample: JSON.stringify(sessionResponse).substring(0, 500)
-      });
-
-      if (applePaySessionBase64 && applePaySessionBase64.length > 0) {
-        try {
-          // Decode BASE64 merchant session
-          const merchantSessionJson = Buffer.from(applePaySessionBase64, 'base64').toString('utf-8');
-          const merchantSession = JSON.parse(merchantSessionJson);
-
-          strapi.log.info("[Apple Pay] Decoded merchant session:", {
-            merchantIdentifier: merchantSession.merchantIdentifier,
-            domainName: merchantSession.domainName,
-            displayName: merchantSession.displayName,
-            hasEpochTimestamp: !!merchantSession.epochTimestamp,
-            hasExpiresAt: !!merchantSession.expiresAt,
-            fullSession: merchantSession
-          });
-
-          // Validate decoded merchant session
-          if (!merchantSession.merchantIdentifier) {
-            strapi.log.warn("[Apple Pay] Decoded merchant session missing merchantIdentifier, using MerchantId from config");
-            // Use MerchantId (mid) from config as merchantIdentifier
-            // Priority: settings.mid (MerchantId) > settings.merchantIdentifier > settings.portalid
-            strapi.log.info("[Apple Pay] Available MerchantId values from config:");
-            strapi.log.info("[Apple Pay]   settings.mid:", settings.mid || "NOT_SET");
-            strapi.log.info("[Apple Pay]   settings.merchantIdentifier:", settings.merchantIdentifier || "NOT_SET");
-            strapi.log.info("[Apple Pay]   settings.portalid:", settings.portalid || "NOT_SET");
-
-            const fallbackMerchantId = settings.mid || settings.merchantIdentifier || settings.portalid;
-            merchantSession.merchantIdentifier = fallbackMerchantId || `merchant.${domainName}`;
-
-            strapi.log.info("[Apple Pay] Selected MerchantId from config:", fallbackMerchantId || "NOT_SET");
-            strapi.log.info("[Apple Pay] Final merchantIdentifier set to:", merchantSession.merchantIdentifier);
-          } else {
-            strapi.log.info("[Apple Pay] Using merchantIdentifier from decoded Payone session:", merchantSession.merchantIdentifier);
-          }
-
-          // Ensure epochTimestamp and expiresAt are in seconds (not milliseconds)
-          if (merchantSession.epochTimestamp && merchantSession.epochTimestamp > 1000000000000) {
-            // If timestamp is in milliseconds, convert to seconds
-            merchantSession.epochTimestamp = Math.floor(merchantSession.epochTimestamp / 1000);
-          }
-          if (merchantSession.expiresAt && merchantSession.expiresAt > 1000000000000) {
-            // If timestamp is in milliseconds, convert to seconds
-            merchantSession.expiresAt = Math.floor(merchantSession.expiresAt / 1000);
-          }
-
-          // Validate final merchant session
-          if (!merchantSession.merchantIdentifier || merchantSession.merchantIdentifier === 'undefined' || merchantSession.merchantIdentifier === 'null') {
-            throw new Error("Decoded merchant session has invalid merchantIdentifier");
-          }
-
-          strapi.log.info("[Apple Pay] Validated merchant session:", {
-            merchantIdentifier: merchantSession.merchantIdentifier,
-            domainName: merchantSession.domainName,
-            epochTimestamp: merchantSession.epochTimestamp,
-            expiresAt: merchantSession.expiresAt
-          });
-
-          return merchantSession;
-        } catch (decodeError) {
-          strapi.log.error("[Apple Pay] Failed to decode merchant session:", {
-            error: decodeError.message,
-            base64Length: applePaySessionBase64?.length,
-            base64Preview: applePaySessionBase64?.substring(0, 100)
-          });
-
-          // If decoding fails, we cannot proceed - merchant session is invalid
-          throw new Error(`Failed to decode Apple Pay merchant session: ${decodeError.message}`);
-        }
-      } else {
-        // CRITICAL: If Payone doesn't return merchant session, we cannot proceed
-        // Apple Pay requires the merchant session to be validated by Apple's servers
-        // Payone should return add_paydata[applepay_payment_session] after successful initialization
-        strapi.log.error("[Apple Pay] CRITICAL: No Apple Pay session data in Payone response!");
-        strapi.log.error("[Apple Pay] This means merchant validation will fail. Possible causes:");
-        strapi.log.error("[Apple Pay] 1. Apple Pay not properly configured in Payone PMI");
-        strapi.log.error("[Apple Pay] 2. Domain not verified in Payone PMI");
-        strapi.log.error("[Apple Pay] 3. Merchant identifier not configured in Payone PMI");
-        strapi.log.error("[Apple Pay] 4. Apple Pay onboarding not completed in Payone PMI");
-        strapi.log.error("[Apple Pay] Response status:", responseStatus);
-        strapi.log.error("[Apple Pay] Full response keys:", Object.keys(sessionResponse));
-        strapi.log.error("[Apple Pay] Response sample:", JSON.stringify(sessionResponse).substring(0, 1000));
-
-        // DO NOT create a fallback session - it will fail validation
-        // Instead, throw an error so the frontend knows validation failed
-        throw new Error("Payone did not return Apple Pay merchant session. Please ensure Apple Pay is properly configured in Payone Merchant Interface (PMI): CONFIGURATION → PAYMENT PORTALS → [Your Portal] → Apple Pay configuration. The merchant session must come from Payone after successful Apple Pay onboarding.");
-
-        // Get merchant identifier from settings
-        // Use MerchantId (mid) from config as merchantIdentifier
-        // According to Payone docs, merchant identifier should be visible in PMI after onboarding
-        // Path: CONFIGURATION/PAYMENT PORTALS - choose an onboarded Portal - Payment type configuration tab
-        strapi.log.info("[Apple Pay] ========== CREATING MERCHANT SESSION FROM CONFIG ==========");
-        strapi.log.info("[Apple Pay] Available MerchantId values from config:");
-        strapi.log.info("[Apple Pay]   settings.mid:", settings.mid || "NOT_SET");
-        strapi.log.info("[Apple Pay]   settings.merchantIdentifier:", settings.merchantIdentifier || "NOT_SET");
-        strapi.log.info("[Apple Pay]   settings.portalid:", settings.portalid || "NOT_SET");
-
-        // Priority: settings.mid (MerchantId) > settings.merchantIdentifier > settings.portalid
-        let merchantIdentifier = settings.mid || settings.merchantIdentifier || settings.portalid;
-
-        strapi.log.info("[Apple Pay] Selected merchantIdentifier:", merchantIdentifier || "NOT_SET");
-        strapi.log.info("[Apple Pay] merchantIdentifier type:", typeof merchantIdentifier);
-        strapi.log.info("[Apple Pay] merchantIdentifier length:", merchantIdentifier ? merchantIdentifier.length : 0);
-
-        // If still no merchant identifier, try to construct one from domain
-        // But this is not ideal - merchant identifier should come from Payone PMI
-        if (!merchantIdentifier) {
-          strapi.log.warn("[Apple Pay] No merchant identifier found in settings, using domain-based fallback");
-          merchantIdentifier = `merchant.${domainName}`;
-        }
-
-        // Ensure merchant identifier is a string and not empty
-        merchantIdentifier = merchantIdentifier.toString().trim();
-        if (!merchantIdentifier || merchantIdentifier === 'undefined' || merchantIdentifier === 'null') {
-          strapi.log.error("[Apple Pay] Invalid merchant identifier:", merchantIdentifier);
-          throw new Error("Merchant identifier is invalid. Please configure a valid merchant identifier in Payone Merchant Interface (PMI) after Apple Pay onboarding. Path: CONFIGURATION → PAYMENT PORTALS → [Your Portal] → Payment type configuration tab");
-        }
-
-        // Create a valid merchant session object
-        // This format is required by Apple Pay Payment Request API
-        // IMPORTANT: epochTimestamp and expiresAt must be in seconds (Unix timestamp), not milliseconds
-        // IMPORTANT: merchantIdentifier must be the MerchantId (mid) from Payone config
-        const merchantSession = {
-          epochTimestamp: Math.floor(Date.now() / 1000), // Unix timestamp in seconds
-          expiresAt: Math.floor((Date.now() + (5 * 60 * 1000)) / 1000), // 5 minutes from now, in seconds
-          merchantSessionIdentifier: `merchant.${domainName}`,
-          nonce: generateNonce(),
-          merchantIdentifier: merchantIdentifier, // MerchantId (mid) from config - already validated and converted to string
-          domainName: domainName,
-          displayName: merchantName
-        };
-
-        strapi.log.info("[Apple Pay] Created merchant session with MerchantId from config:");
-        strapi.log.info("[Apple Pay]   merchantIdentifier:", merchantSession.merchantIdentifier);
-        strapi.log.info("[Apple Pay]   domainName:", merchantSession.domainName);
-        strapi.log.info("[Apple Pay]   displayName:", merchantSession.displayName);
-        strapi.log.info("[Apple Pay]   epochTimestamp:", merchantSession.epochTimestamp);
-        strapi.log.info("[Apple Pay]   expiresAt:", merchantSession.expiresAt);
-        strapi.log.info("[Apple Pay] ==========================================");
-
-        // Validate merchant session before returning
-        if (!merchantSession.merchantIdentifier || merchantSession.merchantIdentifier === 'undefined' || merchantSession.merchantIdentifier === 'null') {
-          strapi.log.error("[Apple Pay] Created merchant session is missing or invalid merchantIdentifier!", {
-            merchantIdentifier: merchantSession.merchantIdentifier,
-            settings: {
-              hasMerchantIdentifier: !!settings.merchantIdentifier,
-              hasMid: !!settings.mid,
-              hasPortalid: !!settings.portalid,
-              mid: settings.mid,
-              portalid: settings.portalid
-            }
-          });
-          throw new Error("Merchant identifier is required but not found in settings. Please configure merchant identifier in Payone Merchant Interface (PMI) after Apple Pay onboarding.");
-        }
-
-        strapi.log.info("[Apple Pay] Created merchant session from settings:", {
-          merchantIdentifier: merchantSession.merchantIdentifier,
-          domainName: merchantSession.domainName,
-          displayName: merchantSession.displayName,
-          epochTimestamp: merchantSession.epochTimestamp,
-          expiresAt: merchantSession.expiresAt
-        });
-
-        return merchantSession;
-      }
+    if (merchantSession.expiresAt && merchantSession.expiresAt > 1000000000000) {
+      merchantSession.expiresAt = Math.floor(merchantSession.expiresAt / 1000);
     }
 
-    // If initialization failed, we cannot proceed
-    // Payment Request API requires a valid merchant session
-    strapi.log.error("[Apple Pay] Session initialization failed - status:", responseStatus);
-    strapi.log.error("[Apple Pay] Full Payone response:", JSON.stringify(sessionResponse, null, 2));
-    strapi.log.error("[Apple Pay] This means merchant validation will fail.");
-    strapi.log.error("[Apple Pay] Possible causes:");
-    strapi.log.error("[Apple Pay] 1. Payone returned ERROR status - check errorcode and errormessage in response");
-    strapi.log.error("[Apple Pay] 2. Apple Pay not configured in Payone PMI");
-    strapi.log.error("[Apple Pay] 3. Domain not verified in Payone PMI");
-    strapi.log.error("[Apple Pay] 4. Merchant identifier not configured correctly");
-    strapi.log.error("[Apple Pay] 5. Apple Pay onboarding not completed");
-
-    // Extract error details from Payone response
-    const errorCode = sessionResponse.errorcode || sessionResponse.ErrorCode;
-    const errorMessage = sessionResponse.errormessage || sessionResponse.ErrorMessage || sessionResponse.errortxt || sessionResponse.ErrorTxt;
-
-    if (errorCode || errorMessage) {
-      strapi.log.error("[Apple Pay] Payone error details:", {
-        errorCode: errorCode,
-        errorMessage: errorMessage
-      });
-      throw new Error(`Payone Apple Pay initialization failed: ${errorCode ? `Error ${errorCode}` : ''} ${errorMessage || 'Unknown error'}. Please check your Payone Apple Pay configuration in PMI (CONFIGURATION → PAYMENT PORTALS → [Your Portal] → Apple Pay).`);
-    } else {
-      throw new Error(`Apple Pay session initialization failed with status: ${responseStatus || 'UNKNOWN'}. Please check your Payone Apple Pay configuration in PMI (CONFIGURATION → PAYMENT PORTALS → [Your Portal] → Apple Pay).`);
+    if (!merchantSession.merchantIdentifier ||
+      merchantSession.merchantIdentifier === 'undefined' ||
+      merchantSession.merchantIdentifier === 'null') {
+      strapi.log.error("Decoded merchant session has invalid merchantIdentifier");
     }
-  } catch (error) {
-    strapi.log.error("[Apple Pay] Merchant validation error:", {
-      message: error.message,
-      stack: error.stack,
-      response: error.response?.data,
-      status: error.response?.status
-    });
 
-    // DO NOT return empty object - this causes Apple Pay to close the dialog
-    // Instead, re-throw the error so the frontend can handle it properly
-    // The error message will help the user understand what went wrong
-    throw error;
+    return merchantSession;
   }
-};
 
-/**
- * Parse Payone response
- */
-const parseResponse = (responseData, logger) => {
-  if (typeof responseData === 'string') {
-    // Parse form-encoded response
-    const params = new URLSearchParams(responseData);
-    const parsed = {};
-    for (const [key, value] of params.entries()) {
-      parsed[key] = value;
-    }
-    return parsed;
-  }
-  return responseData;
-};
+  const errorCode = sessionResponse.errorcode || sessionResponse.ErrorCode;
+  const errorMessage = sessionResponse.errormessage || sessionResponse.ErrorMessage ||
+    sessionResponse.errortxt || sessionResponse.ErrorTxt;
 
-/**
- * Generate nonce for merchant session
- */
-const generateNonce = () => {
-  return Math.random().toString(36).substring(2, 15) +
-    Math.random().toString(36).substring(2, 15);
+  strapi.log.error(
+    `Payone Apple Pay initialization failed: ${errorCode ? `Error ${errorCode}` : ''} ${errorMessage || 'Unknown error'}`
+  );
+
+  return null;
 };
 
 module.exports = {
   initializeApplePaySession,
   validateApplePayMerchant
 };
-
-