strapi-plugin-payone-provider 1.5.8-beta.1 → 1.6.0

package/server/services/paymentService.js

@@ -9,12 +9,6 @@ const { logTransaction } = require("./transactionService");
 
 const POST_GATEWAY_URL = "https://api.pay1.de/post-gateway/";
 
-/**
- * Send request to Payone API
- * @param {Object} strapi - Strapi instance
- * @param {Object} params - Request parameters
- * @returns {Promise<Object>} Response data
- */
 const sendRequest = async (strapi, params) => {
   try {
     const settings = await getSettings(strapi);
@@ -23,8 +17,6 @@ const sendRequest = async (strapi, params) => {
       throw new Error("Payone settings not configured");
     }
 
-    // Reference is saved as-is without normalization
-
     const requestParams = buildClientRequestParams(settings, params, strapi.log);
     const formData = toFormData(requestParams);
 
@@ -35,23 +27,6 @@ const sendRequest = async (strapi, params) => {
 
     const responseData = parseResponse(response.data, strapi.log);
 
-    // Log full response for debugging
-    strapi.log.info("Payone API Response:", JSON.stringify(responseData, null, 2));
-    strapi.log.info("Response Status:", responseData.status || responseData.Status);
-    strapi.log.info("Response Error Code:", responseData.errorcode || responseData.ErrorCode || responseData.Error?.ErrorCode);
-    strapi.log.info("Response Error Message:", responseData.errormessage || responseData.ErrorMessage || responseData.Error?.ErrorMessage);
-
-    // Log all possible redirect URL fields
-    strapi.log.info("Redirect URL fields:", {
-      redirecturl: responseData.redirecturl,
-      RedirectUrl: responseData.RedirectUrl,
-      redirect_url: responseData.redirect_url,
-      redirectUrl: responseData.redirectUrl,
-      url: responseData.url,
-      Url: responseData.Url
-    });
-
-    // Extract error information from various possible fields
     const errorCode =
       responseData.errorcode ||
       responseData.ErrorCode ||
@@ -59,7 +34,6 @@ const sendRequest = async (strapi, params) => {
       responseData.error_code ||
       null;
 
-    // Check for 3DS redirect
     const requires3DSErrorCodes = ["4219", 4219];
     const is3DSRequiredError = requires3DSErrorCodes.includes(errorCode);
 
@@ -69,7 +43,6 @@ const sendRequest = async (strapi, params) => {
       responseData.redirectUrl = redirectUrl;
       responseData.is3DSRequired = is3DSRequiredError;
 
-      // If 3DS required but no redirect URL, log for debugging
       if (is3DSRequiredError && !redirectUrl) {
         strapi.log.warn("3DS authentication required (Error 4219) but no redirect URL found. May need 3dscheck request.");
         strapi.log.info("Full response data:", JSON.stringify(responseData, null, 2));
@@ -92,7 +65,6 @@ const sendRequest = async (strapi, params) => {
 
     const status = (responseData.status || responseData.Status || "unknown").toUpperCase();
 
-    // Log transaction
     await logTransaction(strapi, {
       txid: extractTxId(responseData) || params.txid || null,
       reference: params.reference || null,
@@ -107,7 +79,6 @@ const sendRequest = async (strapi, params) => {
       customer_message: customerMessage
     });
 
-    // Add normalized error fields to response
     responseData.errorCode = errorCode;
     responseData.errorMessage = errorMessage;
     responseData.customerMessage = customerMessage;
@@ -120,12 +91,6 @@ const sendRequest = async (strapi, params) => {
   }
 };
 
-/**
- * Preauthorization
- * @param {Object} strapi - Strapi instance
- * @param {Object} params - Request parameters
- * @returns {Promise<Object>} Response data
- */
 const preauthorization = async (strapi, params) => {
   const requiredParams = {
     request: "preauthorization",
@@ -147,12 +112,6 @@ const preauthorization = async (strapi, params) => {
   return await sendRequest(strapi, updatedParams);
 };
 
-/**
- * Authorization
- * @param {Object} strapi - Strapi instance
- * @param {Object} params - Request parameters
- * @returns {Promise<Object>} Response data
- */
 const authorization = async (strapi, params) => {
   const requiredParams = {
     request: "authorization",
@@ -164,12 +123,6 @@ const authorization = async (strapi, params) => {
   return await sendRequest(strapi, updatedParams);
 };
 
-/**
- * Capture
- * @param {Object} strapi - Strapi instance
- * @param {Object} params - Request parameters
- * @returns {Promise<Object>} Response data
- */
 const capture = async (strapi, params) => {
   if (!params.txid) {
     throw new Error("Transaction ID (txid) is required for capture");
@@ -187,12 +140,6 @@ const capture = async (strapi, params) => {
   return await sendRequest(strapi, requiredParams);
 };
 
-/**
- * Refund
- * @param {Object} strapi - Strapi instance
- * @param {Object} params - Request parameters
- * @returns {Promise<Object>} Response data
- */
 const refund = async (strapi, params) => {
   if (!params.txid) {
     throw new Error("Transaction ID (txid) is required for refund");
@@ -210,28 +157,15 @@ const refund = async (strapi, params) => {
   return await sendRequest(strapi, requiredParams);
 };
 
-/**
- * Handle 3D Secure callback from Payone
- * This processes the callback after customer completes 3DS authentication
- * Note: Payone's redirect callback typically doesn't include transaction details -
- * the URL path (success/error/back) indicates the result.
- * @param {Object} strapi - Strapi instance
- * @param {Object} callbackData - Callback data from Payone (may be empty or minimal)
- * @param {string} resultType - Result type from URL path: 'success', 'error', 'cancelled', or 'callback'
- * @returns {Promise<Object>} Processed callback result
- */
 const handle3DSCallback = async (strapi, callbackData, resultType = 'callback') => {
   try {
-    // Parse any data that Payone might have sent
     const parsedData = callbackData && Object.keys(callbackData).length > 0
       ? parseResponse(callbackData, strapi.log)
       : {};
 
-    // Extract transaction information if available
     const txid = extractTxId(parsedData);
     const reference = parsedData.reference || parsedData.Reference || null;
 
-    // Determine status from resultType (URL path) since Payone callback may not include status
     let status;
     if (resultType === 'success') {
       status = 'APPROVED';
@@ -240,11 +174,9 @@ const handle3DSCallback = async (strapi, callbackData, resultType = 'callback')
     } else if (resultType === 'cancelled') {
       status = 'CANCELLED';
     } else {
-      // Fallback to parsed data if available
       status = parsedData.status || parsedData.Status || 'PENDING';
     }
 
-    // Log for debugging purposes only (not saved to transaction history)
     strapi.log.info("3DS callback processed:", {
       resultType,
       status,

package/server/services/payone.js

@@ -6,9 +6,6 @@ const paymentService = require("./paymentService");
 const testConnectionService = require("./testConnectionService");
 const applePayService = require("./applePayService");
 
-/**
- * Main Payone service - aggregates all sub-services
- */
 module.exports = ({ strapi }) => ({
   // Settings
   async getSettings() {

package/server/services/settingsService.js

@@ -2,11 +2,6 @@
 
 const PLUGIN_NAME = "strapi-plugin-payone-provider";
 
-/**
- * Get plugin store instance
- * @param {Object} strapi - Strapi instance
- * @returns {Object} Plugin store
- */
 const getPluginStore = (strapi) => {
   return strapi.store({
     environment: "",
@@ -15,22 +10,11 @@ const getPluginStore = (strapi) => {
   });
 };
 
-/**
- * Get Payone settings
- * @param {Object} strapi - Strapi instance
- * @returns {Promise<Object>} Settings
- */
 const getSettings = async (strapi) => {
   const pluginStore = getPluginStore(strapi);
   return await pluginStore.get({ key: "settings" });
 };
 
-/**
- * Update Payone settings
- * @param {Object} strapi - Strapi instance
- * @param {Object} settings - Settings to update
- * @returns {Promise<Object>} Updated settings
- */
 const updateSettings = async (strapi, settings) => {
   const pluginStore = getPluginStore(strapi);
   await pluginStore.set({
@@ -40,11 +24,6 @@ const updateSettings = async (strapi, settings) => {
   return settings;
 };
 
-/**
- * Validate settings
- * @param {Object} settings - Settings to validate
- * @returns {boolean} True if valid
- */
 const validateSettings = (settings) => {
   return !!(settings && settings.aid && settings.portalid && settings.key);
 };

package/server/services/testConnectionService.js

@@ -7,11 +7,6 @@ const { getSettings, validateSettings } = require("./settingsService");
 
 const POST_GATEWAY_URL = "https://api.pay1.de/post-gateway/";
 
-/**
- * Test Payone connection
- * @param {Object} strapi - Strapi instance
- * @returns {Promise<Object>} Test result
- */
 const testConnection = async (strapi) => {
   try {
     const settings = await getSettings(strapi);
@@ -79,11 +74,7 @@ const testConnection = async (strapi) => {
       result.Error?.CustomerMessage ||
       "";
 
-    strapi.log.info("Payone test connection response:", { status, errorCode });
-
-    // Handle error status
     if (status === "ERROR" || status === "error") {
-      // Authentication errors
       if (["2006", "920", "921", "922", "401", "403"].includes(errorCode)) {
         return {
           success: false,
@@ -92,7 +83,6 @@ const testConnection = async (strapi) => {
         };
       }
 
-      // Check for invalid credentials in message
       const errorMessageStr = typeof errorMessage === "string" ? errorMessage : JSON.stringify(errorMessage);
       const errorMessageLower = (errorMessageStr || "").toLowerCase();
       const authErrorKeywords = [
@@ -118,7 +108,6 @@ const testConnection = async (strapi) => {
         };
       }
 
-      // Reference already exists (911) means credentials are working
       if (errorCode === "911") {
         return {
           success: true,
@@ -132,7 +121,6 @@ const testConnection = async (strapi) => {
         };
       }
 
-      // Other errors
       return {
         success: false,
         message: `Connection failed: ${customErrorMessage || errorMessageStr || "Unknown error"}`,
@@ -145,7 +133,6 @@ const testConnection = async (strapi) => {
       };
     }
 
-    // APPROVED status means connection is OK
     if (status === "APPROVED" || status === "approved") {
       return {
         success: true,
@@ -159,7 +146,6 @@ const testConnection = async (strapi) => {
       };
     }
 
-    // Unexpected response format
     return {
       success: false,
       message: "Unexpected response format from Payone API",

package/server/services/transactionService.js

@@ -1,13 +1,7 @@
 "use strict";
 
-const { getPluginStore, PLUGIN_NAME } = require("./settingsService");
-
-/**
- * Log transaction to history
- * @param {Object} strapi - Strapi instance
- * @param {Object} transactionData - Transaction data
- * @returns {Promise<void>}
- */
+const { getPluginStore } = require("./settingsService");
+
 const logTransaction = async (strapi, transactionData) => {
   const pluginStore = getPluginStore(strapi);
   let transactionHistory =
@@ -41,7 +35,6 @@ const logTransaction = async (strapi, transactionData) => {
 
   transactionHistory.unshift(logEntry);
 
-  // Keep only last 1000 transactions
   if (transactionHistory.length > 1000) {
     transactionHistory = transactionHistory.slice(0, 1000);
   }
@@ -54,18 +47,11 @@ const logTransaction = async (strapi, transactionData) => {
   strapi.log.info("Transaction logged:", logEntry);
 };
 
-/**
- * Get transaction history with filters
- * @param {Object} strapi - Strapi instance
- * @param {Object} filters - Filter options
- * @returns {Promise<Array>} Filtered transaction history
- */
 const getTransactionHistory = async (strapi, filters = {}) => {
   const pluginStore = getPluginStore(strapi);
   let transactionHistory =
     (await pluginStore.get({ key: "transactionHistory" })) || [];
 
-  // Apply filters
   if (filters.status) {
     transactionHistory = transactionHistory.filter(
       (transaction) => transaction.status === filters.status

package/server/utils/paymentMethodParams.js

@@ -62,7 +62,6 @@ const addPaymentMethodParams = (params, logger) => {
     }
   };
 
-  // Handle special cases (gpp, apl) FIRST - set wallettype BEFORE changing clearingtype
   if (clearingtype === "gpp" || clearingtype === "apl") {
     if (clearingtype === "gpp") {
       updated.wallettype = "GGP";
@@ -74,34 +73,76 @@ const addPaymentMethodParams = (params, logger) => {
 
   const defaults = methodDefaults[clearingtype] || methodDefaults.cc;
 
-  // Apply defaults (but don't override wallettype if already set)
   Object.entries(defaults).forEach(([key, value]) => {
     if (key === "wallettype" && updated.wallettype) {
-      return; // Don't override wallettype if already set
+      return;
     }
     if (!updated[key]) {
       updated[key] = value;
     }
   });
-  
-  // Handle Apple Pay token if present
-  if (updated.applePayToken || updated["add_paydata[paymentmethod_token_data]"]) {
-    const token = updated.applePayToken || updated["add_paydata[paymentmethod_token_data]"];
-    const gatewayMerchantId = updated.mid || updated.portalid || '';
-    
-    updated["add_paydata[paymentmethod_token_data]"] = token;
-    updated["add_paydata[paymentmethod]"] = "APL";
-    updated["add_paydata[paymentmethod_type]"] = "APPLEPAY";
-    updated["add_paydata[gatewayid]"] = "payonegmbh";
-    if (gatewayMerchantId) {
-      updated["add_paydata[gateway_merchantid]"] = gatewayMerchantId;
+
+  if (updated.applePayToken) {
+    let tokenData;
+    try {
+      // Decode Base64 token
+      const tokenString = Buffer.from(updated.applePayToken, 'base64').toString('utf-8');
+      tokenData = JSON.parse(tokenString);
+    } catch (e) {
+      try {
+        // Try parsing as JSON string directly
+        tokenData = typeof updated.applePayToken === 'string'
+          ? JSON.parse(updated.applePayToken)
+          : updated.applePayToken;
+      } catch (e2) {
+        // If already an object, use as-is
+        tokenData = updated.applePayToken;
+      }
+    }
+
+    if (tokenData && typeof tokenData === 'object') {
+      const paymentData = tokenData.paymentData;
+
+      if (!paymentData) {
+        if (logger) {
+          logger.error("[Apple Pay] Invalid token structure: missing paymentData field");
+        }
+        delete updated.applePayToken;
+        return updated;
+      }
+
+      const header = paymentData.header || {};
+
+      // Payone required fields according to docs
+      updated["add_paydata[paymentdata_token_version]"] = paymentData.version || "EC_v1";
+      updated["add_paydata[paymentdata_token_data]"] = paymentData.data || "";
+      updated["add_paydata[paymentdata_token_signature]"] = paymentData.signature || "";
+      updated["add_paydata[paymentdata_token_ephemeral_publickey]"] = header.ephemeralPublicKey || "";
+      updated["add_paydata[paymentdata_token_publickey_hash]"] = header.publicKeyHash || "";
+
+      // Transaction ID is optional according to Payone docs
+      if (paymentData.transactionId || header.transactionId) {
+        updated["add_paydata[paymentdata_token_transaction_id]"] = paymentData.transactionId || header.transactionId || "";
+      }
+
+      if (!updated["add_paydata[paymentdata_token_data]"] ||
+        !updated["add_paydata[paymentdata_token_signature]"] ||
+        !updated["add_paydata[paymentdata_token_ephemeral_publickey]"] ||
+        !updated["add_paydata[paymentdata_token_publickey_hash]"]) {
+        if (logger) {
+          logger.error("[Apple Pay] Missing required token fields:", {
+            hasData: !!updated["add_paydata[paymentdata_token_data]"],
+            hasSignature: !!updated["add_paydata[paymentdata_token_signature]"],
+            hasEphemeralPublicKey: !!updated["add_paydata[paymentdata_token_ephemeral_publickey]"],
+            hasPublicKeyHash: !!updated["add_paydata[paymentdata_token_publickey_hash]"]
+          });
+        }
+      }
     }
-    
-    // Remove applePayToken from params as it's now in add_paydata
+
     delete updated.applePayToken;
   }
 
-  // Ensure wallettype is set for wallet payments
   if (updated.clearingtype === "wlt" && !updated.wallettype) {
     if (clearingtype === "gpp" || updated.paymentMethod === "gpp" || (updated["add_paydata[paymentmethod]"] === "GGP")) {
       updated.wallettype = "GGP";
@@ -111,14 +152,12 @@ const addPaymentMethodParams = (params, logger) => {
       updated.wallettype = "PPE";
     }
   }
-  
-  // Remove cardtype if clearingtype is wallet payment
+
   if (updated.clearingtype === "wlt" && updated.cardtype) {
     delete updated.cardtype;
   }
 
 
-  // Common defaults
   const commonDefaults = {
     salutation: "Herr",
     gender: "m",

package/server/utils/requestBuilder.js

@@ -3,13 +3,6 @@
 const crypto = require("crypto");
 const { normalizeCustomerId } = require("./normalize");
 
-/**
- * Build client request parameters for Payone API
- * @param {Object} settings - Payone settings
- * @param {Object} params - Request parameters
- * @param {Object|null} logger - Logger instance
- * @returns {Object} Built request parameters
- */
 const buildClientRequestParams = (settings, params, logger = null) => {
   const requestParams = {
     request: params.request,
@@ -21,29 +14,23 @@ const buildClientRequestParams = (settings, params, logger = null) => {
     ...params
   };
 
-  // Generate MD5 hash key
   requestParams.key = crypto
     .createHash("md5")
     .update(settings.portalKey || settings.key)
     .digest("hex");
 
-  // Normalize customer ID
   requestParams.customerid = normalizeCustomerId(
     requestParams.customerid,
     logger
   );
 
-  // Add 3D Secure parameters if enabled and for credit card payments
   const isCreditCard = requestParams.clearingtype === "cc";
-  // Enable 3DS if setting is true or not explicitly false (default to enabled if not set)
   const enable3DSecure = settings.enable3DSecure !== false;
 
   if (isCreditCard && enable3DSecure && (params.request === "preauthorization" || params.request === "authorization")) {
     requestParams["3dsecure"] = "yes";
     requestParams.ecommercemode = params.ecommercemode || "internet";
 
-    // Ensure redirect URLs are always provided for 3DS
-    // These are required for 3DS authentication flow
     if (!requestParams.successurl) {
       requestParams.successurl = params.successurl || "https://www.example.com/success";
     }
@@ -54,7 +41,6 @@ const buildClientRequestParams = (settings, params, logger = null) => {
       requestParams.backurl = params.backurl || "https://www.example.com/back";
     }
 
-    // Log redirect URLs for debugging
     if (logger) {
       logger.info("3DS Redirect URLs:", {
         successurl: requestParams.successurl,
@@ -66,7 +52,6 @@ const buildClientRequestParams = (settings, params, logger = null) => {
     requestParams["3dsecure"] = "no";
   }
 
-  // Set default values
   const defaults = {
     salutation: "Herr",
     gender: "m",
@@ -82,12 +67,10 @@ const buildClientRequestParams = (settings, params, logger = null) => {
     }
   });
 
-  // Remove cardtype if clearingtype is wallet payment
   if (requestParams.clearingtype === "wlt" && requestParams.cardtype) {
     delete requestParams.cardtype;
   }
 
-  // Ensure wallettype is set for wallet payments
   if (requestParams.clearingtype === "wlt" && !requestParams.wallettype) {
     if (requestParams["add_paydata[paymentmethod_token_data]"]) {
       requestParams.wallettype = "GGP";
@@ -99,11 +82,6 @@ const buildClientRequestParams = (settings, params, logger = null) => {
   return requestParams;
 };
 
-/**
- * Convert request parameters to form data
- * @param {Object} requestParams - Request parameters
- * @returns {URLSearchParams} Form data
- */
 const toFormData = (requestParams) => {
   const formData = new URLSearchParams();
   for (const [key, value] of Object.entries(requestParams)) {

package/admin/src/pages/App/components/icons/index.js

@@ -1,11 +0,0 @@
-export { default as PaymentIcon } from './PaymentIcon';
-export { default as PersonIcon } from './PersonIcon';
-export { default as CreditCardIcon } from './CreditCardIcon';
-export { default as BankIcon } from './BankIcon';
-export { default as WalletIcon } from './WalletIcon';
-export { default as ErrorIcon } from './ErrorIcon';
-export { default as SuccessIcon } from './SuccessIcon';
-export { default as PendingIcon } from './PendingIcon';
-export { default as InfoIcon } from './InfoIcon';
-export { default as ChevronDownIcon } from './ChevronDownIcon';
-export { default as ChevronUpIcon } from './ChevronUpIcon';