strapi-plugin-payone-provider 1.6.5 → 1.6.7

package/server/services/applePayService.js

@@ -8,13 +8,35 @@ const POST_GATEWAY_URL = "https://api.pay1.de/post-gateway/";
 
 const parseResponse = (responseData) => {
   if (typeof responseData === 'string') {
+    if (responseData.trim().startsWith('{')) {
+      try {
+        return JSON.parse(responseData);
+      } catch (e) {
+        // Fall through to URL-encoded parsing
+      }
+    }
+
     const params = new URLSearchParams(responseData);
     const parsed = {};
     for (const [key, value] of params.entries()) {
       parsed[key] = value;
+      const normalizedKey = key.toLowerCase().replace(/\[/g, '_').replace(/\]/g, '');
+      if (normalizedKey !== key.toLowerCase()) {
+        parsed[normalizedKey] = value;
+      }
     }
     return parsed;
   }
+
+  if (typeof responseData === 'object' && responseData !== null) {
+    const result = { ...responseData };
+    if (result['add_paydata[applepay_payment_session]']) {
+      result.add_paydata = result.add_paydata || {};
+      result.add_paydata.applepay_payment_session = result['add_paydata[applepay_payment_session]'];
+    }
+    return result;
+  }
+
   return responseData;
 };
 
@@ -45,8 +67,6 @@ const initializeApplePaySession = async (strapi, params) => {
 
     const applePayConfig = settings?.applePayConfig || {};
     const currency = params.currency || applePayConfig.currencyCode || "EUR";
-    const countryCode = params.countryCode || applePayConfig.countryCode || "DE";
-
     const merchantName = params.displayName || settings?.merchantName || "Store";
     const domain = params.domain || params.domainName || "localhost";
 
@@ -63,18 +83,14 @@ const initializeApplePaySession = async (strapi, params) => {
     const requestParams = buildClientRequestParams(settings, baseParams, strapi.log);
     const formData = toFormData(requestParams);
 
-    let response;
-    try {
-      response = await axios.post(`${POST_GATEWAY_URL}Genericpayment`, formData, {
-        headers: { "Content-Type": "application/x-www-form-urlencoded" },
-        timeout: 30000,
-        validateStatus: function (status) {
-          return status >= 200 && status < 600;
-        }
-      });
-    } catch (axiosError) {
-      throw axiosError;
-    }
+    const response = await axios.post(`${POST_GATEWAY_URL}Genericpayment`, formData, {
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      timeout: 30000,
+      validateStatus: function (status) {
+        return status >= 200 && status < 600;
+      }
+    });
+
 
     if (response.status === 403) {
       const responseData = parseResponse(response.data);
@@ -88,12 +104,7 @@ const initializeApplePaySession = async (strapi, params) => {
 
       const detailedError = new Error("403 Forbidden: Authentication failed with Payone API. " +
         (errorCode ? `Error Code: ${errorCode}. ` : "") +
-        (errorMessage ? `Error: ${errorMessage}. ` : "") +
-        "Please check: 1) Your Payone credentials (aid, portalid, mid, key) in plugin settings, " +
-        "2) Mode is set to 'live' (Apple Pay only works in live mode), " +
-        "3) Your domain is registered with Payone Merchant Services, " +
-        "4) Merchant ID (mid) matches your merchantIdentifier in PMI, " +
-        "5) Apple Pay is enabled for your portal in PMI.");
+        (errorMessage ? `Error: ${errorMessage}. ` : ""));
       Object.assign(detailedError, { status: 403, response: response });
       throw detailedError;
     }
@@ -138,71 +149,7 @@ const initializeApplePaySession = async (strapi, params) => {
 
     return responseData;
   } catch (error) {
-    const errorStatus = error.response?.status || error.status;
-    const errorResponseData = error.response?.data;
-
-    // Provide more specific error messages
-    if (errorStatus === 403 || error.message?.includes('403')) {
-      let responseData = {};
-      let errorCode = null;
-      let errorMessage = null;
-
-      if (errorResponseData) {
-        try {
-          responseData = parseResponse(errorResponseData);
-          errorCode = responseData.errorcode || responseData.ErrorCode;
-          errorMessage = responseData.errormessage || responseData.ErrorMessage || responseData.customermessage || responseData.CustomerMessage;
-        } catch (parseErr) {
-          if (typeof errorResponseData === 'string') {
-            errorMessage = errorResponseData;
-          }
-        }
-      }
-
-      if (errorCode || errorMessage) {
-        strapi.log.error("[Apple Pay] 403 Forbidden from Payone:", {
-          errorcode: errorCode,
-          errormessage: errorMessage
-        });
-      }
-
-      let detailedMessage = "403 Forbidden: Authentication failed with Payone API. ";
-
-      if (errorCode) {
-        detailedMessage += `Error Code: ${errorCode}. `;
-      }
-
-      if (errorMessage) {
-        detailedMessage += `Error: ${errorMessage}. `;
-      }
-
-      detailedMessage += "Please check:\n" +
-        "1. Your Payone credentials (aid, portalid, mid, key) in plugin settings\n" +
-        "2. Mode is set to 'live' (Apple Pay only works in live mode according to Payone docs)\n" +
-        "3. Your domain is registered with Payone Merchant Services\n" +
-        "4. Merchant ID (mid) matches your merchantIdentifier in PMI\n" +
-        "5. Apple Pay is enabled for your portal in PMI (CONFIGURATION → PAYMENT PORTALS → [Your Portal] → Payment type configuration tab)";
-
-      throw new Error(detailedMessage);
-    } else if (errorStatus === 401 || error.message?.includes('401')) {
-      if (errorResponseData) {
-        const responseData = parseResponse(errorResponseData);
-        strapi.log.error("[Apple Pay] 401 Unauthorized from Payone:", {
-          errorcode: responseData.errorcode || responseData.ErrorCode,
-          errormessage: responseData.errormessage || responseData.ErrorMessage
-        });
-      }
-      throw new Error("401 Unauthorized: Invalid credentials. Please verify your Payone key in plugin settings.");
-    } else if (errorStatus && errorStatus >= 500) {
-      const responseData = errorResponseData ? parseResponse(errorResponseData) : {};
-      strapi.log.error("[Apple Pay] Payone server error:", {
-        status: error.response?.status,
-        errorcode: responseData.errorcode || responseData.ErrorCode,
-        errormessage: responseData.errormessage || responseData.ErrorMessage
-      });
-      throw new Error(`Payone server error (${error.response?.status}): ${error.response?.statusText || 'Internal server error'}`);
-    }
-
+    strapi.log.error("[Apple Pay] Error:", error instanceof Error ? error.message : error);
     throw error;
   }
 };
@@ -215,28 +162,89 @@ const validateApplePayMerchant = async (strapi, params) => {
       throw new Error("Payone settings are not properly configured. Please check your plugin settings (aid, portalid, mid, key).");
     }
 
-    // Get currency and country from Apple Pay config
     const applePayConfig = settings?.applePayConfig || {};
-    const currency = params.currency || applePayConfig.currencyCode || "EUR";
-    const countryCode = params.countryCode || applePayConfig.countryCode || "DE";
 
-    // Update params with config values
     if (!params.currency && applePayConfig.currencyCode) {
       params.currency = applePayConfig.currencyCode;
     }
+
     if (!params.countryCode && applePayConfig.countryCode) {
       params.countryCode = applePayConfig.countryCode;
     }
 
     const sessionResponse = await initializeApplePaySession(strapi, params);
 
-    const applePaySessionBase64 = sessionResponse["add_paydata[applepay_payment_session]"] ||
-      sessionResponse.add_paydata?.applepay_payment_session;
+    // Extract add_paydata[applepay_payment_session] from response
+    // Payone returns this in URL-encoded format: add_paydata[applepay_payment_session]=BASE64_STRING
+    const applePaySessionBase64 =
+      sessionResponse["add_paydata[applepay_payment_session]"] ||
+      sessionResponse["add_paydata_applepay_payment_session"] ||
+      sessionResponse.add_paydata?.applepay_payment_session ||
+      (sessionResponse.add_paydata && typeof sessionResponse.add_paydata === 'object'
+        ? sessionResponse.add_paydata["applepay_payment_session"]
+        : null);
+
+    strapi.log.info("[Apple Pay] Genericpayment response:", {
+      status: sessionResponse.status,
+      workorderid: sessionResponse.workorderid,
+      hasApplePaySession: !!applePaySessionBase64,
+      applePaySessionLength: applePaySessionBase64 ? applePaySessionBase64.length : 0,
+      responseKeys: Object.keys(sessionResponse),
+      hasAddPaydataKey: !!sessionResponse["add_paydata[applepay_payment_session]"],
+      hasAddPaydataObject: !!sessionResponse.add_paydata,
+      addPaydataKeys: sessionResponse.add_paydata ? Object.keys(sessionResponse.add_paydata) : null
+    });
+
+    if (!applePaySessionBase64) {
+      strapi.log.error("[Apple Pay] Missing applepay_payment_session in response:", {
+        status: sessionResponse.status,
+        responseKeys: Object.keys(sessionResponse),
+        responseSample: JSON.stringify(sessionResponse).substring(0, 1000),
+        addPaydataKeys: sessionResponse.add_paydata ? Object.keys(sessionResponse.add_paydata) : null
+      });
+      throw new Error("Missing applepay_payment_session in Payone response. Please check your Payone Apple Pay configuration in PMI.");
+    }
 
     if (sessionResponse.status === "OK" && applePaySessionBase64 && applePaySessionBase64.length > 0) {
       try {
-        const merchantSessionJson = Buffer.from(applePaySessionBase64, 'base64').toString('utf-8');
-        const merchantSession = JSON.parse(merchantSessionJson);
+        strapi.log.info("[Apple Pay] Extracting merchant session from Base64:", {
+          base64Length: applePaySessionBase64.length,
+          base64Preview: applePaySessionBase64.substring(0, 100) + "...",
+          base64End: applePaySessionBase64.substring(Math.max(0, applePaySessionBase64.length - 50))
+        });
+
+        // Decode Base64 to get merchant session JSON
+        let merchantSessionJson;
+        try {
+          merchantSessionJson = Buffer.from(applePaySessionBase64, 'base64').toString('utf-8');
+          strapi.log.info("[Apple Pay] Base64 decoded successfully, JSON length:", merchantSessionJson.length);
+        } catch (decodeError) {
+          strapi.log.error("[Apple Pay] Failed to decode Base64:", {
+            error: decodeError.message,
+            base64Length: applePaySessionBase64.length
+          });
+          throw new Error(`Failed to decode Base64 merchant session: ${decodeError.message}`);
+        }
+
+        // Parse JSON merchant session
+        let merchantSession;
+        try {
+          merchantSession = JSON.parse(merchantSessionJson);
+          strapi.log.info("[Apple Pay] Merchant session JSON parsed successfully");
+        } catch (parseError) {
+          strapi.log.error("[Apple Pay] Failed to parse merchant session JSON:", {
+            error: parseError.message,
+            jsonPreview: merchantSessionJson.substring(0, 500)
+          });
+          throw new Error(`Failed to parse merchant session JSON: ${parseError.message}`);
+        }
+
+        strapi.log.info("[Apple Pay] Merchant session extracted successfully:", {
+          hasMerchantIdentifier: !!merchantSession.merchantIdentifier,
+          hasEpochTimestamp: !!merchantSession.epochTimestamp,
+          hasExpiresAt: !!merchantSession.expiresAt,
+          merchantSessionKeys: Object.keys(merchantSession)
+        });
 
         if (merchantSession.epochTimestamp && merchantSession.epochTimestamp > 1000000000000) {
           merchantSession.epochTimestamp = Math.floor(merchantSession.epochTimestamp / 1000);
@@ -274,7 +282,9 @@ const validateApplePayMerchant = async (strapi, params) => {
     throw new Error(
       `Payone Apple Pay initialization failed: ${errorCode ? `Error ${errorCode}` : 'Unknown error'} - ${errorMessage || 'Please check your Payone Apple Pay configuration in PMI'}`
     );
+
   } catch (error) {
+    strapi.log.error("[Apple Pay] Error:", error instanceof Error ? error.message : error);
     throw error;
   }
 };

package/server/services/paymentService.js

@@ -9,6 +9,31 @@ const { logTransaction } = require("./transactionService");
 
 const POST_GATEWAY_URL = "https://api.pay1.de/post-gateway/";
 
+const getInvoiceIdObject = (invoiceid) => {
+  if (!invoiceid || typeof invoiceid !== 'string') {
+    return null;
+  }
+
+  const invoiceIdVariants = [
+    'invoiceid',
+    'invoiceId',
+    'invoice_id',
+    'invoiceID',
+    'InvoiceId',
+    'InvoiceID',
+    'Invoice_Id',
+    'INVOICEID',
+    'INVOICE_ID'
+  ];
+
+  let invoiceIdObject = {}
+  for (const variant of invoiceIdVariants) {
+    invoiceIdObject[variant] = invoiceid;
+  }
+
+  return invoiceIdObject;
+};
+
 const sendRequest = async (strapi, params) => {
   try {
     const settings = await getSettings(strapi);
@@ -87,30 +112,45 @@ const sendRequest = async (strapi, params) => {
 };
 
 const preauthorization = async (strapi, params) => {
+
   const requiredParams = {
     request: "preauthorization",
-    clearingtype: params.clearingtype || "cc",
-    amount: params.amount || 1000,
-    currency: params.currency || "EUR",
-    reference: params.reference || `PREAUTH-${Date.now()}`,
-    firstname: params.firstname || "Test",
-    lastname: params.lastname || "User",
-    street: params.street || "Test Street 1",
-    zip: params.zip || "12345",
-    city: params.city || "Test City",
-    country: params.country || "DE",
-    email: params.email || "test@example.com",
+    clearingtype: params.clearingtype,
+    amount: params.amount,
+    currency: params.currency,
+    reference: params.reference,
+    firstname: params.firstname,
+    lastname: params.lastname,
+    street: params.street,
+    zip: params.zip,
+    city: params.city,
+    country: params.country,
+    email: params.email,
+    narrative_text: params.narrative_text,
+    ...getInvoiceIdObject(params.invoiceid),
     ...params
   };
 
+
   const updatedParams = addPaymentMethodParams(requiredParams, strapi.log);
   return await sendRequest(strapi, updatedParams);
 };
 
 const authorization = async (strapi, params) => {
+
   const requiredParams = {
     request: "authorization",
-    clearingtype: params.clearingtype || "cc",
+    clearingtype: params.clearingtype,
+    reference: params.reference,
+    firstname: params.firstname,
+    lastname: params.lastname,
+    street: params.street,
+    zip: params.zip,
+    city: params.city,
+    country: params.country,
+    email: params.email,
+    narrative_text: params.narrative_text,
+    ...getInvoiceIdObject(params.invoiceid),
     ...params
   };
 
@@ -123,15 +163,16 @@ const capture = async (strapi, params) => {
     throw new Error("Transaction ID (txid) is required for capture");
   }
 
+
   const requiredParams = {
     request: "capture",
     txid: params.txid,
     amount: params.amount || 1000,
     currency: params.currency || "EUR",
+    ...getInvoiceIdObject(params.invoiceid),
     ...params
   };
 
-  delete requiredParams.reference;
   return await sendRequest(strapi, requiredParams);
 };
 
@@ -140,12 +181,14 @@ const refund = async (strapi, params) => {
     throw new Error("Transaction ID (txid) is required for refund");
   }
 
+
   const requiredParams = {
     request: "refund",
     txid: params.txid,
     amount: params.amount || 1000,
     currency: params.currency || "EUR",
     reference: params.reference || `REFUND-${Date.now()}`,
+    ...getInvoiceIdObject(params.invoiceid),
     ...params
   };
 

package/server/services/transactionService.js

@@ -12,6 +12,7 @@ const logTransaction = async (strapi, transactionData) => {
     timestamp: new Date().toISOString(),
     txid: transactionData.txid || null,
     reference: transactionData.reference || null,
+    invoiceid: transactionData.invoiceid || null,
     request_type:
       transactionData.request_type || transactionData.request || "unknown",
     amount: transactionData.amount || null,
@@ -27,6 +28,7 @@ const logTransaction = async (strapi, transactionData) => {
       transactionData.customer_message ||
       transactionData.Error?.CustomerMessage ||
       null,
+    body: transactionData || null,
     raw_request: transactionData.raw_request || null,
     raw_response: transactionData.raw_response || transactionData,
     created_at: new Date().toISOString(),
@@ -52,10 +54,19 @@ const getTransactionHistory = async (strapi, filters = {}) => {
   let transactionHistory =
     (await pluginStore.get({ key: "transactionHistory" })) || [];
 
-  if (filters.status) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) => transaction.status === filters.status
-    );
+  if (filters.search) {
+    const searchLower = filters.search.toLowerCase().trim();
+    transactionHistory = transactionHistory.filter((transaction) => {
+      const status = (transaction.status || "").toLowerCase();
+      const txid = (transaction.txid || "").toLowerCase();
+      const reference = (transaction.reference || "").toLowerCase();
+
+      return (
+        status.includes(searchLower) ||
+        txid.includes(searchLower) ||
+        reference.includes(searchLower)
+      );
+    });
   }
 
   if (filters.request_type) {
@@ -64,16 +75,28 @@ const getTransactionHistory = async (strapi, filters = {}) => {
     );
   }
 
-  if (filters.txid) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) => transaction.txid === filters.txid
-    );
-  }
-
-  if (filters.reference) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) => transaction.reference === filters.reference
-    );
+  if (filters.payment_method) {
+    transactionHistory = transactionHistory.filter((transaction) => {
+      const clearingtype = transaction.raw_request?.clearingtype || "";
+      const wallettype = transaction.raw_request?.wallettype || "";
+
+      switch (filters.payment_method) {
+        case "credit_card":
+          return clearingtype === "cc";
+        case "paypal":
+          return clearingtype === "wlt" && wallettype === "PPE";
+        case "google_pay":
+          return clearingtype === "wlt" && (wallettype === "GPY" || wallettype === "GOOGLEPAY");
+        case "apple_pay":
+          return clearingtype === "wlt" && (wallettype === "APL" || wallettype === "APPLEPAY");
+        case "sofort":
+          return clearingtype === "sb";
+        case "sepa":
+          return clearingtype === "elv";
+        default:
+          return false;
+      }
+    });
   }
 
   if (filters.date_from) {

package/server/utils/paymentMethodParams.js

@@ -43,6 +43,26 @@ const addPaymentMethodParams = (params, logger) => {
   const updated = { ...params };
   const clearingtype = updated.clearingtype || "cc";
 
+  const customParams = {};
+  const knownParams = new Set([
+    'cardpan', 'cardexpiredate', 'cardcvc2', 'cardtype', 'wallettype',
+    'bankcountry', 'iban', 'bic', 'bankaccountholder', 'onlinebanktransfertype',
+    'recurrence', 'financingtype', 'invoicetype',
+    // Common defaults
+    'salutation', 'gender', 'telephonenumber', 'ip', 'language', 'customer_is_present',
+    // Payment method tokens
+    'applePayToken', 'googlePayToken',
+    // Other known params
+    'clearingtype', 'paymentMethod', 'settings', 'enable3DSecure', 'ecommercemode'
+  ]);
+
+  // Extract custom params that are not in known params
+  Object.keys(updated).forEach(key => {
+    if (!knownParams.has(key) && !key.startsWith('add_paydata[')) {
+      customParams[key] = updated[key];
+    }
+  });
+
   const methodDefaults = {
     cc: {
       cardpan: "4111111111111111",
@@ -123,18 +143,27 @@ const addPaymentMethodParams = (params, logger) => {
   if (updated.applePayToken) {
     let tokenData;
     try {
-      // Decode Base64 token
       const tokenString = Buffer.from(updated.applePayToken, 'base64').toString('utf-8');
       tokenData = JSON.parse(tokenString);
+
+      if (logger) {
+        logger.info("[Apple Pay] Token decoded from Base64 successfully");
+      }
     } catch (e) {
       try {
-        // Try parsing as JSON string directly
         tokenData = typeof updated.applePayToken === 'string'
           ? JSON.parse(updated.applePayToken)
           : updated.applePayToken;
+
+        if (logger) {
+          logger.info("[Apple Pay] Token parsed as JSON string directly");
+        }
       } catch (e2) {
-        // If already an object, use as-is
         tokenData = updated.applePayToken;
+
+        if (logger) {
+          logger.info("[Apple Pay] Token used as-is (already an object)");
+        }
       }
     }
 
@@ -143,7 +172,10 @@ const addPaymentMethodParams = (params, logger) => {
 
       if (!paymentData) {
         if (logger) {
-          logger.error("[Apple Pay] Invalid token structure: missing paymentData field");
+          logger.error("[Apple Pay] Invalid token structure: missing paymentData field", {
+            tokenKeys: Object.keys(tokenData),
+            tokenStructure: JSON.stringify(tokenData).substring(0, 500)
+          });
         }
         delete updated.applePayToken;
         return updated;
@@ -152,30 +184,66 @@ const addPaymentMethodParams = (params, logger) => {
       const header = paymentData.header || {};
 
       // Payone required fields according to docs
-      updated["add_paydata[paymentdata_token_version]"] = paymentData.version || "EC_v1";
-      updated["add_paydata[paymentdata_token_data]"] = paymentData.data || "";
-      updated["add_paydata[paymentdata_token_signature]"] = paymentData.signature || "";
-      updated["add_paydata[paymentdata_token_ephemeral_publickey]"] = header.ephemeralPublicKey || "";
-      updated["add_paydata[paymentdata_token_publickey_hash]"] = header.publicKeyHash || "";
+      // Extract version, data, signature from paymentData
+      const tokenVersion = paymentData.version || "EC_v1";
+      const tokenDataValue = paymentData.data || "";
+      const tokenSignature = paymentData.signature || "";
+
+      // Extract from header
+      const ephemeralPublicKey = header.ephemeralPublicKey || "";
+      const publicKeyHash = header.publicKeyHash || "";
+      const transactionId = paymentData.transactionId || header.transactionId || "";
+
+      // Set Payone required fields
+      updated["add_paydata[paymentdata_token_version]"] = tokenVersion;
+      updated["add_paydata[paymentdata_token_data]"] = tokenDataValue;
+      updated["add_paydata[paymentdata_token_signature]"] = tokenSignature;
+      updated["add_paydata[paymentdata_token_ephemeral_publickey]"] = ephemeralPublicKey;
+      updated["add_paydata[paymentdata_token_publickey_hash]"] = publicKeyHash;
 
       // Transaction ID is optional according to Payone docs
-      if (paymentData.transactionId || header.transactionId) {
-        updated["add_paydata[paymentdata_token_transaction_id]"] = paymentData.transactionId || header.transactionId || "";
+      if (transactionId) {
+        updated["add_paydata[paymentdata_token_transaction_id]"] = transactionId;
       }
 
-      if (!updated["add_paydata[paymentdata_token_data]"] ||
-        !updated["add_paydata[paymentdata_token_signature]"] ||
-        !updated["add_paydata[paymentdata_token_ephemeral_publickey]"] ||
-        !updated["add_paydata[paymentdata_token_publickey_hash]"]) {
+      if (logger) {
+        logger.info("[Apple Pay] Token extracted successfully:", {
+          hasVersion: !!tokenVersion,
+          hasData: !!tokenDataValue,
+          hasSignature: !!tokenSignature,
+          hasEphemeralPublicKey: !!ephemeralPublicKey,
+          hasPublicKeyHash: !!publicKeyHash,
+          hasTransactionId: !!transactionId,
+          dataLength: tokenDataValue.length,
+          signatureLength: tokenSignature.length,
+          ephemeralPublicKeyLength: ephemeralPublicKey.length,
+          publicKeyHashLength: publicKeyHash.length
+        });
+      }
+
+      // Validate required fields
+      if (!tokenDataValue ||
+        !tokenSignature ||
+        !ephemeralPublicKey ||
+        !publicKeyHash) {
         if (logger) {
           logger.error("[Apple Pay] Missing required token fields:", {
-            hasData: !!updated["add_paydata[paymentdata_token_data]"],
-            hasSignature: !!updated["add_paydata[paymentdata_token_signature]"],
-            hasEphemeralPublicKey: !!updated["add_paydata[paymentdata_token_ephemeral_publickey]"],
-            hasPublicKeyHash: !!updated["add_paydata[paymentdata_token_publickey_hash]"]
+            hasData: !!tokenDataValue,
+            hasSignature: !!tokenSignature,
+            hasEphemeralPublicKey: !!ephemeralPublicKey,
+            hasPublicKeyHash: !!publicKeyHash,
+            paymentDataKeys: Object.keys(paymentData),
+            headerKeys: Object.keys(header)
           });
         }
       }
+    } else {
+      if (logger) {
+        logger.error("[Apple Pay] Token is not a valid object:", {
+          tokenType: typeof tokenData,
+          tokenValue: typeof tokenData === 'string' ? tokenData.substring(0, 200) : String(tokenData).substring(0, 200)
+        });
+      }
     }
 
     delete updated.applePayToken;
@@ -210,6 +278,8 @@ const addPaymentMethodParams = (params, logger) => {
     }
   });
 
+  Object.assign(updated, customParams);
+
   return updated;
 };