npm - strapi-plugin-payone-provider - Versions diffs - 4.6.9 → 5.6.10 - Mend

strapi-plugin-payone-provider 4.6.9 → 5.6.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (104) hide show

package/server/services/paymentService.js CHANGED Viewed

@@ -51,13 +51,7 @@ const sendRequest = async (strapi, params) => {
     });
     const responseData = parseResponse(response.data, strapi.log);
-    const errorCode =
-      responseData.errorcode ||
-      responseData.ErrorCode ||
-      responseData.Error?.ErrorCode ||
-      responseData.error_code ||
-      null;
+    const errorCode = responseData?.Error?.ErrorCode;
     const requires3DSErrorCodes = ["4219", 4219];
     const is3DSRequiredError = requires3DSErrorCodes.includes(errorCode);
@@ -69,21 +63,11 @@ const sendRequest = async (strapi, params) => {
     }
-    const errorMessage =
-      responseData.errormessage ||
-      responseData.ErrorMessage ||
-      responseData.Error?.ErrorMessage ||
-      responseData.error_message ||
-      null;
-    const customerMessage =
-      responseData.customermessage ||
-      responseData.CustomerMessage ||
-      responseData.Error?.CustomerMessage ||
-      responseData.customer_message ||
-      null;
-    const status = (responseData.status || responseData.Status || "unknown").toUpperCase();
+    const errorMessage = responseData?.Error?.ErrorMessage || null;
+    const customerMessage = responseData?.Error?.CustomerMessage || null;
+    const status = (responseData?.status || responseData?.Status || "unknown").toUpperCase() || null;
     await logTransaction(strapi, {
       txid: extractTxId(responseData) || params.txid || null,

package/server/services/payone.js CHANGED Viewed

@@ -5,6 +5,7 @@ const transactionService = require("./transactionService");
 const paymentService = require("./paymentService");
 const testConnectionService = require("./testConnectionService");
 const applePayService = require("./applePayService");
+const transactionStatusService = require("./transactionStatusService");
 module.exports = ({ strapi }) => ({
   // Settings
@@ -16,7 +17,6 @@ module.exports = ({ strapi }) => ({
     return await settingsService.updateSettings(strapi, settings);
   },
-  // Payment operations
   async preauthorization(params) {
     return await paymentService.preauthorization(strapi, params);
   },
@@ -38,8 +38,9 @@ module.exports = ({ strapi }) => ({
     return await transactionService.logTransaction(strapi, transactionData);
   },
-  async getTransactionHistory(filters = {}) {
-    return await transactionService.getTransactionHistory(strapi, filters);
+  async getTransactionHistory({ filters = {}, pagination = {} }) {
+    return await transactionService.getTransactionHistory(strapi, { filters, pagination });
   },
   // Test connection
@@ -59,5 +60,11 @@ module.exports = ({ strapi }) => ({
   async initializeApplePaySession(params) {
     return await applePayService.initializeApplePaySession(strapi, params);
+  },
+  // TransactionStatus Notification
+  async processTransactionStatus(notificationData) {
+    return await transactionStatusService.processTransactionStatus(strapi, notificationData);
   }
 });

package/server/services/settingsService.js CHANGED Viewed

@@ -12,16 +12,26 @@ const getPluginStore = (strapi) => {
 const getSettings = async (strapi) => {
   const pluginStore = getPluginStore(strapi);
-  return await pluginStore.get({ key: "settings" });
+  const settings = await pluginStore.get({ key: "settings" }) || {};
+  return settings;
 };
 const updateSettings = async (strapi, settings) => {
   const pluginStore = getPluginStore(strapi);
+  const currentSettings = await getSettings(strapi) || {};
+  const mergedSettings = {
+    ...currentSettings,
+    ...settings
+  };
   await pluginStore.set({
     key: "settings",
-    value: settings
+    value: mergedSettings
   });
-  return settings;
+  return mergedSettings;
 };
 const validateSettings = (settings) => {

package/server/services/testConnectionService.js CHANGED Viewed

@@ -54,82 +54,19 @@ const testConnection = async (strapi) => {
     });
     const result = parseResponse(response.data, strapi.log);
-    const status = result.status || result.Status || result.STATUS;
-    const errorMessage =
-      result.errormessage ||
-      result.Errormessage ||
-      result.ERRORMESSAGE ||
-      result.error ||
-      result.Error?.ErrorMessage ||
-      "";
-    const errorCode =
-      result.errorcode ||
-      result.Errorcode ||
-      result.ERRORCODE ||
-      result.Error?.ErrorCode ||
-      "";
-    const customErrorMessage =
-      result.customerrormessage ||
-      result.Customerrormessage ||
-      result.CUSTOMERRORMESSAGE ||
-      result.Error?.CustomerMessage ||
-      "";
+    const status = result?.status || result?.Status || result?.STATUS;
+    const errorMessage = result?.Error?.ErrorMessage;
+    const errorCode = result?.Error?.ErrorCode;
+    const customErrorMessage = result?.Error?.CustomerMessage;
     if (status === "ERROR" || status === "error") {
-      if (["2006", "920", "921", "922", "401", "403"].includes(errorCode)) {
-        return {
-          success: false,
-          message: `Authentication failed: ${customErrorMessage || errorMessage || "Invalid credentials"}`,
-          errorcode: errorCode
-        };
-      }
-      const errorMessageStr = typeof errorMessage === "string" ? errorMessage : JSON.stringify(errorMessage);
-      const errorMessageLower = (errorMessageStr || "").toLowerCase();
-      const authErrorKeywords = [
-        "key incorrect",
-        "invalid key",
-        "portal key",
-        "unauthorized",
-        "not authorized",
-        "unknown aid",
-        "unknown account",
-        "unknown portal",
-        "unknown merchant",
-        "invalid aid",
-        "invalid mid",
-        "invalid portalid"
-      ];
-      if (authErrorKeywords.some((keyword) => errorMessageLower.includes(keyword))) {
-        return {
-          success: false,
-          message: `Authentication failed: ${errorMessageStr}`,
-          errorcode: errorCode || "AUTH"
-        };
-      }
-      if (errorCode === "911") {
-        return {
-          success: true,
-          message: "Connection successful! Your Payone credentials are valid.",
-          details: {
-            mode: settings.mode,
-            aid: settings.aid,
-            portalid: settings.portalid,
-            mid: settings.mid
-          }
-        };
-      }
       return {
         success: false,
-        message: `Connection failed: ${customErrorMessage || errorMessageStr || "Unknown error"}`,
-        errorcode: errorCode,
-        details: {
-          status,
-          errorCode,
-          rawResponse: JSON.stringify(result).substring(0, 200)
+        message: `Test connection failed: ${errorCode}`,
+        error: {
+          ErrorCode: errorCode,
+          ErrorMessage: errorMessage,
+          CustomerMessage: customErrorMessage
         }
       };
     }
@@ -157,11 +94,12 @@ const testConnection = async (strapi) => {
         rawResponse: JSON.stringify(result).substring(0, 200)
       }
     };
   } catch (error) {
     strapi.log.error("Payone test connection error:", error);
     return {
       success: false,
-      message: `Connection error: ${error.message || "Unknown error"}`,
+      message: `Test connection error: ${error.message || "Unknown error"}`,
       error: error.toString(),
       details: {
         errorType: error.constructor.name,

package/server/services/transactionService.js CHANGED Viewed

@@ -2,20 +2,6 @@
 const { getPluginStore } = require("./settingsService");
-const sanitizeRawRequest = (rawRequest) => {
-  if (!rawRequest || typeof rawRequest !== "object") return rawRequest
-  const sanitized = { ...rawRequest };
-  const sensitiveFields = ["cardpan", "cardexpiredate", "cardcvc2"];
-  sensitiveFields.forEach((field) => {
-    if (sanitized[field] && typeof sanitized[field] === "string") {
-      sanitized[field] = "*".repeat(sanitized[field].length);
-    }
-  });
-  return sanitized;
-};
 const logTransaction = async (strapi, transactionData) => {
   const pluginStore = getPluginStore(strapi);
   let transactionHistory =
@@ -42,19 +28,15 @@ const logTransaction = async (strapi, transactionData) => {
       transactionData.customer_message ||
       transactionData.Error?.CustomerMessage ||
       null,
-    body: transactionData ? { ...transactionData, raw_request: sanitizeRawRequest(transactionData.raw_request) } : null,
-    raw_request: transactionData.raw_request
-      ? sanitizeRawRequest(transactionData.raw_request)
-      : null,
-    raw_response: sanitizeRawRequest(transactionData.raw_response) || transactionData,
+    body: transactionData || null,
     created_at: new Date().toISOString(),
     updated_at: new Date().toISOString()
   };
   transactionHistory.unshift(logEntry);
-  if (transactionHistory.length > 5000) {
-    transactionHistory = transactionHistory.slice(0, 5000);
+  if (transactionHistory.length > 1000) {
+    transactionHistory = transactionHistory.slice(0, 1000);
   }
   await pluginStore.set({
@@ -62,39 +44,35 @@ const logTransaction = async (strapi, transactionData) => {
     value: transactionHistory
   });
-  strapi.log.info("Transaction logged:", logEntry);
+  console.log(`Transaction logged: ${logEntry}`);
 };
-const getTransactionHistory = async (strapi, filters = {}) => {
-  const pluginStore = getPluginStore(strapi);
-  let transactionHistory =
-    (await pluginStore.get({ key: "transactionHistory" })) || [];
-  if (filters.search) {
-    const searchLower = filters.search.toLowerCase().trim();
-    transactionHistory = transactionHistory.filter((transaction) => {
-      const status = (transaction.status || "").toLowerCase();
-      const txid = (transaction.txid || "").toLowerCase();
-      const reference = (transaction.reference || "").toLowerCase();
-      return (
-        status.includes(searchLower) ||
-        txid.includes(searchLower) ||
-        reference.includes(searchLower)
-      );
+const applyFilters = (transactions, filters = {}) => {
+  let result = [...transactions];
+  if (filters.search && typeof filters.search === 'string' && filters.search.trim() !== '') {
+    const search = filters.search.toLowerCase().trim();
+    result = result.filter((t) => {
+      const txid = (t.txid || "").toString().toLowerCase();
+      const reference = (t.reference || "").toString().toLowerCase();
+      return txid.includes(search) || reference.includes(search);
     });
   }
-  if (filters.request_type) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) => transaction.request_type === filters.request_type
+  if (filters.status) {
+    result = result.filter(
+      (t) => (t.status || "").toUpperCase() === filters.status.toUpperCase()
     );
   }
+  if (filters.request_type) {
+    result = result.filter((t) => t.request_type === filters.request_type);
+  }
   if (filters.payment_method) {
-    transactionHistory = transactionHistory.filter((transaction) => {
-      const clearingtype = transaction.raw_request?.clearingtype || "";
-      const wallettype = transaction.raw_request?.wallettype || "";
+    result = result.filter((t) => {
+      const clearingtype = t.raw_request?.clearingtype;
+      const wallettype = t.raw_request?.wallettype;
       switch (filters.payment_method) {
         case "credit_card":
@@ -102,82 +80,67 @@ const getTransactionHistory = async (strapi, filters = {}) => {
         case "paypal":
           return clearingtype === "wlt" && wallettype === "PPE";
         case "google_pay":
-          return clearingtype === "wlt" && (wallettype === "GPY" || wallettype === "GOOGLEPAY");
+          return clearingtype === "wlt" && ["GPY", "GOOGLEPAY"].includes(wallettype);
         case "apple_pay":
-          return clearingtype === "wlt" && (wallettype === "APL" || wallettype === "APPLEPAY");
+          return clearingtype === "wlt" && ["APL", "APPLEPAY"].includes(wallettype);
         case "sofort":
           return clearingtype === "sb";
         case "sepa":
           return clearingtype === "elv";
         default:
-          return false;
+          return true;
       }
     });
   }
   if (filters.date_from) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) =>
-        new Date(transaction.timestamp) >= new Date(filters.date_from)
+    const dateFrom = new Date(filters.date_from);
+    dateFrom.setHours(0, 0, 0, 0);
+    result = result.filter(
+      (t) => new Date(t.timestamp) >= dateFrom
     );
   }
   if (filters.date_to) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) =>
-        new Date(transaction.timestamp) <= new Date(filters.date_to)
+    const dateTo = new Date(filters.date_to);
+    dateTo.setHours(23, 59, 59, 999);
+    result = result.filter(
+      (t) => new Date(t.timestamp) <= dateTo
     );
   }
-  if (filters.status) {
-    transactionHistory = transactionHistory.filter(
-      (transaction) => transaction.status === filters.status
-    );
-  }
+  return result;
+};
-  // Apply sorting
-  if (filters.sort_by && filters.sort_order) {
-    const sortOrder = filters.sort_order === "desc" ? -1 : 1;
-    transactionHistory.sort((a, b) => {
-      let aValue, bValue;
-      switch (filters.sort_by) {
-        case "amount":
-          aValue = a.amount || 0;
-          bValue = b.amount || 0;
-          break;
-        case "created_at":
-          aValue = new Date(a.created_at || a.timestamp || 0).getTime();
-          bValue = new Date(b.created_at || b.timestamp || 0).getTime();
-          break;
-        case "status":
-          aValue = (a.status || "").toLowerCase();
-          bValue = (b.status || "").toLowerCase();
-          break;
-        case "reference":
-          aValue = (a.reference || "").toLowerCase();
-          bValue = (b.reference || "").toLowerCase();
-          break;
-        case "method":
-          const aClearingType = a.raw_request?.clearingtype || "";
-          const bClearingType = b.raw_request?.clearingtype || "";
-          const aWalletType = a.raw_request?.wallettype || "";
-          const bWalletType = b.raw_request?.wallettype || "";
-          aValue = `${aClearingType}_${aWalletType}`.toLowerCase();
-          bValue = `${bClearingType}_${bWalletType}`.toLowerCase();
-          break;
-        default:
-          return 0;
-      }
+const getTransactionHistory = async (strapi, { filters = {}, pagination = {} }) => {
+  const pluginStore = getPluginStore(strapi);
-      if (aValue < bValue) return -1 * sortOrder;
-      if (aValue > bValue) return 1 * sortOrder;
-      return 0;
-    });
-  }
+  let transactions =
+    (await pluginStore.get({ key: "transactionHistory" })) || [];
+  transactions = applyFilters(transactions, filters);
+  const page = Number(pagination.page) || 1;
+  const pageSize = Number(pagination.pageSize) || 10;
+  const total = transactions.length;
+  const pageCount = Math.max(1, Math.ceil(total / pageSize));
+  const validPage = Math.min(Math.max(1, page), pageCount);
-  return transactionHistory;
+  const start = (validPage - 1) * pageSize;
+  const end = Math.min(start + pageSize, total);
+  const paginatedData = start < total ? transactions.slice(start, end) : [];
+  return {
+    data: paginatedData,
+    pagination: {
+      page: validPage,
+      pageSize,
+      pageCount,
+      total,
+    },
+  };
 };
 module.exports = {

package/server/services/transactionStatusService.js ADDED Viewed

@@ -0,0 +1,87 @@
+"use strict";
+const crypto = require("crypto");
+const { getPluginStore, getSettings } = require("./settingsService");
+const verifyHash = (notificationData, portalKey) => {
+  const {
+    portalid = "",
+    aid = "",
+    txid = "",
+    sequencenumber = "",
+    price = "",
+    currency = "",
+    mode = "",
+  } = notificationData;
+  const hashString = `${portalid}${aid}${txid}${sequencenumber}${price}${currency}${mode}${portalKey}`;
+  const expectedHash = crypto.createHash("md5").update(hashString).digest("hex");
+  return expectedHash.toLowerCase() === (notificationData.key || "").toLowerCase();
+};
+const processTransactionStatus = async (strapi, notificationData) => {
+  try {
+    const settings = await getSettings(strapi);
+    const txid = notificationData.txid;
+    if (!settings || !settings.key) {
+      console.log("[Payone TransactionStatus] Settings not found or key missing");
+      return;
+    }
+    const isValid = verifyHash(notificationData, settings.key);
+    if (!isValid) {
+      console.log(`[Payone TransactionStatus] Hash verification failed txid: ${txid}`);
+      return;
+    }
+    if (notificationData.portalid !== settings.portalid || notificationData.aid !== settings.aid) {
+      console.log(`[Payone TransactionStatus] Portal ID or AID mismatch txid: ${txid}`);
+      return;
+    }
+    const pluginStore = getPluginStore(strapi);
+    let transactionHistory = (await pluginStore.get({ key: "transactionHistory" })) || [];
+    const transaction = transactionHistory.find((t) => t.txid === txid || t.id === txid);
+    if (transaction) {
+      Object.assign(transaction, {
+        ...notificationData,
+        status: notificationData?.transaction_status,
+        txaction: notificationData?.txaction,
+        txtime: notificationData?.txtime,
+        sequencenumber: notificationData?.sequencenumber,
+        balance: notificationData?.balance,
+        receivable: notificationData?.receivable,
+        price: notificationData?.price,
+        amount: notificationData?.price ? parseFloat(notificationData?.price) * 100 : transaction?.amount,
+        userid: notificationData?.userid,
+        updated_at: new Date().toISOString(),
+        body: {
+          ...transaction?.body,
+          ...notificationData,
+          status: notificationData?.transaction_status
+        }
+      });
+      await pluginStore.set({
+        key: "transactionHistory",
+        value: transactionHistory,
+      });
+      console.log(`[Payone TransactionStatus] Successfully updated transaction txid: ${txid}`);
+    } else {
+      console.log(`[Payone TransactionStatus] Transaction ${txid} not found in history. Notification ignored.`);
+    }
+  } catch (error) {
+    console.log(`[Payone TransactionStatus] Error processing notification: ${error}`);
+  }
+};
+module.exports = {
+  verifyHash,
+  processTransactionStatus,
+};

package/server/utils/normalize.js CHANGED Viewed

@@ -1,11 +1,5 @@
 "use strict";
-/**
- * Normalize reference string for Payone API
- * @param {string} input - Input reference
- * @param {string} fallbackPrefix - Fallback prefix if input is empty
- * @returns {string} Normalized reference (max 20 chars)
- */
 const normalizeReference = (input, fallbackPrefix = "REF") => {
   try {
     const raw = input == null ? "" : String(input);
@@ -22,12 +16,6 @@ const normalizeReference = (input, fallbackPrefix = "REF") => {
   }
 };
-/**
- * Normalize customer ID for Payone API (max 17 characters)
- * @param {string|null} customerid - Customer ID
- * @param {Object|null} logger - Logger instance
- * @returns {string} Normalized customer ID
- */
 const normalizeCustomerId = (customerid, logger = null) => {
   if (!customerid) {
     const timestamp = Date.now().toString().slice(-10);

package/server/utils/paymentMethodParams.js CHANGED Viewed

@@ -56,7 +56,6 @@ const addPaymentMethodParams = (params, logger) => {
     'clearingtype', 'paymentMethod', 'settings', 'enable3DSecure', 'ecommercemode'
   ]);
-  // Extract custom params that are not in known params
   Object.keys(updated).forEach(key => {
     if (!knownParams.has(key) && !key.startsWith('add_paydata[')) {
       customParams[key] = updated[key];

package/server/utils/requestBuilder.js CHANGED Viewed

@@ -2,6 +2,38 @@
 const crypto = require("crypto");
 const { normalizeCustomerId } = require("./normalize");
+const calculateKeyHash = (settings, params) => {
+  const portalKey = settings.portalKey || settings.key;
+  const portalid = String(settings.portalid || "");
+  const aid = String(settings.aid || "");
+  const mode = String(settings.mode || "test");
+  const requestType = params.request || "";
+  // For Capture and Refund operations
+  if (requestType === "capture" || requestType === "refund") {
+    const txid = String(params.txid || "");
+    const sequencenumber = String(params.sequencenumber || "");
+    const amount = String(params.amount || "");
+    const currency = String(params.currency || "EUR");
+    const hashString = `${portalid}${aid}${txid}${sequencenumber}${amount}${currency}${mode}${portalKey}`;
+    return crypto.createHash("md5").update(hashString).digest("hex");
+  }
+  // For Preauthorization and Authorization operations
+  if (requestType === "preauthorization" || requestType === "authorization") {
+    const amount = String(params.amount || "");
+    const currency = String(params.currency || "EUR");
+    const reference = String(params.reference || "");
+    const hashString = `${portalid}${aid}${amount}${currency}${reference}${mode}${portalKey}`;
+    return crypto.createHash("md5").update(hashString).digest("hex");
+  }
+  const hashString = `${portalid}${aid}${mode}${portalKey}`;
+  return crypto.createHash("md5").update(hashString).digest("hex");
+};
 const buildClientRequestParams = (settings, params, logger = null) => {
   const requestParams = {
@@ -14,16 +46,13 @@ const buildClientRequestParams = (settings, params, logger = null) => {
     ...params
   };
-  requestParams.key = crypto
-    .createHash("md5")
-    .update(settings.portalKey || settings.key)
-    .digest("hex");
   requestParams.customerid = normalizeCustomerId(
     requestParams.customerid,
     logger
   );
+  requestParams.key = calculateKeyHash(settings, requestParams);
   const isCreditCard = requestParams.clearingtype === "cc";
   const enable3DSecure = settings.enable3DSecure !== false;

package/server/utils/responseParser.js CHANGED Viewed

@@ -20,17 +20,12 @@ const parseResponse = (responseText, logger) => {
     }
   }
-  // Parse URL-encoded response
   const params = new URLSearchParams(responseText);
   const response = {};
   for (const [key, value] of params) {
-    // Store both lowercase and original case
     response[key.toLowerCase()] = value;
     response[key] = value;
-    // Also handle add_paydata fields with brackets
-    // Payone returns: add_paydata[applepay_payment_session]=BASE64_STRING
-    // URLSearchParams handles brackets, but we need to ensure we can access it
     if (key.includes('add_paydata') || key.includes('addPaydata')) {
       // Store with original key format
       response[key] = value;
@@ -67,11 +62,11 @@ const extractTxId = (data) => {
 const requires3DSRedirect = (data) => {
   const status = (data.status || data.Status || "").toUpperCase();
   const errorCode = data.errorcode || data.ErrorCode || data.Error?.ErrorCode;
   // Check for redirect URL in various possible fields
-  const redirecturl =
-    data.redirecturl ||
-    data.RedirectUrl ||
+  const redirecturl =
+    data.redirecturl ||
+    data.RedirectUrl ||
     data.redirect_url ||
     data.redirectUrl ||
     data.RedirectURL ||
@@ -96,7 +91,7 @@ const requires3DSRedirect = (data) => {
 const isErrorResponse = (data) => {
   const status = (data.status || data.Status || "").toUpperCase();
   const errorCode = data.errorcode || data.ErrorCode || data.Error?.ErrorCode;
   return status === "ERROR" || status === "INVALID" || !!errorCode;
 };
@@ -107,9 +102,9 @@ const isErrorResponse = (data) => {
  */
 const get3DSRedirectUrl = (data) => {
   // Check all possible redirect URL fields
-  const redirecturl =
-    data.redirecturl ||
-    data.RedirectUrl ||
+  const redirecturl =
+    data.redirecturl ||
+    data.RedirectUrl ||
     data.redirect_url ||
     data.redirectUrl ||
     data.RedirectURL ||