Merge pull request #859 from Adyen/develop

Release 6.6.2

Merge pull request #859 from Adyen/develop
Release 6.6.2
61eff19e · Alexandros Moraitis · GitHub · 04a2db14 · 5d956354 · 61eff19e
Commit 61eff19e authored Oct 23, 2020 by Alexandros Moraitis Committed by GitHub Oct 23, 2020
13 changed files
--- a/Block/Redirect/Redirect.php
+++ b/Block/Redirect/Redirect.php
@@ -474,11 +474,7 @@ class Redirect extends \Magento\Payment\Block\Form
     */
    public function getTermUrl()
    {
-        if ($termUrl = $this->getPayment()->getAdditionalInformation('termUrl')) {
+        return $this->getUrl('adyen/transparent/redirect', ['_secure' => $this->_getRequest()->isSecure()]);
-            return $termUrl;
-        }
-        throw new AdyenException("No termUrl is provided.");
    }
    /**

--- a/Block/Transparent/Redirect.php
+++ b/Block/Transparent/Redirect.php
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+namespace Adyen\Payment\Block\Transparent;
+use Adyen\Service\Validator\DataArrayValidator;
+use Magento\Framework\View\Element\Template;
+class Redirect extends Template
+{
+    /**
+     * @var \Magento\Framework\UrlInterface
+     */
+    private $url;
+    /**
+     * @var \Adyen\Payment\Logger\AdyenLogger
+     */
+    protected $adyenLogger;
+    /**
+     * Redirect constructor.
+     * @param Template\Context $context
+     * @param \Magento\Framework\UrlInterface $url
+     * @param array $data
+     */
+    public function __construct(
+        Template\Context $context,
+        \Magento\Framework\UrlInterface $url,
+        \Adyen\Payment\Logger\AdyenLogger $adyenLogger,
+        array $data = []
+    ) {
+        $this->url = $url;
+        $this->adyenLogger = $adyenLogger;
+        parent::__construct($context, $data);
+    }
+    /**
+     * Returns url for redirect.
+     * @return string|null
+     */
+    public function getRedirectUrl()
+    {
+        return $this->url->getUrl("adyen/process/redirect"); //TODO this will be replaced by getOrigin() for PWA integrations
+    }
+    /**
+     * Returns params to be redirected.
+     * @return array
+     */
+    public function getPostParams()
+    {
+        $postParams = (array)$this->_request->getPostValue();
+        $allowedPostParams = array('MD', 'PaRes');
+        $postParams = DataArrayValidator::getArrayOnlyWithApprovedKeys($postParams, $allowedPostParams);
+        $this->adyenLogger->addAdyenDebug(
+            'Adyen 3DS1 PostParams forwarded to process redirect endpoint'
+        );
+        return $postParams;
+    }
+}
--- a/Controller/Process/Redirect.php
+++ b/Controller/Process/Redirect.php
@@ -155,16 +155,10 @@ class Redirect extends \Magento\Framework\App\Action\Action
        if ($active && $success != true) {
            $this->_adyenLogger->addAdyenResult("3D secure is active");
-            // check if the GET request contains the required 3DS params
+            // check if  it is already processed
-            if ($this->getRequest()->getParam('PaRes') && $this->getRequest()->getParam('MD')) {
+            if ($this->getRequest()->isPost()) {
                $this->_adyenLogger->addAdyenResult("Process 3D secure payment");
-                $requestMD = $this->getRequest()->getParam('MD');
+                $requestPaRes = $this->getRequest()->getPost('PaRes');
-                $requestPaRes = $this->getRequest()->getParam('PaRes');
-                //Reset the payment's additional info to the new MD and PaRes
-                $order->getPayment()->setAdditionalInformation('md', $requestMD);
-                $order->getPayment()->setAdditionalInformation('paRequest', $requestPaRes);
                $order->getPayment()->setAdditionalInformation('paResponse', $requestPaRes);
                try {
@@ -219,7 +213,6 @@ class Redirect extends \Magento\Framework\App\Action\Action
                            $this->_adyenLogger->error((string)$e->getMessage());
                        }
                    }
                    $this->_orderRepository->save($order);
                    $this->_redirect('checkout/onepage/success', ['_query' => ['utm_nooverride' => '1']]);
@@ -232,7 +225,7 @@ class Redirect extends \Magento\Framework\App\Action\Action
                    */
                    $order->addStatusHistoryComment(
                        __(
-                            '3D-secure validation was unsuccessful. This order will be cancelled when the related 
+                            '3D-secure validation was unsuccessful. This order will be cancelled when the related
                                notification has been processed.'
                        )
                    )->save();
@@ -251,12 +244,12 @@ class Redirect extends \Magento\Framework\App\Action\Action
                $this->_adyenLogger->addAdyenResult("Customer was redirected to bank for 3D-secure validation.");
                $order->addStatusHistoryComment(
                    __(
-                        'Customer was redirected to bank for 3D-secure validation. Once the shopper authenticated, 
+                        'Customer was redirected to bank for 3D-secure validation. Once the shopper authenticated,
-                        the order status will be updated accordingly. 
+                        the order status will be updated accordingly.
-                        <br />Make sure that your notifications are being processed! 
+                        <br />Make sure that your notifications are being processed!
-                        <br />If the order is stuck on this status, the shopper abandoned the session. 
+                        <br />If the order is stuck on this status, the shopper abandoned the session.
-                        The payment can be seen as unsuccessful. 
+                        The payment can be seen as unsuccessful.
-                        <br />The order can be automatically cancelled based on the OFFER_CLOSED notification. 
+                        <br />The order can be automatically cancelled based on the OFFER_CLOSED notification.
                        Please contact Adyen Support to enable this.'
                    )
                )->save();

--- a/Controller/Transparent/Redirect.php
+++ b/Controller/Transparent/Redirect.php
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+namespace Adyen\Payment\Controller\Transparent;
+use Magento\Framework\App\Action\Action;
+use Magento\Framework\App\Action\HttpPostActionInterface;
+use Magento\Framework\App\CsrfAwareActionInterface;
+use Magento\Framework\App\Request\InvalidRequestException;
+use Magento\Framework\App\RequestInterface;
+use Magento\Framework\View\Result\LayoutFactory;
+use Magento\Framework\App\Action\Context;
+class Redirect extends Action implements CsrfAwareActionInterface, HttpPostActionInterface
+{
+    /**
+     * @var \Adyen\Payment\Logger\AdyenLogger
+     */
+    protected $adyenLogger;
+    /**
+     * @var LayoutFactory
+     */
+    private $resultLayoutFactory;
+    /**
+     * Redirect constructor.
+     * @param \Adyen\Payment\Logger\AdyenLogger $_adyenLogger
+     * @param LayoutFactory $resultLayoutFactory
+     */
+    public function __construct(
+        Context $context,
+        \Adyen\Payment\Logger\AdyenLogger $adyenLogger,
+        LayoutFactory $resultLayoutFactory)
+    {
+        $this->adyenLogger = $adyenLogger;
+        $this->resultLayoutFactory = $resultLayoutFactory;
+        parent::__construct($context);
+    }
+    /**
+     * @inheritdoc
+     */
+    public function validateForCsrf(RequestInterface $request): ?bool
+    {
+        return true;
+    }
+    /**
+     * @inheritdoc
+     */
+    public function createCsrfValidationException(RequestInterface $request): ?InvalidRequestException
+    {
+        return null;
+    }
+    /**
+     * @throws \Magento\Framework\Exception\LocalizedException
+     */
+    public function execute()
+    {
+        $gatewayResponse = $this->getRequest()->getPostValue();
+        $this->adyenLogger->addAdyenDebug(
+            'Adyen 3DS1 redirect response'
+        );
+        $resultLayout = $this->resultLayoutFactory->create();
+        $resultLayout->getLayout()->getUpdate()->load(['adyen_transparent_redirect']);
+        return $resultLayout;
+    }
+}
--- a/Gateway/Validator/CheckoutResponseValidator.php
+++ b/Gateway/Validator/CheckoutResponseValidator.php
@@ -66,12 +66,13 @@ class CheckoutResponseValidator extends AbstractValidator
        $payment->setAdditionalInformation('3dActive', false);
        $isValid = true;
        $errorMessages = [];
+        $resultCode = $response['resultCode'];
        // validate result
-        if (!empty($response['resultCode'])) {
+        if (!empty($resultCode)) {
-            $payment->setAdditionalInformation('resultCode', $response['resultCode']);
+            $payment->setAdditionalInformation('resultCode', $resultCode);
-            switch ($response['resultCode']) {
+            switch ($resultCode) {
                case "IdentifyShopper":
-                    $payment->setAdditionalInformation('threeDSType', $response['resultCode']);
+                    $payment->setAdditionalInformation('threeDSType', $resultCode);
                    $payment->setAdditionalInformation(
                        'threeDS2Token',
                        $response['authentication']['threeds2.fingerprintToken']
@@ -79,7 +80,7 @@ class CheckoutResponseValidator extends AbstractValidator
                    $payment->setAdditionalInformation('adyenPaymentData', $response['paymentData']);
                    break;
                case "ChallengeShopper":
-                    $payment->setAdditionalInformation('threeDSType', $response['resultCode']);
+                    $payment->setAdditionalInformation('threeDSType', $resultCode);
                    $payment->setAdditionalInformation(
                        'threeDS2Token',
                        $response['authentication']['threeds2.challengeToken']
@@ -130,7 +131,7 @@ class CheckoutResponseValidator extends AbstractValidator
                    }
                    break;
                case "RedirectShopper":
-                    $payment->setAdditionalInformation('threeDSType', $response['resultCode']);
+                    $payment->setAdditionalInformation('threeDSType', $resultCode);
                    $redirectUrl = null;
                    $paymentData = null;
@@ -150,12 +151,10 @@ class CheckoutResponseValidator extends AbstractValidator
                    // If the redirect data is there then the payment is a card payment with 3d secure
                    if (
                        isset($response['redirect']['data']['PaReq']) &&
-                        isset($response['redirect']['data']['MD']) &&
+                        isset($response['redirect']['data']['MD'])
-                        isset($response['redirect']['data']['TermUrl'])
                    ) {
                        $paReq = null;
                        $md = null;
-                        $termUrl = null;
                        $payment->setAdditionalInformation('3dActive', true);
@@ -167,16 +166,11 @@ class CheckoutResponseValidator extends AbstractValidator
                            $md = $response['redirect']['data']['MD'];
                        }
-                        if (!empty($response['redirect']['data']['TermUrl'])) {
+                        if ($paReq && $md && $redirectUrl && $paymentData && $redirectMethod) {
-                            $termUrl = $response['redirect']['data']['TermUrl'];
-                        }
-                        if ($paReq && $md && $termUrl && $redirectUrl && $paymentData && $redirectMethod) {
                            $payment->setAdditionalInformation('redirectUrl', $redirectUrl);
                            $payment->setAdditionalInformation('redirectMethod', $redirectMethod);
                            $payment->setAdditionalInformation('paRequest', $paReq);
                            $payment->setAdditionalInformation('md', $md);
-                            $payment->setAdditionalInformation('termUrl', $termUrl);
                            $payment->setAdditionalInformation('paymentData', $paymentData);
                        } else {
                            $isValid = false;

--- a/Helper/Requests.php
+++ b/Helper/Requests.php
@@ -360,6 +360,7 @@ class Requests extends AbstractHelper
    /**
     * @param array $request
     * @return array
+     * @deprecated
     */
    public function buildRedirectData($storeId, $request = [])
    {

--- a/Plugin/TransparentSessionChecker.php
+++ b/Plugin/TransparentSessionChecker.php
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+namespace Adyen\Payment\Plugin;
+use Magento\Framework\App\Request\Http;
+use Magento\Framework\Session\SessionStartChecker;
+class TransparentSessionChecker
+{
+    const TRANSPARENT_REDIRECT_PATH = 'adyen/transparent/redirect';
+    /**
+     * @var Http
+     */
+    private $request;
+    /**
+     * @param Http $request
+     */
+    public function __construct(
+        Http $request
+    ) {
+        $this->request = $request;
+    }
+    /**
+     * Prevents session starting while instantiating Adyen transparent redirect controller.
+     *
+     * @param SessionStartChecker $subject
+     * @param bool $result
+     * @return bool
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     */
+    public function afterCheck(SessionStartChecker $subject, bool $result): bool
+    {
+        if ($result === false) {
+            return false;
+        }
+        return strpos((string)$this->request->getPathInfo(), self::TRANSPARENT_REDIRECT_PATH) === false;
+    }
+}
--- a/composer.json
+++ b/composer.json
@@ -2,7 +2,7 @@
  "name": "adyen/module-payment",
  "description": "Official Magento2 Plugin to connect to Payment Service Provider Adyen.",
  "type": "magento2-module",
-  "version": "6.6.1",
+  "version": "6.6.2",
  "license": [
    "OSL-3.0",
    "AFL-3.0"

--- a/etc/di.xml
+++ b/etc/di.xml
@@ -560,7 +560,6 @@
                <item name="transaction" xsi:type="string">Adyen\Payment\Gateway\Request\CcAuthorizationDataBuilder</item>
                <item name="vault" xsi:type="string">Adyen\Payment\Gateway\Request\VaultDataBuilder</item>
                <item name="threeds2" xsi:type="string">Adyen\Payment\Gateway\Request\ThreeDS2DataBuilder</item>
-                <item name="redirect" xsi:type="string">Adyen\Payment\Gateway\Request\RedirectDataBuilder</item>
            </argument>
        </arguments>
    </virtualType>
@@ -1036,7 +1035,9 @@
        <plugin name="GuestAdyenPaymentInformationResetOrderId" type="Adyen\Payment\Plugin\GuestPaymentInformationResetOrderId"
                sortOrder="10"/>
    </type>
+    <type name="Magento\Framework\Session\SessionStartChecker">
+        <plugin name="AdyenTransparentSessionChecker" type="Adyen\Payment\Plugin\TransparentSessionChecker" sortOrder="10"/>
+    </type>
    <!--Notifications overview-->
    <type name="Magento\Framework\View\Element\UiComponent\DataProvider\CollectionFactory">
        <arguments>

--- a/view/frontend/layout/adyen_process_redirect.xml
+++ b/view/frontend/layout/adyen_process_redirect.xml
@@ -24,6 +24,7 @@
 -->
 <layout xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/layout_generic.xsd">
    <container name="root">
-        <block class="Adyen\Payment\Block\Redirect\Redirect" name="adyen-redirect-form" template="redirect/redirect.phtml" cacheable="false"/>
+        <block class="Adyen\Payment\Block\Redirect\Redirect" name="adyen-redirect-form"
+               template="redirect/redirect.phtml" cacheable="false"/>
    </container>
 </layout>
\ No newline at end of file
--- a/view/frontend/layout/adyen_transparent_redirect.xml
+++ b/view/frontend/layout/adyen_transparent_redirect.xml
+<?xml version="1.0"?>
+<!--
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+-->
+<layout xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/layout_generic.xsd">
+    <container name="root" label="Root">
+        <block class="Adyen\Payment\Block\Transparent\Redirect" name="adyen_transparent_redirect"
+               template="transparent/redirect.phtml" cacheable="false">
+        </block>
+    </container>
+</layout>
--- a/view/frontend/templates/redirect/redirect.phtml
+++ b/view/frontend/templates/redirect/redirect.phtml
@@ -20,7 +20,7 @@
 *
 * Author: Adyen <magento@adyen.com>
 */
+/** @var Adyen\Payment\Block\Redirect\Redirect $block */
 ?>
 <?php
@@ -49,4 +49,4 @@ if ($block->getRedirectMethod() == "GET") { ?>
    </form>
    </body>
    <?php
 } ?>
\ No newline at end of file
--- a/view/frontend/templates/transparent/redirect.phtml
+++ b/view/frontend/templates/transparent/redirect.phtml
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+/** @var Adyen\Payment\Block\Transparent\Redirect $block */
+$params = $block->getPostParams();
+$redirectUrl = $block->getRedirectUrl();
+?>
+<!DOCTYPE html>
+<html lang="en" xml:lang="en">
+<head><title></title></head>
+<body onload="document.forms['proxy_form'].submit()">
+<form id="proxy_form" action="<?= $block->escapeUrl($redirectUrl) ?>"
+      method="POST" >
+    <?php foreach ($params as $name => $value):?>
+        <input value="<?= $block->escapeHtmlAttr($value) ?>" name="<?= $block->escapeHtmlAttr($name) ?>" type="hidden"/>
+    <?php endforeach?>
+</body>
+</html>