Merge branch 'develop' into generic-component

# Conflicts: # Block/Redirect/Redirect.php # Controller/Process/Redirect.php # Gateway/Validator/CheckoutResponseValidator.php # view/frontend/layout/adyen_process_redirect.xml # view/frontend/templates/redirect/redirect.phtml

Merge branch 'develop' into generic-component
# Conflicts: # Block/Redirect/Redirect.php # Controller/Process/Redirect.php # Gateway/Validator/CheckoutResponseValidator.php # view/frontend/layout/adyen_process_redirect.xml # view/frontend/templates/redirect/redirect.phtml
8cf53d82 · attilak · dbd8a60a · 5d956354 · 8cf53d82 · 8cf53d82
Commit 8cf53d82 authored Oct 26, 2020 by attilak
10 changed files
--- a/Block/Transparent/Redirect.php
+++ b/Block/Transparent/Redirect.php
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+namespace Adyen\Payment\Block\Transparent;
+use Adyen\Service\Validator\DataArrayValidator;
+use Magento\Framework\View\Element\Template;
+class Redirect extends Template
+{
+    /**
+     * @var \Magento\Framework\UrlInterface
+     */
+    private $url;
+    /**
+     * @var \Adyen\Payment\Logger\AdyenLogger
+     */
+    protected $adyenLogger;
+    /**
+     * Redirect constructor.
+     * @param Template\Context $context
+     * @param \Magento\Framework\UrlInterface $url
+     * @param array $data
+     */
+    public function __construct(
+        Template\Context $context,
+        \Magento\Framework\UrlInterface $url,
+        \Adyen\Payment\Logger\AdyenLogger $adyenLogger,
+        array $data = []
+    ) {
+        $this->url = $url;
+        $this->adyenLogger = $adyenLogger;
+        parent::__construct($context, $data);
+    }
+    /**
+     * Returns url for redirect.
+     * @return string|null
+     */
+    public function getRedirectUrl()
+    {
+        return $this->url->getUrl("adyen/process/redirect"); //TODO this will be replaced by getOrigin() for PWA integrations
+    }
+    /**
+     * Returns params to be redirected.
+     * @return array
+     */
+    public function getPostParams()
+    {
+        $postParams = (array)$this->_request->getPostValue();
+        $allowedPostParams = array('MD', 'PaRes');
+        $postParams = DataArrayValidator::getArrayOnlyWithApprovedKeys($postParams, $allowedPostParams);
+        $this->adyenLogger->addAdyenDebug(
+            'Adyen 3DS1 PostParams forwarded to process redirect endpoint'
+        );
+        return $postParams;
+    }
+}
--- a/Controller/Process/Redirect.php
+++ b/Controller/Process/Redirect.php
@@ -154,16 +154,10 @@ class Redirect extends \Magento\Framework\App\Action\Action
        if ($active && $success != true) {
            $this->_adyenLogger->addAdyenResult("3D secure is active");
-            // check if the GET request contains the required 3DS params
+            // check if  it is already processed
-            if ($this->getRequest()->getParam('PaRes') && $this->getRequest()->getParam('MD')) {
+            if ($this->getRequest()->isPost()) {
                $this->_adyenLogger->addAdyenResult("Process 3D secure payment");
-                $requestMD = $this->getRequest()->getParam('MD');
+                $requestPaRes = $this->getRequest()->getPost('PaRes');
-                $requestPaRes = $this->getRequest()->getParam('PaRes');
-                //Reset the payment's additional info to the new MD and PaRes
-                $order->getPayment()->setAdditionalInformation('md', $requestMD);
-                $order->getPayment()->setAdditionalInformation('paRequest', $requestPaRes);
                $order->getPayment()->setAdditionalInformation('paResponse', $requestPaRes);
                try {
@@ -218,7 +212,6 @@ class Redirect extends \Magento\Framework\App\Action\Action
                            $this->_adyenLogger->error((string)$e->getMessage());
                        }
                    }
                    $this->_orderRepository->save($order);
                    $this->_redirect('checkout/onepage/success', ['_query' => ['utm_nooverride' => '1']]);
@@ -231,7 +224,7 @@ class Redirect extends \Magento\Framework\App\Action\Action
                    */
                    $order->addStatusHistoryComment(
                        __(
-                            '3D-secure validation was unsuccessful. This order will be cancelled when the related 
+                            '3D-secure validation was unsuccessful. This order will be cancelled when the related
                                notification has been processed.'
                        )
                    )->save();
@@ -246,6 +239,22 @@ class Redirect extends \Magento\Framework\App\Action\Action
                    $this->_redirect($this->_adyenHelper->getAdyenAbstractConfigData('return_path'));
                }
+            } else {
+                $this->_adyenLogger->addAdyenResult("Customer was redirected to bank for 3D-secure validation.");
+                $order->addStatusHistoryComment(
+                    __(
+                        'Customer was redirected to bank for 3D-secure validation. Once the shopper authenticated,
+                        the order status will be updated accordingly.
+                        <br />Make sure that your notifications are being processed!
+                        <br />If the order is stuck on this status, the shopper abandoned the session.
+                        The payment can be seen as unsuccessful.
+                        <br />The order can be automatically cancelled based on the OFFER_CLOSED notification.
+                        Please contact Adyen Support to enable this.'
+                    )
+                )->save();
+                $this->_view->loadLayout();
+                $this->_view->getLayout()->initMessages();
+                $this->_view->renderLayout();
            }
        } else {
            $this->_redirect('checkout/onepage/success', ['_query' => ['utm_nooverride' => '1']]);

--- a/Controller/Transparent/Redirect.php
+++ b/Controller/Transparent/Redirect.php
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+namespace Adyen\Payment\Controller\Transparent;
+use Magento\Framework\App\Action\Action;
+use Magento\Framework\App\Action\HttpPostActionInterface;
+use Magento\Framework\App\CsrfAwareActionInterface;
+use Magento\Framework\App\Request\InvalidRequestException;
+use Magento\Framework\App\RequestInterface;
+use Magento\Framework\View\Result\LayoutFactory;
+use Magento\Framework\App\Action\Context;
+class Redirect extends Action implements CsrfAwareActionInterface, HttpPostActionInterface
+{
+    /**
+     * @var \Adyen\Payment\Logger\AdyenLogger
+     */
+    protected $adyenLogger;
+    /**
+     * @var LayoutFactory
+     */
+    private $resultLayoutFactory;
+    /**
+     * Redirect constructor.
+     * @param \Adyen\Payment\Logger\AdyenLogger $_adyenLogger
+     * @param LayoutFactory $resultLayoutFactory
+     */
+    public function __construct(
+        Context $context,
+        \Adyen\Payment\Logger\AdyenLogger $adyenLogger,
+        LayoutFactory $resultLayoutFactory)
+    {
+        $this->adyenLogger = $adyenLogger;
+        $this->resultLayoutFactory = $resultLayoutFactory;
+        parent::__construct($context);
+    }
+    /**
+     * @inheritdoc
+     */
+    public function validateForCsrf(RequestInterface $request): ?bool
+    {
+        return true;
+    }
+    /**
+     * @inheritdoc
+     */
+    public function createCsrfValidationException(RequestInterface $request): ?InvalidRequestException
+    {
+        return null;
+    }
+    /**
+     * @throws \Magento\Framework\Exception\LocalizedException
+     */
+    public function execute()
+    {
+        $gatewayResponse = $this->getRequest()->getPostValue();
+        $this->adyenLogger->addAdyenDebug(
+            'Adyen 3DS1 redirect response'
+        );
+        $resultLayout = $this->resultLayoutFactory->create();
+        $resultLayout->getLayout()->getUpdate()->load(['adyen_transparent_redirect']);
+        return $resultLayout;
+    }
+}
--- a/Gateway/Validator/CheckoutResponseValidator.php
+++ b/Gateway/Validator/CheckoutResponseValidator.php
@@ -155,10 +155,52 @@ class CheckoutResponseValidator extends AbstractValidator
                    // todo check if needed
                    if (
                        isset($response['redirect']['data']['PaReq']) &&
-                        isset($response['redirect']['data']['MD']) &&
+                        isset($response['redirect']['data']['MD'])
-                        isset($response['redirect']['data']['TermUrl'])
                    ) {
+                        $paReq = null;
+                        $md = null;
                        $payment->setAdditionalInformation('3dActive', true);
+                        if (!empty($response['redirect']['data']['PaReq'])) {
+                            $paReq = $response['redirect']['data']['PaReq'];
+                        }
+                        if (!empty($response['redirect']['data']['MD'])) {
+                            $md = $response['redirect']['data']['MD'];
+                        }
+                        if ($paReq && $md && $redirectUrl && $paymentData && $redirectMethod) {
+                            $payment->setAdditionalInformation('redirectUrl', $redirectUrl);
+                            $payment->setAdditionalInformation('redirectMethod', $redirectMethod);
+                            $payment->setAdditionalInformation('paRequest', $paReq);
+                            $payment->setAdditionalInformation('md', $md);
+                            $payment->setAdditionalInformation('paymentData', $paymentData);
+                        } else {
+                            $isValid = false;
+                            $errorMsg = __('3D secure is not valid.');
+                            $this->adyenLogger->error($errorMsg);
+                            $errorMessages[] = $errorMsg;
+                        }
+                        // otherwise it is an alternative payment method which only requires the
+                        // redirect url to be present
+                    } else {
+                        // Flag to show we are in the checkoutAPM flow
+                        $payment->setAdditionalInformation('checkoutAPM', true);
+                        if (!empty($response['details'])) {
+                            $payment->setAdditionalInformation('details', $response['details']);
+                        }
+                        if ($redirectUrl && $paymentData && $redirectMethod) {
+                            $payment->setAdditionalInformation('redirectUrl', $redirectUrl);
+                            $payment->setAdditionalInformation('redirectMethod', $redirectMethod);
+                            $payment->setAdditionalInformation('paymentData', $paymentData);
+                        } else {
+                            $isValid = false;
+                            $errorMsg = __('Payment method is not valid.');
+                            $this->adyenLogger->error($errorMsg);
+                            $errorMessages[] = $errorMsg;
+                        }
                    }
                    break;
                case "Refused":

--- a/Helper/Requests.php
+++ b/Helper/Requests.php
@@ -360,6 +360,7 @@ class Requests extends AbstractHelper
    /**
     * @param array $request
     * @return array
+     * @deprecated
     */
    public function buildRedirectData($storeId, $request = [])
    {

--- a/Plugin/TransparentSessionChecker.php
+++ b/Plugin/TransparentSessionChecker.php
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+namespace Adyen\Payment\Plugin;
+use Magento\Framework\App\Request\Http;
+use Magento\Framework\Session\SessionStartChecker;
+class TransparentSessionChecker
+{
+    const TRANSPARENT_REDIRECT_PATH = 'adyen/transparent/redirect';
+    /**
+     * @var Http
+     */
+    private $request;
+    /**
+     * @param Http $request
+     */
+    public function __construct(
+        Http $request
+    ) {
+        $this->request = $request;
+    }
+    /**
+     * Prevents session starting while instantiating Adyen transparent redirect controller.
+     *
+     * @param SessionStartChecker $subject
+     * @param bool $result
+     * @return bool
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     */
+    public function afterCheck(SessionStartChecker $subject, bool $result): bool
+    {
+        if ($result === false) {
+            return false;
+        }
+        return strpos((string)$this->request->getPathInfo(), self::TRANSPARENT_REDIRECT_PATH) === false;
+    }
+}
--- a/composer.json
+++ b/composer.json
@@ -2,7 +2,7 @@
  "name": "adyen/module-payment",
  "description": "Official Magento2 Plugin to connect to Payment Service Provider Adyen.",
  "type": "magento2-module",
-  "version": "6.6.1",
+  "version": "6.6.2",
  "license": [
    "OSL-3.0",
    "AFL-3.0"

--- a/etc/di.xml
+++ b/etc/di.xml
@@ -560,7 +560,6 @@
                <item name="transaction" xsi:type="string">Adyen\Payment\Gateway\Request\CcAuthorizationDataBuilder</item>
                <item name="vault" xsi:type="string">Adyen\Payment\Gateway\Request\VaultDataBuilder</item>
                <item name="threeds2" xsi:type="string">Adyen\Payment\Gateway\Request\ThreeDS2DataBuilder</item>
-                <item name="redirect" xsi:type="string">Adyen\Payment\Gateway\Request\RedirectDataBuilder</item>
            </argument>
        </arguments>
    </virtualType>
@@ -1028,7 +1027,9 @@
        <plugin name="GuestAdyenPaymentInformationResetOrderId" type="Adyen\Payment\Plugin\GuestPaymentInformationResetOrderId"
                sortOrder="10"/>
    </type>
+    <type name="Magento\Framework\Session\SessionStartChecker">
+        <plugin name="AdyenTransparentSessionChecker" type="Adyen\Payment\Plugin\TransparentSessionChecker" sortOrder="10"/>
+    </type>
    <!--Notifications overview-->
    <type name="Magento\Framework\View\Element\UiComponent\DataProvider\CollectionFactory">
        <arguments>

--- a/view/frontend/layout/adyen_transparent_redirect.xml
+++ b/view/frontend/layout/adyen_transparent_redirect.xml
+<?xml version="1.0"?>
+<!--
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+-->
+<layout xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/layout_generic.xsd">
+    <container name="root" label="Root">
+        <block class="Adyen\Payment\Block\Transparent\Redirect" name="adyen_transparent_redirect"
+               template="transparent/redirect.phtml" cacheable="false">
+        </block>
+    </container>
+</layout>
--- a/view/frontend/templates/transparent/redirect.phtml
+++ b/view/frontend/templates/transparent/redirect.phtml
+<?php
+/**
+ *                       ######
+ *                       ######
+ * ############    ####( ######  #####. ######  ############   ############
+ * #############  #####( ######  #####. ######  #############  #############
+ *        ######  #####( ######  #####. ######  #####  ######  #####  ######
+ * ###### ######  #####( ######  #####. ######  #####  #####   #####  ######
+ * ###### ######  #####( ######  #####. ######  #####          #####  ######
+ * #############  #############  #############  #############  #####  ######
+ *  ############   ############  #############   ############  #####  ######
+ *                                      ######
+ *                               #############
+ *                               ############
+ *
+ * Adyen Payment module (https://www.adyen.com/)
+ *
+ * Copyright (c) 2020 Adyen BV (https://www.adyen.com/)
+ * See LICENSE.txt for license details.
+ *
+ * Author: Adyen <magento@adyen.com>
+ */
+/** @var Adyen\Payment\Block\Transparent\Redirect $block */
+$params = $block->getPostParams();
+$redirectUrl = $block->getRedirectUrl();
+?>
+<!DOCTYPE html>
+<html lang="en" xml:lang="en">
+<head><title></title></head>
+<body onload="document.forms['proxy_form'].submit()">
+<form id="proxy_form" action="<?= $block->escapeUrl($redirectUrl) ?>"
+      method="POST" >
+    <?php foreach ($params as $name => $value):?>
+        <input value="<?= $block->escapeHtmlAttr($value) ?>" name="<?= $block->escapeHtmlAttr($name) ?>" type="hidden"/>
+    <?php endforeach?>
+</body>
+</html>