[PW-3704] Move to Client key from Origin key (#938)

* Add new client key configuration

* Move to client key from origin key

* Adding client key to sensitive configuration values

* Update Helper/Data.php
Co-authored-by: Peter Ojo <peterojo@users.noreply.github.com>

* Fix getClientKey suggestion
Co-authored-by: acampos1916 <angel.campos@adyen.com>
Co-authored-by: Peter Ojo <peterojo@users.noreply.github.com>

Block/Checkout/Success.php

@@ -199,9 +199,9 @@ class Success extends \Magento\Framework\View\Element\Template
         );
     }
 
-    public function getOriginKey()
+    public function getClientKey()
     {
-        return $this->adyenHelper->getOriginKeyForBaseUrl();
+        return $this->adyenHelper->getClientKey();
     }
 
     public function getEnvironment()

Block/Form/Cc.php

@@ -79,9 +79,9 @@ class Cc extends \Magento\Payment\Block\Form\Cc
      * @return string
      * @throws \Adyen\AdyenException
      */
-    public function getCheckoutOriginKeys()
+    public function getClientKey()
     {
-        return $this->adyenHelper->getOriginKeyForBaseUrl();
+        return $this->adyenHelper->getClientKey();
     }
 
     /**

Helper/Data.php

@@ -788,6 +788,22 @@ class Data extends AbstractHelper
         return $apiKey;
     }
 
+    /**
+     * Retrieve the Client key
+     *
+     * @param null|int|string $storeId
+     * @return string
+     */
+    public function getClientKey($storeId = null)
+    {
+        return trim(
+            $this->getAdyenAbstractConfigData(
+                $this->isDemoMode($storeId) ? 'client_key_test' : 'client_key_live',
+                $storeId
+            )
+        );
+    }
+
     /**
      * Retrieve the webserver username
      *
@@ -1584,6 +1600,7 @@ class Data extends AbstractHelper
      *
      * @return string
      * @throws \Adyen\AdyenException
+     * @deprecared please use getClientKey instead
      */
     public function getOriginKeyForBaseUrl()
     {

Model/Ui/AdyenGenericConfigProvider.php

@@ -69,7 +69,7 @@ class AdyenGenericConfigProvider implements ConfigProviderInterface
             $config['payment']['adyen']['showLogo'] = false;
         }
 
-        $config['payment']['adyen']['originKey'] = $this->adyenHelper->getOriginKeyForBaseUrl();
+        $config['payment']['adyen']['clientKey'] = $this->adyenHelper->getClientKey();
         $config['payment']['adyen']['checkoutEnvironment'] = $this->adyenHelper->getCheckoutEnvironment(
             $this->storeManager->getStore()->getId()
         );

etc/adminhtml/system/adyen_required_settings.xml

@@ -63,49 +63,59 @@
             <config_path>payment/adyen_abstract/api_key_live</config_path>
             <comment model="Adyen\Payment\Model\Comment\ApiKeyEnding" />
         </field>
-        <field id="live_endpoint_url_prefix" translate="label" type="text" sortOrder="70" showInDefault="1" showInWebsite="1" showInStore="0">
+        <field id="client_key_test" translate="label" type="text" sortOrder="70" showInDefault="1" showInWebsite="1" showInStore="0">
+            <label>Client key for Test</label>
+            <tooltip>If you don't know your Client Key, log in to your Test Customer Area. Navigate to Settings > Users > System, and click on your webservice user, normally this will be ws@Company.YourCompanyAccount. Under Client Key is your Client Key.</tooltip>
+            <config_path>payment/adyen_abstract/client_key_test</config_path>
+        </field>
+        <field id="client_key_live" translate="label" type="text" sortOrder="80" showInDefault="1" showInWebsite="1" showInStore="0">
+            <label>Client key for Live</label>
+            <tooltip>If you don't know your Client Key, log in to your Live Customer Area. Navigate to Settings > Users > System, and click on your webservice user, normally this will be ws@Company.YourCompanyAccount. Under Client Key is your Client Key.</tooltip>
+            <config_path>payment/adyen_abstract/client_key_live</config_path>
+        </field>
+        <field id="live_endpoint_url_prefix" translate="label" type="text" sortOrder="90" showInDefault="1" showInWebsite="1" showInStore="0">
             <label>Live endpoint prefix</label>
             <tooltip><![CDATA[e.g. if your live endpoint is: <br/> <i>https://1234a567bcd89ef0-MagentoCompany-checkout-live.adyenpayments.com</i> <br/> please type:  <strong>1234a567bcd89ef0-MagentoCompany</strong> in this field.]]></tooltip>
             <comment><![CDATA[Provide the unique live url prefix: <strong>[random]-[company name]</strong> from the "API URLs and Response" menu in the Adyen Customer Area. For more information, please check <a href="https://docs.adyen.com/developers/development-resources/live-endpoints#checkoutendpoints">  our documentation</a>.]]></comment>
             <config_path>payment/adyen_abstract/live_endpoint_url_prefix</config_path>
         </field>
-        <field id="charged_currency" translate="label" type="hidden" sortOrder="80" showInDefault="1" showInWebsite="1" showInStore="1">
+        <field id="charged_currency" translate="label" type="hidden" sortOrder="100" showInDefault="1" showInWebsite="1" showInStore="1">
             <label>Charged currency</label>
             <comment><![CDATA[Currency used for Adyen payment processing. This setting is hidden to ensure processing of payments in the expected currency (Display by default), see <a target="_blank" href="https://docs.adyen.com/developers/plugins/magento-2/set-up-the-plugin-in-magento#selecting-charged-currency">Adyen docs</a> for more information.]]></comment>
             <source_model>Adyen\Payment\Model\Config\Source\ChargedCurrency</source_model>
             <config_path>payment/adyen_abstract/charged_currency</config_path>
         </field>
-        <field id="capture_mode" translate="label" type="select" sortOrder="90" showInDefault="1" showInWebsite="1" showInStore="1">
+        <field id="capture_mode" translate="label" type="select" sortOrder="110" showInDefault="1" showInWebsite="1" showInStore="1">
             <label>Capture Delay</label>
             <tooltip>Immediate is the default. Set to manual if you want to perform the capture of funds manually later (only affects credit cards and a few alternative payment methods). You need to change this setting as well in Adyen Customer Area => Settings => Merchant Settings => Capture Delay. If you have selected a capture delay of a couple of days in Adyen keep it here on immediate</tooltip>
             <source_model>Adyen\Payment\Model\Config\Source\CaptureMode</source_model>
             <config_path>payment/adyen_abstract/capture_mode</config_path>
         </field>
-        <field id="order_status" translate="label" type="select" sortOrder="100" showInDefault="1" showInWebsite="1" showInStore="0">
+        <field id="order_status" translate="label" type="select" sortOrder="120" showInDefault="1" showInWebsite="1" showInStore="0">
             <label>Order status: order creation</label>
             <tooltip>Status given to newly created orders before payment result confirmation via server notifications from Adyen.</tooltip>
             <source_model>Magento\Sales\Model\Config\Source\Order\Status\NewStatus</source_model>
             <config_path>payment/adyen_abstract/order_status</config_path>
         </field>
-        <field id="payment_pre_authorized" translate="label" type="select" sortOrder="110" showInDefault="1" showInWebsite="1" showInStore="0">
+        <field id="payment_pre_authorized" translate="label" type="select" sortOrder="130" showInDefault="1" showInWebsite="1" showInStore="0">
             <label>Order status: payment authorisation</label>
             <tooltip>Status given to orders after authorisation confirmed by an AUTHORISATION notification from Adyen. Note: an authorisation status via the result URL does not yet trigger this status.</tooltip>
             <source_model>Magento\Sales\Model\Config\Source\Order\Status\Newprocessing</source_model>
             <config_path>payment/adyen_abstract/payment_pre_authorized</config_path>
         </field>
-        <field id="payment_authorized" translate="label" type="select" sortOrder="120" showInDefault="1" showInWebsite="1" showInStore="0">
+        <field id="payment_authorized" translate="label" type="select" sortOrder="140" showInDefault="1" showInWebsite="1" showInStore="0">
             <label>Order status: payment confirmed</label>
             <tooltip>Status given to orders after capture result is confirmed by an AUTHORISATION notification (if capture mode = immediate) or a CAPTURE notification (if capture mode = manual capture) from Adyen.</tooltip>
             <source_model>Magento\Sales\Model\Config\Source\Order\Status\Processing</source_model>
             <config_path>payment/adyen_abstract/payment_authorized</config_path>
         </field>
-        <field id="payment_cancelled" translate="label" type="select" sortOrder="130" showInDefault="1" showInWebsite="1" showInStore="0">
+        <field id="payment_cancelled" translate="label" type="select" sortOrder="150" showInDefault="1" showInWebsite="1" showInStore="0">
             <label>Order status: order cancellation</label>
             <tooltip>Status given to orders after order cancellation is confirmed by a CANCEL_OR_REFUND notification from Adyen. If orders are already invoiced, they cannot be cancelled, but will be refunded instead.</tooltip>
             <source_model>Adyen\Payment\Model\Config\Source\Cancelled</source_model>
             <config_path>payment/adyen_abstract/payment_cancelled</config_path>
         </field>
-        <field id="debug" translate="label" type="select" sortOrder="140" showInDefault="1" showInWebsite="1" showInStore="0">
+        <field id="debug" translate="label" type="select" sortOrder="160" showInDefault="1" showInWebsite="1" showInStore="0">
             <label>Enable debug logging</label>
             <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
             <config_path>payment/adyen_abstract/debug</config_path>

etc/di.xml

@@ -1058,6 +1058,8 @@
                 <item name="payment/adyen_abstract/merchant_account" xsi:type="string">1</item>
                 <item name="payment/adyen_abstract/api_key_test" xsi:type="string">1</item>
                 <item name="payment/adyen_abstract/api_key_live" xsi:type="string">1</item>
+                <item name="payment/adyen_abstract/client_key_test" xsi:type="string">1</item>
+                <item name="payment/adyen_abstract/client_key_live" xsi:type="string">1</item>
                 <item name="payment/adyen_abstract/notification_username" xsi:type="string">1</item>
                 <item name="payment/adyen_abstract/notification_password" xsi:type="string">1</item>
                 <item name="payment/adyen_abstract/live_endpoint_url_prefix" xsi:type="string">1</item>

view/frontend/templates/checkout/success.phtml

@@ -35,7 +35,7 @@
             var checkoutComponent = new AdyenCheckout({
                 locale: '<?= $block->escapeHtml($block->getLocale()); ?>',
                 environment: '<?= $block->escapeHtml($block->getEnvironment()); ?>',
-                originKey: '<?= $block->escapeHtml($block->getOriginKey()); ?>'
+                clientKey: '<?= $block->escapeHtml($block->getClientKey()); ?>'
             });
             try {
                 checkoutComponent.createFromAction(action).mount('#ActionContainer');

view/frontend/web/js/model/adyen-configuration.js

@@ -25,8 +25,8 @@ define(
     function () {
       'use strict';
       return {
-        getOriginKey: function () {
-          return window.checkoutConfig.payment.adyen.originKey;
+        getClientKey: function () {
+          return window.checkoutConfig.payment.adyen.clientKey;
         },
         showLogo: function () {
           return window.checkoutConfig.payment.adyen.showLogo;

view/frontend/web/js/view/payment/method-renderer/adyen-cc-method.js

@@ -78,7 +78,7 @@ define(
                 this.checkoutComponent = new AdyenCheckout({
                         hasHolderName: true,
                         locale: adyenConfiguration.getLocale(),
-                        originKey: adyenConfiguration.getOriginKey(),
+                        clientKey: adyenConfiguration.getClientKey(),
                         environment: adyenConfiguration.getCheckoutEnvironment(),
                         paymentMethodsResponse: adyenPaymentService.getPaymentMethods().paymentMethodsResponse,
                         onAdditionalDetails: this.handleOnAdditionalDetails.bind(this)
@@ -115,7 +115,7 @@ define(
             renderSecureFields: function() {
                 var self = this;
 
-                if (!self.getOriginKey()) {
+                if (!self.getClientKey) {
                     return;
                 }
 
@@ -401,8 +401,8 @@ define(
                 return allowedCurrenciesByCountry[countryId] &&
                     currencyCode === allowedCurrenciesByCountry[countryId];
             },
-            getOriginKey: function() {
-                return adyenConfiguration.getOriginKey();
+            getClientKey: function() {
+                return adyenConfiguration.getClientKey();
             },
             /**
              * @returns {Bool}

view/frontend/web/js/view/payment/method-renderer/adyen-google-pay-method.js

@@ -99,7 +99,7 @@ define(
           var self = this;
           self.checkoutComponent = new AdyenCheckout({
             locale: self.getLocale(),
-            originKey: self.getOriginKey(),
+            clientKey: self.getClientKey(),
             environment: self.getCheckoutEnvironment(),
             risk: {
               enabled: false,
@@ -255,8 +255,8 @@ define(
             getVaultCode: function () {
                 return "adyen_google_pay_vault";
             },
-            getOriginKey: function () {
-                return window.checkoutConfig.payment.adyen.originKey;
+            getClientKey: function () {
+                return window.checkoutConfig.payment.adyen.clientKey;
             },
             getCheckoutEnvironment: function () {
                 return window.checkoutConfig.payment.adyenGooglePay.checkoutEnvironment;

view/frontend/web/js/view/payment/method-renderer/adyen-hpp-method.js

@@ -104,7 +104,7 @@ define(
                     this.checkoutComponent = new AdyenCheckout({
                             hasHolderName: true,
                             locale: adyenConfiguration.getLocale(),
-                            originKey: adyenConfiguration.getOriginKey(),
+                            clientKey: adyenConfiguration.getClientKey(),
                             environment: adyenConfiguration.getCheckoutEnvironment(),
                             paymentMethodsResponse: paymentMethodsResponse.paymentMethodsResponse,
                             onAdditionalDetails: this.handleOnAdditionalDetails.bind(

view/frontend/web/js/view/payment/method-renderer/adyen-oneclick-method.js

@@ -122,7 +122,7 @@ define(
 
                     this.checkoutComponent = new AdyenCheckout({
                             locale: adyenConfiguration.getLocale(),
-                            originKey: adyenConfiguration.getOriginKey(),
+                            clientKey: adyenConfiguration.getClientKey(),
                             environment: adyenConfiguration.getCheckoutEnvironment(),
                             paymentMethodsResponse: paymentMethodsResponse.paymentMethodsResponse,
                             onAdditionalDetails: this.handleOnAdditionalDetails.bind(this),
@@ -327,7 +327,7 @@ define(
                              * sets up the callbacks for card components
                              */
                             renderSecureCVC: function() {
-                                if (!this.getOriginKey()) {
+                                if (!this.getClientKey()) {
                                     return;
                                 }
 
@@ -414,8 +414,8 @@ define(
                             getMessageContainer: function() {
                                 return messageContainer;
                             },
-                            getOriginKey: function() {
-                                return adyenConfiguration.getOriginKey();
+                            getClientKey: function() {
+                                return adyenConfiguration.getClientKey();
                             },
                             isPlaceOrderActionAllowed: function() {
                                 return self.isPlaceOrderActionAllowed(); // needed for placeOrder method

view/frontend/web/template/payment/cc-form.html

@@ -39,8 +39,8 @@
 
     <div class="payment-method-content">
 
-        <!-- ko ifnot: (getOriginKey()) -->
-        <span class="message message-error error"><!-- ko text: $t('Please configure an API Key and a live endpoint prefix(if in Production Mode) in your Adyen Required Settings')-->
+        <!-- ko ifnot: (getClientKey()) -->
+        <span class="message message-error error"><!-- ko text: $t('Please configure an API Key, a Client Key and a live endpoint prefix(if in Production Mode) in your Adyen Required Settings')-->
             <!-- /ko --></span>
         <!--/ko-->
 

view/frontend/web/template/payment/oneclick-form.html

@@ -45,8 +45,8 @@
     </div>
     <div class="payment-method-content">
 
-        <!-- ko ifnot: (getOriginKey()) -->
-        <span class="message message-error error"><!-- ko text: $t('Please configure an API Key and a live endpoint prefix(if in Production Mode) in your Adyen Required Settings')--><!-- /ko --></span>
+        <!-- ko ifnot: (getClientKey()) -->
+        <span class="message message-error error"><!-- ko text: $t('Please configure an API Key, a Client Key and a live endpoint prefix(if in Production Mode) in your Adyen Required Settings')--><!-- /ko --></span>
         <!--/ko-->
 
         <!-- ko foreach: $parent.getRegion(getMessageName()) -->