Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
@dintero/checkout-web-sdk
Advanced tools
Use this SDK in your frontend application to
Note that this SDK is for redirecting or embedding existing payment sessions. You cannot use this SDK to send requests to the Checkout API or to crate new payment sessions.
Learn more about the Dintero Checkout at docs.dintero.com
We cannot guarantee the delivery of events from the embedded checkout to the SDK client runtime. The sessions machine-to-machine callback_url
will be delivered at least once. Read more about the callback_url parameter in our api spec.
For payments on devices with the Vipps app installed, after payment is completed in the Vipps app, the end user will be returned to the browser where the return_url
on the payment is opened in a new browser tab leaving the site that has the embedded checkout still open in a background browser tab on the device. In this case the SDK cannot guarantee that the handlers for onPaymentAuthorized
or onPaymentError
will be called.
If no custom handler are added for onPaymentError
, onPaymentAuthorized
and onPaymentCanceled
the SDK will redirect the user to the return_url
in the payment session.
NPM package
npm install @dintero/checkout-web-sdk
unpkg
Load the Dintero Checkout SDK in a script tag on your site.
<script src="https://unpkg.com/@dintero/checkout-web-sdk@0.0.17/dist/dintero-checkout-web-sdk.umd.min.js" integrity="sha384-C+s7429Bxo4cmt8Tt3N5MRR4fZ/OsEBHDJaHwOnhlizydtc7wgCGvH5u5cXnjSSx"></script>
The Dintero Checkout will be added to the <div id="checkout-container"></div>
DOM-node.
When payment is completed, the SDK will redirect the end user to the return_url
defined in the payment session.
<script type="text/javascript">
const container = document.getElementById("checkout-container");
dintero.embed({
container,
sid: "T11223344.<short-uuid>",
});
</script>
The checkout sdk will add a polyfill for promises if the browser does not support promises natively.
<script type="text/javascript">
const container = document.getElementById("checkout-container");
dintero
.embed({
container,
sid: "T11223344.<short-uuid>",
language: "no", \\ optional parameter, an ISO 639-1 two-letter language code
onSession: function(event, checkout) {
console.log("session", event.session);
},
onPayment: function(event, checkout) {
console.log("transaction_id", event.transaction_id);
console.log("href", event.href);
checkout.destroy();
},
onPaymentError: function(event, checkout) {
console.log("href", event.href);
checkout.destroy();
},
onSessionCancel: function(event, checkout) {
console.log("href", event.href);
checkout.destroy();
},
onSessionLocked: function(event, checkout) {
console.log("pay_lock_id", event.pay_lock_id);
},
onSessionLockFailed: function(event, checkout) {
console.log("session lock failed");
},
onActivePaymentType: function(event, checkout) {
console.log("payment product type selected", event.payment_product_type);
},
})
.then(function(checkout) {
console.log("checkout", checkout);
});
</script>
import {
embed,
SessionLoaded,
SessionUpdated,
SessionPayment,
SessionPaymentError,
SessionCancel,
} from "@dintero/checkout-web-sdk";
const container = document.getElementById("checkout-container");
const checkout = await embed({
container,
sid: "T11223344.<short-uuid>",
language: "no", \\ optional parameter, an ISO 639-1 two-letter language code
onSession: (event: SessionLoaded | SessionUpdated) => {
console.log("session", event.session);
},
onPayment: (event: SessionPayment) => {
console.log("transaction_id", event.transaction_id);
console.log("href", event.href);
checkout.destroy();
},
onPaymentError: (event: SessionPaymentError) => {
console.log("href", event.href);
checkout.destroy();
},
onSessionCancel: (event: SessionCancel) => {
console.log("href", event.href);
checkout.destroy();
},
onSessionLocked: (event, checkout) => {
console.log("pay_lock_id", event.pay_lock_id);
},
onSessionLockFailed: (event, checkout) => {
console.log("session lock failed");
},
onActivePaymentType: function(event, checkout) {
console.log("payment product type selected", event.payment_product_type);
},
});
The payment product type can be set with the returned setActivePaymentProductType()
function when embedding the checkout.
Select "vipps" payment product type:
checkout.setActivePaymentProductType("vipps");
Resetting selection (so no option is selected in the checkout):
checkout.setActivePaymentProductType();
To update an existing Checkout Express-session, follow these steps:
Call lockSession on the checkout object:
checkout.lockSession();
When the session is successfully locked, you'll get a callback at onSessionLocked
.
If locking the session fails, there will be a callback at onSessionLockFailed
.
While the session is locked, all editing and paying in the checkout is disabled.
See session update for details on what parts of the session can be updated, and how.
After updating the session, call refreshSession on the checkout object:
checkout.refreshSession();
Editing and paying in the checkout is enabled again.
The user is redirected to the Dintero Checkout to complete payment.
import { redirect } from "dintero-checkout-web-sdk";
const checkout = redirect({
sid: "T11223344.<short-uuid>",
});
Bugs can be reported to https://github.com/dintero/checkout-web-sdk/issues
Contact us at security@dintero.com
All major browsers above version N - 1
, where N
is the most recent version. For Internet Explorer, only version 11 is supported.
The SDK includes a polyfill for promises that is added to the global scope if promises are not supported by the browser.
npm install
npm run build
The Dintero Checkout SDK is built with microbundle.
package.json
.shasum -b -a 384 dist/dintero-checkout-web-sdk.umd.min.js | awk '{ print $1 }' | xxd -r -p | base64 | sed "s/^/sha384-/g"
npm publish --access=public
.git tag "v$(jq .version -r < package.json)"
FAQs
Dintero Checkout SDK for web frontends
We found that @dintero/checkout-web-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.