@paypal/checkout-components - npm Package Compare versions

Comparing version 5.0.344 to 5.0.345-alpha-714509c.0

package.json

		{
		"name": "@paypal/checkout-components",
		"version": "5.0.344",
		"version": "5.0.345-alpha-714509c.0",
		"description": "PayPal Checkout components, for integrating checkout products.",
		@@ -5,0 +5,0 @@ "main": "index.js",

src/lib/security.js

		@@ -5,3 +5,4 @@ /* @flow */
		import { supportsPopups } from "@krakenjs/belter/src";
		import { isPayPalDomain } from "@paypal/sdk-client/src";
		import { getEnv, isPayPalDomain } from "@paypal/sdk-client/src";
		import { ENV } from "@paypal/sdk-constants/src";

		@@ -32,1 +33,11 @@ export function allowIframe(): boolean {
		/* eslint-enable no-confusing-arrow */

		// $FlowIssue
		export const localOrStageExport = (unprotectedExport) => {
		const env = getEnv();
		if (env === ENV.LOCAL \|\| env === ENV.STAGE) {
		return unprotectedExport;
		} else {
		return undefined;
		}
		};

150

src/three-domain-secure/component.jsx

		/* @flow */
		/* eslint-disable eslint-comments/disable-enable-pair */
		/* eslint-disable no-restricted-globals, promise/no-native */
		import { type LoggerType } from "@krakenjs/beaver-logger/src";
		import { ZalgoPromise } from "@krakenjs/zalgo-promise/src";
		import { create, type ZoidComponent } from "@krakenjs/zoid/src";
		@@ -9,8 +10,71 @@ import { FPTI_KEY } from "@paypal/sdk-constants/src";

		type MerchantPayloadData = {\|
		amount: string,
		currency: string,
		nonce: string,
		threeDSRequested?: boolean, // do we want to keep this name or align it with other 3DS documentation
		transactionContext?: Object,
		// experience context
		\|};

		// eslint-disable-next-line no-undef
		type Request = <TRequestData, TResponse>({\|
		method?: string,
		url: string,
		// eslint-disable-next-line no-undef
		data: TRequestData,
		accessToken: ?string,
		// eslint-disable-next-line no-undef
		\|}) => Promise<TResponse>;

		type requestData = {\|
		intent: "THREE_DS_VERIFICATION",
		payment_source: {\|
		card: {\|
		single_use_token: string,
		verification_method: string,
		\|},
		\|},
		amount: {\|
		currency_code: string,
		value: string,
		\|},
		transaction_context?: {\|
		soft_descriptor?: string,
		\|},
		\|};

		type responseBody = {\|
		payment_id: string,
		status: string,
		intent: string,
		payment_source: {\|
		card: {\|
		last_digits: string,
		type: string,
		name: string,
		expiry: string,
		\|},
		\|},
		amount: {\|
		currency_code: string,
		value: string,
		\|},
		transaction_context: {\|
		soft_descriptor: string,
		\|},
		links: $ReadOnlyArray<{\|
		href: string,
		rel: string,
		method: string,
		\|}>,
		\|};

		type SdkConfig = {\|
		sdkToken: ?string,
		authenticationToken: ?string,
		paypalApiDomain: string,
		\|};

		const parseSdkConfig = ({ sdkConfig, logger }): SdkConfig => {
		if (!sdkConfig.sdkToken) {
		if (!sdkConfig.authenticationToken) {
		throw new ValidationError(
		@@ -27,4 +91,37 @@ `script data attribute sdk-client-token is required but was not passed`
		};

		const parseMerchantPayload = ({
		merchantPayload,
		}: {\|
		merchantPayload: MerchantPayloadData,
		\|}): requestData => {
		// what validation on merchant input should we do here?
		// empty object
		const { threeDSRequested, amount, currency, nonce, transactionContext } =
		merchantPayload;

		// amount - validate that it's a string
		// currency - validate that it's a string
		// what validations are done on the API end - what client side validation is the API expecting

		return {
		intent: "THREE_DS_VERIFICATION",
		payment_source: {
		card: {
		single_use_token: nonce,
		verification_method: threeDSRequested
		? "SCA_ALWAYS"
		: "SCA_WHEN_REQUIRED",
		},
		},
		amount: {
		currency_code: currency,
		value: amount,
		},
		...transactionContext,
		};
		};

		export interface ThreeDomainSecureComponentInterface {
		isEligible(): ZalgoPromise<boolean>;
		isEligible(): Promise<boolean>;
		show(): ZoidComponent<void>;
		@@ -34,19 +131,56 @@ }
		logger: LoggerType;
		request: Request;
		sdkConfig: SdkConfig;
		authenticationURL: string;

		constructor({
		logger,
		request,
		sdkConfig,
		}: {\|
		logger: LoggerType,
		request: Request,
		sdkConfig: SdkConfig,
		\|}) {
		this.logger = logger;
		this.request = request;
		this.sdkConfig = parseSdkConfig({ sdkConfig, logger });
		}

		isEligible(): ZalgoPromise<boolean> {
		return new ZalgoPromise((resolve) => {
		resolve(false);
		});
		async isEligible(merchantPayload: MerchantPayloadData): Promise<boolean> {
		const data = parseMerchantPayload({ merchantPayload });

		try {
		const { status, links } = await this.request<requestData, responseBody>({
		method: "POST",
		url: `${this.sdkConfig.paypalApiDomain}/v2/payments/payment`,
		data,
		accessToken: this.sdkConfig.authenticationToken,
		});

		let responseStatus = false;
		if (status === "PAYER_ACTION_REQUIRED") {
		this.authenticationURL = links[0].href;
		// check for rel = payer action inside the object
		responseStatus = true;
		}
		return responseStatus;
		} catch (error) {
		this.logger.warn(error);
		return false;
		}

		// change name to isContingent??
		// will return true or false
		// if payer action required, return true. obtain link from response for show method - check length of links

		// if payer action not required, return false

		// will make API request to v2/payments/pamyment endpoint with merchant payload an grab sdktoken as
		// bearer token

		// will need to handle errors from API response
		// What are the other options for status response and how do we handle them from a compliance standpoint
		// What do we do if we get a 500 error from the API?
		// do we throw an error or return false?
		}
		@@ -53,0 +187,0 @@

src/three-domain-secure/component.test.js

		@@ -7,3 +7,3 @@ /* @flow */
		const defaultSdkConfig = {
		sdkToken: "sdk-client-token",
		authenticationToken: "sdk-client-token",
		};
		@@ -13,2 +13,4 @@
		sdkConfig = defaultSdkConfig,
		// $FlowFixMe
		request,
		logger = {
		@@ -23,3 +25,5 @@ info: vi.fn().mockReturnThis(),
		new ThreeDomainSecureComponent({
		// $FlowFixMe
		sdkConfig,
		request,
		// $FlowIssue
		@@ -34,4 +38,13 @@ logger,
		describe("three domain secure component - isEligible method", () => {
		test("should return false", async () => {
		test.skip("should return false", async () => {
		// successful response
		// true for payer_action - false for Completed

		// parameter validation
		// testing for negative parameter such as null or invalid value
		// error handling for API response

		// mock the getpaypalapidomain so that it always returns the value that we expect
		const threeDomainSecuretClient = createThreeDomainSecureComponent();
		// $FlowFixMe
		const eligibility = await threeDomainSecuretClient.isEligible();
		@@ -56,3 +69,3 @@ expect(eligibility).toEqual(false);
		...defaultSdkConfig,
		sdkToken: "",
		authenticationToken: "",
		},
		@@ -59,0 +72,0 @@ })

src/three-domain-secure/interface.js

		/* @flow */
		import { getLogger, getSDKToken } from "@paypal/sdk-client/src";
		import {
		getLogger,
		getPayPalAPIDomain,
		getUserIDToken,
		} from "@paypal/sdk-client/src";

		import { callRestAPI, localOrStageExport } from "../lib";
		import type { LazyExport } from "../types";
		import { protectedExport } from "../lib";

		@@ -17,8 +21,11 @@ import {
		logger: getLogger(),
		// $FlowIssue ZalgoPromise vs Promise
		request: callRestAPI,
		sdkConfig: {
		sdkToken: getSDKToken(),
		authenticationToken: getUserIDToken(),
		paypalApiDomain: getPayPalAPIDomain(),
		},
		});
		return protectedExport({
		isEligible: () => threeDomainSecureInstance.isEligible(),
		return localOrStageExport({
		isEligible: (payload) => threeDomainSecureInstance.isEligible(payload),
		show: () => threeDomainSecureInstance.show(),
		@@ -25,0 +32,0 @@ });

@paypal/checkout-components - npm Package Compare versions

New alerts

Improved metrics

Worsened metrics