Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
paypal-braintree-web-client
Advanced tools
Readme
A shared client for PayPal/Braintree client sdk modules. Featuring:
npm install --save paypal-braintree-sdk-client
Example of what merchants integrating with different modules in the SDK might call:
// Add required modules
// Shared config can be modified at script load time
<script src=".../checkout.button.js" />
<script src=".../hosted.fields.js" />
// Initialize an instance of the client
// Shared config is immutable at client instance creation
try {
var client = paypal.client({
env: 'sandbox',
auth: {
sandbox: '__SANDBOX_AUTH_KEY__'
}
})
} catch(err) {
console.log('There was a problem creating the client', err);
// TODO: client == undefined at thsi point, blowing up the rest of the code.
// TODO: maybe delaying all errors to `render` is the best option.
});
// Render PayPal Button
client.Button.render({
...
}).catch(function (err) {
console.log('There was a problem creating rendering the paypal button', err);
});
// Render Hosted Fields
client.HostedFields.render({
...
}).then(function (hostedFieldsInstance) {
// Merchant can do stuff with the component instances here
form.addEventListener('submit', function (event) {
event.preventDefault();
hostedFieldsInstance.tokenize(...)
});
}).catch(function (err) {
console.log('There was a problem creating rendering hosted fields', err);
});
Example of how hosted.fields.js
might look:
import sdk from 'paypal-braintree-sdk-client';
// Register hosted fields as taking care of rendering card fields, in shared config
// (to prevent smart-payment-buttons from rendering card buttons)
sdk.config
.get(sdk.KEY.FUNDING_HANDLED)
.push(sdk.FUNDING.CARD);
sdk.attach(options => {
// Read the auth token from the config passed to `paypal.client()`
let uct = options.auth[options.env];
// Parse out config url and merchant id from uct
let { configUrl, merchantID } = parseUCT(uct);
// Make a call to get server config
let getMerchantConfig = sdk.debounceGet(configUrl, {
query: {
merchantID: merchantID
}
});
// Return the public interface for hosted fields
// (this will be available on `client.HostedFields`)
return {
HostedFields: {
render: (hostedFieldsOptions) => {
var options = JSON.parse(JSON.stringify(hostedFieldsOptions || {}));
options.client = sdk.request;
// Wait for server-side merchant config call to complete
return getMerchantConfig.then(merchantConfig => {
// Do some validation
if (merchantConfig.merchant_is_blocked) {
throw new Error('Nope!');
}
// Render hosted fields with passed in options and retrieved merchant config
return renderHostedFields(options, merchantConfig);
});
}
}
};
});
npm run setup
./src
and writing tests in ./tests
npm run build
npm run build
Edit tests in ./test/tests
Run the tests:
npm run test
FAQs
Shared config between PayPal/Braintree.
The npm package paypal-braintree-web-client receives a total of 785 weekly downloads. As such, paypal-braintree-web-client popularity was classified as not popular.
We found that paypal-braintree-web-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.