Skip to content

Commit

Permalink
Fix: Securing create payment params
Browse files Browse the repository at this point in the history
  • Loading branch information
NghiaDTr committed Jul 19, 2024
1 parent 2efd722 commit f6aa64a
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 7 deletions.
2 changes: 2 additions & 0 deletions processor/.env.jest
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ CTP_REGION=europe-west1.gcp
MOLLIE_API_KEY=12345678901234567890123456789012
MOLLIE_PROFILE_ID=pfl_12345
DEBUG=0

CONNECT_SERVICE_URL=http://localhost:3000/processor
23 changes: 20 additions & 3 deletions processor/src/utils/map.utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import { makeMollieAmount } from './mollie.utils';
import { ParsedMethodsRequestType } from '../types/mollie.types';
import { Payment } from '@commercetools/platform-sdk';
import CustomError from '../errors/custom.error';
import { PaymentCreateParams, MethodsListParams } from '@mollie/api-client';
import { PaymentCreateParams, MethodsListParams, PaymentMethod } from '@mollie/api-client';

/**
* Extracts method list parameters from a Commercetools Payment object and returns a Promise resolving to a MethodsListParams object.
Expand Down Expand Up @@ -72,14 +72,31 @@ export const mapCommercetoolsPaymentCustomFieldsToMollieListParams = async (
export const createMollieCreatePaymentParams = (payment: Payment): PaymentCreateParams => {
const { amountPlanned, paymentMethodInfo, custom } = payment;

const [method, issuer] = paymentMethodInfo?.method?.split(',') ?? [null, null];

const requestCustomField = custom?.fields?.[CustomFields.createPayment.request];

const paymentRequest = requestCustomField ? JSON.parse(requestCustomField) : {};

const defaultWebhookEndpoint = new URL(process.env.CONNECT_SERVICE_URL ?? '').origin + '/webhook';

const molliePaymentParams: PaymentCreateParams = {
...paymentRequest,
method: paymentMethodInfo.method,
description: paymentRequest.description ?? '',
amount: makeMollieAmount(amountPlanned),
redirectUrl: paymentRequest.redirectUrl ?? null,
webhookUrl: paymentRequest.webhookUrl ?? defaultWebhookEndpoint,
billingAddress: paymentRequest.billingAddress ?? {},
shippingAddress: paymentRequest.shippingAddress ?? {},
locale: paymentRequest.locale ?? null,
method: method as PaymentMethod,
issuer: issuer ?? '',
restrictPaymentMethodsToCountry: paymentRequest.restrictPaymentMethodsToCountry ?? null,
metadata: paymentRequest.metadata ?? null,
// captureMode: paymentRequest.captureMode ?? null, PICT-204 is on hold
// captureDelay: paymentRequest.captureMode ?? null, PICT-204 is on hold
applicationFee: paymentRequest.applicationFee ?? {},
profileId: paymentRequest.profileId ?? null,
testmode: paymentRequest.testmode ?? null,
};

return molliePaymentParams;
Expand Down
31 changes: 27 additions & 4 deletions processor/tests/utils/map.utils.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import {
} from '../../src/utils/map.utils';
import { Payment } from '@commercetools/platform-sdk';
import { MethodsListParams } from '@mollie/api-client';
import { makeMollieAmount } from '../../src/utils/mollie.utils';

describe('Test map.utils.ts', () => {
let mockCtPayment: Payment;
Expand Down Expand Up @@ -74,12 +75,27 @@ describe('createMollieCreatePaymentParams', () => {
};

const mollieCreatePaymentParams = createMollieCreatePaymentParams(CTPayment);
const defaultWebhookEndpoint = new URL(process.env.CONNECT_SERVICE_URL ?? '').origin + '/webhook';
const mollieAmount = makeMollieAmount(CTPayment.amountPlanned);

expect(mollieCreatePaymentParams).toEqual({
method: 'creditcard',
method: CTPayment.paymentMethodInfo.method,
amount: {
currency: 'EUR',
value: '10.00',
currency: mollieAmount.currency,
value: mollieAmount.value,
},
locale: null,
redirectUrl: null,
webhookUrl: defaultWebhookEndpoint,
description: '',
applicationFee: {},
billingAddress: {},
issuer: '',
metadata: null,
profileId: null,
restrictPaymentMethodsToCountry: null,
shippingAddress: {},
testmode: null,
});
});

Expand Down Expand Up @@ -130,8 +146,15 @@ describe('createMollieCreatePaymentParams', () => {
locale: customFieldObject.locale,
redirectUrl: customFieldObject.redirectUrl,
webhookUrl: customFieldObject.webhookUrl,
cancelUrl: customFieldObject.cancelUrl,
description: customFieldObject.description,
applicationFee: {},
billingAddress: {},
issuer: '',
metadata: null,
profileId: null,
restrictPaymentMethodsToCountry: null,
shippingAddress: {},
testmode: null,
});
});
});

0 comments on commit f6aa64a

Please sign in to comment.