Merge pull request #17 from cybersource-tpi/develop

Merging release candidate 23.2.0 to main

Author: ohernandovisa

documentation/Oracle Commerce Cloud Installation Guide v6.0.pdf

@@ -106,6 +106,7 @@ The following settings can be configured in gateway:
 |                                     |                                                                                                                                                                                                                                                                                                                   |
 | **Credit Card**                     |                                                                                                                                                                                                                                                                                                                   |
 | **payerAuthEnabled**                | Enables payer authentication for credit cards                                                                                                                                                                                                                                                                     |
+| **scaEnabled**                | If enabled card holder will be 3DS Challenged when saving a card                                                                                                                                                                                                                                                                      |
 | **flexSdkUrl**                      | Credit Card Flex SDK URL                                                                                                                                                                                                                                                                                          |
 | **isCVVRequiredForSavedCards**      | Is the CVV required when using a saved card.                                                                                                                                                                                                                                                                      |
 | **isCVVRequiredForScheduledOrders** | Is the CVV required for a Scheduled Order                                                                                                                                                                                                                                                                         |
@@ -282,6 +283,7 @@ server-extension
  ┃ ┃ ┃ ┃ ┃ ┣ mappers
  ┃ ┃ ┃ ┃ ┃ ┃ ┣ index.ts
  ┃ ┃ ┃ ┃ ┃ ┃ ┣ payerAuthMapper.ts
+ ┃ ┃ ┃ ┃ ┃ ┃ ┣ scaMapper.ts
  ┃ ┃ ┃ ┃ ┃ ┃ ┣ saleCardMapper.ts
  ┃ ┃ ┃ ┃ ┃ ┃ ┣ saleGenericMapper.ts
  ┃ ┃ ┃ ┃ ┃ ┃ ┗ savedCardPaymentMapper.ts

documentation/Oracle Commerce Cloud- Cybersource User Installation Guide v7.0.pdf renamed to documentation/Oracle Commerce Cloud- Cybersource User Installation Guide v8.0.pdf

@@ -9,6 +9,7 @@
    3. [Payer Authentication](#payer-authentication)
       1. [UI integration details](#ui-integration-details-1)
       2. [Backend (SSE) integration details](#backend-sse-integration-details-1)
+      3. [Strong Customer Authentication (SCA)](#strong-customer-authentication-sca)
    4. [Capturing funds during authorization (SALE)](#capturing-funds-during-authorization-sale)
 
 ## Description
@@ -42,14 +43,16 @@ The following gateway settings apply to credit card payments
 |-------------------------------------|---------------------------------------------------------------------------------------------------|
 | **paymentMethodTypes**              | Enabled Payment Methods. 'Credit & Debit Card' should be enabled                                  |
 | **paymentOptions**                  | Payment options enabled for payment using Payment Widget. 'Credit & Debit Card' should be enabled |
-| **payerAuthEnabled**                | Enables payer authentication (3D Secure) for credit cards                                         |                                                                                                                     |            |
+| **payerAuthEnabled**                | Enables payer authentication (3D Secure) for credit cards                                         |
+| **scaEnabled**                      | If enabled card holder will be 3DS Challenged when saving a card                                  |
 | **saleEnabled**                     | Indicates if authorizing and taking payment will be done at the same time                         |
 | **isCVVRequiredForSavedCards**      | Should be disabled as CVV is not required in backend                                              |
 | **isCVVRequiredForScheduledOrders** | Should be disabled as CVV is not required in backend                                              |
 
 Default values:
 
 - `payerAuthEnabled`: true. Payer authentication is enabled by default
+- `scaEnabled` : false
 - `isCVVRequiredForSavedCards`: false
 - `isCVVRequiredForScheduledOrders`: false
 - `saleEnabled` - by default SALE is disabled for Card payments. Can be enabled in OCC Admin
@@ -135,7 +138,6 @@ plugins
  | | | ├── meta.js
  | | | └── styles.css
  | | ├── isv-payment-utility
- | | | ├── common.js
  | | | ├── flex-microform.js
  | | | ├── flex-microForm-api.js
  | | | └── script-loader.js
@@ -145,7 +147,9 @@ plugins
  | | ├── meta.js
  | | └── styles.css
  | ├── .eslintrc
+ | ├── constants.js
  | ├── index.js
+ | ├── isv-common.js
  | └── meta.js
  ├── endpoints
  | ├── flex-microform-endpoint
@@ -261,10 +265,20 @@ The following UI component contains Payer Authentication integration logic `plug
 
 #### Backend (SSE) integration details
 
-- `server-extension/src/controllers/payerAuth.ts` Controller for generating a signed PayerAuth JWT
+- `server-extension/src/controllers/payerAuth.ts` Controller for payer auth setup
 - `server-extension/src/services/payments/converters/request/mappers/payerAuthEnrollMapper.ts` Including payer auth reference id into PSP card authorization request
 - `server-extension/src/services/payments/converters/request/mappers/payerAuthValidationMapper.ts` Including payer auth validation token into PSP card authorization request
 
+#### Strong Customer Authentication (SCA)
+
+When `Payer Authentication` is enabled, if a transaction gets declined with the reason as Strong Customer Authentication required, then another request will be sent from Oracle Commerce Cloud automatically for the same order and the customer will be 3DS challenged. 
+
+In case merchants would like the cardholder to be 3DS Challenged when saving a card `scaEnabled` gateway setting can be updated to enable it for credit cards.
+
+In case 'Strong Customer Authentication' is enabled for credit cards, '10000' response code is sent back in Webhook response so that OCC becomes aware of that.
+
+*Note:* The `scaEnabled` setting is applicable only if `Payer Authentication` is enabled.
+
 ### Capturing funds during authorization (SALE)
 
 In case merchants would like funds to be captured (settled) during card authorizations `saleEnabled` gateway setting can be updated to enable it for credit cards.

documentation/Release Notes v23.1.0.docx

@@ -1,6 +1,6 @@
 //occ.js
 const https = require('https');
-const request = require('request');
+const superagent = require('superagent');
 const fs = require('fs-extra');
 const common = require('../common/occ');
 const path = require('path');
@@ -60,42 +60,20 @@ async function listSSEFiles(url, accessToken) {
 
 async function doSSEFileUploadMultipart(url, accessToken, appName, archiveFile) {
   return new Promise((resolve, reject) => {
-    /** Setup Progress Bar */
-    const fileStream = fs.createReadStream(archiveFile);
-
-    request.post(
-      `https://${url}/ccadmin/v1/serverExtensions`,
-      {
-        headers: {
-          Authorization: 'Bearer ' + accessToken
-        },
-        formData: {
-          filename: `${appName}.zip`,
-          uploadType: 'extensions',
-          force: 'true',
-          fileUpload: {
-            value: fileStream,
-            options: {
-              filename: `${appName}.zip`
-            }
-          }
-        }
-      },
-      (err, httpResponse, body) => {
-        if (!err && httpResponse.statusCode === 200) {
+      superagent
+      .post(`https://${url}/ccadmin/v1/serverExtensions`)
+      .set("Authorization", 'Bearer ' + accessToken)
+      .field('filename', `${appName}.zip`)
+      .field('uploadType', 'extensions')
+      .field('force', 'true')
+      .attach('fileUpload', archiveFile)
+      .end((err, res) => {
+        if(res.status === 200){
           fs.removeSync(archiveFile);
-          return resolve(body);
-        } else {
-          if (err) {
-            message = err;
-          } else {
-            message = body;
-          }
-          return reject(message);
         }
-      }
-    );
-  });
+        resolve(res.text);
+      });
+  })
 }
 
 function getExtensionServerLogs(url, accessToken, date = '', loggingLevel = 'debug') {

documentation/Release Notes v23.1.1.docx renamed to documentation/Release Notes v23.2.0.docx

@@ -68,7 +68,6 @@
   "dependencies": {
     "@popperjs/core": "^2.11.6",
     "jwt-decode": "^3.1.2",
-    "request":"^2.88.2",
     "tsc-alias": "^1.7.1"
 
   },

documentation/package-contents.md

@@ -233,6 +233,12 @@ declare namespace OCC {
     ipAddress?: string;
     httpBrowserJavaScriptEnabled?: boolean;
     httpAcceptContent?: string;
+    pauseRequestId?: string;
+
+     stepUpUrl?: string;
+     accessToken?: string;
+     pareq?: string;
+     challengeCode?: string;
   }
 
   export interface CaptureContextRequest {

documentation/payment-services/credit-card.md

@@ -163,6 +163,14 @@
       "defaultValue": true,
       "public": false
     },
+    {
+      "id": "scaEnabled",
+      "type": "booleanType",
+      "labelResourceId": "scaEnabledLabel",
+      "helpTextResourceId": "scaEnabledHelpText",
+      "defaultValue": false,
+      "public": false
+    },
     {
       "id": "saleEnabled",
       "type": "multiSelectOptionType",

lib/sse/occ.js

@@ -82,6 +82,8 @@
     "deviceFingerprintOrgIdLabel": "Device Fingerprint Organization Id",
     "deviceFingerprintOrgIdHelpText": "",
     "deviceFingerprintEnabledLabel": "Device Fingerprint Enabled",
-    "deviceFingerprintEnabledHelpText": ""
+    "deviceFingerprintEnabledHelpText": "",
+    "scaEnabledLabel": "Enforce SCA for Saving Card",
+    "scaEnabledHelpText": "If enabled, card holder will be 3DS challenged when saving a card (enforcing Strong Customer Authentication)"
   }
 }

package.json

@@ -1,15 +1,16 @@
 {
   "paymentMethodTypes": "card,generic",
   "paymentOptions": "card,googlepay,applepay",
-  "merchantID": "merchantID",
-  "merchantKeyId": "merchantKeyId",
-  "merchantsecretKey": "merchantsecretKey",
+  "merchantID": "",
+  "merchantKeyId": "",
+  "merchantsecretKey": "",
   "authenticationType": "http_signature",
   "keyAlias": "keyAlias",
   "keyPass": "keyPass",
   "keyFileName": "keyFileName",
   "runEnvironment": "apitest.cybersource.com",
   "payerAuthEnabled": true,
+  "scaEnabled": false,
   "saleEnabled": "card",
   "flexSdkUrl": "https://flex.cybersource.com/cybersource/assets/microform/0.11/flex-microform.min.js",
   "isCVVRequiredForSavedCards": false,
@@ -18,15 +19,15 @@
   "googlePayEnvironment": "TEST",
   "googlePayGateway": "googlePayGateway",
   "googlePayGatewayMerchantId": "googlePayGatewayMerchantId",
-  "googlePayMerchantId": "googlePayMerchantId",
+  "googlePayMerchantId": "",
   "googlePayMerchantName": "googlePayMerchantName",
   "googlePaySupportedNetworks": "AMEX,DISCOVER,INTERAC,JCB,MASTERCARD,VISA",
   "applePayMerchantId": "applePayMerchantId",
   "applePayInitiative": "web",
   "applePayInitiativeContext": "AdminServerUrl",
   "applePayDisplayName": "applePayDisplayName",
   "applePaySupportedNetworks": "visa,masterCard,amex,discover",
-  "dmDecisionSkip": "card,googlepay,applepay",
+  "dmDecisionSkip": "googlepay,applepay",
   "deviceFingerprintEnabled": false,
   "deviceFingerprintUrl": "https://h.online-metrix.net/fp/tags.js",
   "deviceFingerprintOrgId": "deviceFingerprintOrgId",

packages/occ-sse-gateway/lib/types/occ-sdk.d.ts

@@ -3108,6 +3108,7 @@ declare module 'cybersource-rest-client' {
          * Name of the profile selector rule that chooses the profile to use for the transaction. If no profile selector exists, the value is Default Active Profile. 
          */
         'selectorRule'?: string;
+        'action'?: 'PAYERAUTH_INVOKE' | 'PAYERAUTH_SKIP' | 'PAYERAUTH_EXTERNAL';
     }
     export interface PtsV2PaymentsPost201ResponseRiskInformationProviders {
         'providerName'?: Array<PtsV2PaymentsPost201ResponseRiskInformationProvidersProviderName>;
@@ -4135,6 +4136,10 @@ declare module 'cybersource-rest-client' {
          * Reference ID that corresponds to the device fingerprinting data that was collected previously. Note Required for Hybrid integration. 
          */
         'referenceId'?: string;
+          /**
+         * The URL of the merchant’s return page. CyberSource adds this return URL to the step-up JWT and returns it in the response of the Payer Authentication enrollment call. The merchant's return URL page serves as a listening URL. Once the bank session completes, the merchant receives a POST to their URL. This response contains the completed bank session’s transactionId. The merchant’s return page should capture the transaction ID and send it in the Payer Authentication validation call. 
+         */
+          'returnUrl'?: string;
         /**
          * This field indicates the maximum amount of time for all 3DS 2.0 messages to be communicated between all components (in minutes).  Possible Values:  Greater than or equal to 05 (05 is the minimum timeout to set)  Cardinal Default is set to 15  NOTE: This field is a required 3DS 2.0 field and Cardinal sends in a default of 15 if nothing is passed 
          */

packages/payment-gateway/gateway/isv-occ-gateway/config/config.json

@@ -12,7 +12,7 @@
     "report.daily.download.path": "",
     "crypto.service.key": "l8myMlkZiBX/kLbpDcn3Nw==",
     "partner.developerId": "999",
-    "partner.solutionId": "Z1BIKTOZ",
+    "partner.solutionId": "VWLU11FQ",
     "logging.webhook.http": true,
     "logging.api.error": true,
     "logging.api.access": true

packages/payment-gateway/gateway/isv-occ-gateway/config/locales/en.json

@@ -4,9 +4,9 @@
     "crypto.service.key": "l8myMlkZiBX/kLbpDcn3Nw==",
     "feature.gatewaysettings.payload": "disabled",
     "partner.developerId": "999",
-    "partner.solutionId": "Z1BIKTOZ",
+    "partner.solutionId": "VWLU11FQ",
     "logging.webhook.http": true,
     "logging.api.error": true,
     "logging.api.access": true,
-    "payments.secret.key": "eAGpAMAGj2wmssjvREMe1a/LGXvB/VC+B1ZV+QMc+NA4xTgpqMw4AjQRSQhEkgxEDuHgWY6nvBqx7cAaR+bPaA=="
+    "payments.secret.key": ""
 }

packages/payment-gateway/settings.json

@@ -26,7 +26,6 @@ function loadConfiguration(app: Application) {
 
 export default function configureApp(app: Application, baseRoutePath = '') {
   loadConfiguration(app);
-  //added header
   app.use((req, res, next) => {
     res.setHeader("X-Frame-Options", "same-origin");
     next();

packages/payment-sdk/index.d.ts

@@ -16,7 +16,6 @@ const { errorHandler } = require('../errors/handlers/errorHandler');
  * @param {Object} res - Transaction response
  */
 async function paymentRouteHandler(req, res) {
-  //const logger = (global.occ.logger) ? global.occ.logger : console;
   const logger = LogFactory.logger();
 
   //Get gateway module name
@@ -33,8 +32,6 @@ async function paymentRouteHandler(req, res) {
     throw new Error('Missing gateway module name');
   }
 
-  // Set payment type
-  // const paymentType = req.params.paymentType;
   logger.debug(
     `${req.method} ${req.path}; order=${req.body.orderId}; paymentGroup=${req.body.paymentId}`
   );

packages/server-extension/config/app.local.json

@@ -36,7 +36,6 @@ app.use(cors());
 
 // Enable 'bodyParser' for dev environment
 app.use(bodyParser.json());
-
 nconf
   .file({ file: path.join(__dirname, '../config/app.local.json') })
   .argv()

packages/server-extension/config/app.prod.json

@@ -3,8 +3,21 @@ import { CreatePaymentRequest } from 'cybersource-rest-client';
 import { PaymentRequestMapper } from '../../common';
 
 const isNotPayerAuthValidation = (webhookRequest: OCC.GenericPaymentWebhookRequest) =>
-!Boolean(webhookRequest.customProperties?.authenticationTransactionId);
+  !Boolean(webhookRequest.customProperties?.authenticationTransactionId);
 
+const getChallengeCode = (context: PaymentContext) => {
+  if (context.requestContext.gatewaySettings?.scaEnabled && context.webhookRequest.cardDetails?.saveCard || context.webhookRequest.customProperties?.challengeCode == '04') {
+    context.webhookRequest.customProperties = {
+      ...context.webhookRequest.customProperties,
+      challengeCode: '04'
+    }
+    return {
+      challengeCode: '04'
+    }
+  }
+  else
+    return {}
+}
 
 export const payerAuthEnrollMapper: PaymentRequestMapper = {
   supports: (context: PaymentContext) =>
@@ -21,22 +34,23 @@ export const payerAuthEnrollMapper: PaymentRequestMapper = {
       consumerAuthenticationInformation: {
         requestorId: 'requestorId',
         referenceId: webhookRequest.customProperties?.referenceId,
-        returnUrl:webhookRequest.customProperties?.returnUrl,
-        deviceChannel:webhookRequest.customProperties?.deviceChannel,
+        returnUrl: webhookRequest.customProperties?.returnUrl,
+        deviceChannel: webhookRequest.customProperties?.deviceChannel,
+        ...getChallengeCode(context),
       },
       deviceInformation: {
-        httpBrowserJavaEnabled:webhookRequest.customProperties?.httpBrowserJavaEnabled,
-        httpAcceptBrowserValue:webhookRequest.customProperties?.httpAcceptBrowserValue,
-        httpBrowserLanguage:webhookRequest.customProperties?.httpBrowserLanguage,
-        httpBrowserColorDepth:webhookRequest.customProperties?.httpBrowserColorDepth,
-        httpBrowserScreenHeight:webhookRequest.customProperties?.httpBrowserScreenHeight,
-        httpBrowserScreenWidth:webhookRequest.customProperties?.httpBrowserScreenWidth,
-        httpBrowserTimeDifference:webhookRequest.customProperties?.httpBrowserTimeDifference,
-        userAgentBrowserValue:webhookRequest.customProperties?.userAgentBrowserValue,
-        ipAddress:webhookRequest.customProperties?.ipAddress,
-        httpBrowserJavaScriptEnabled:webhookRequest.customProperties?.httpBrowserJavaScriptEnabled,
-        httpAcceptContent:webhookRequest.customProperties?.httpAcceptContent
-       }
+        httpBrowserJavaEnabled: webhookRequest.customProperties?.httpBrowserJavaEnabled,
+        httpAcceptBrowserValue: webhookRequest.customProperties?.httpAcceptBrowserValue,
+        httpBrowserLanguage: webhookRequest.customProperties?.httpBrowserLanguage,
+        httpBrowserColorDepth: webhookRequest.customProperties?.httpBrowserColorDepth,
+        httpBrowserScreenHeight: webhookRequest.customProperties?.httpBrowserScreenHeight,
+        httpBrowserScreenWidth: webhookRequest.customProperties?.httpBrowserScreenWidth,
+        httpBrowserTimeDifference: webhookRequest.customProperties?.httpBrowserTimeDifference,
+        userAgentBrowserValue: webhookRequest.customProperties?.userAgentBrowserValue,
+        ipAddress: webhookRequest.customProperties?.ipAddress,
+        httpBrowserJavaScriptEnabled: webhookRequest.customProperties?.httpBrowserJavaScriptEnabled,
+        httpAcceptContent: webhookRequest.customProperties?.httpAcceptContent
+      }
     };
   }
 };

packages/server-extension/src/app.ts

@@ -2,6 +2,13 @@ import { PaymentContext } from '@server-extension/common';
 import { CreatePaymentRequest } from 'cybersource-rest-client';
 import { PaymentRequestMapper } from '../../common';
 
+
+const getPauseRequestId = (context: PaymentContext) => {
+  const pauseRequestId = context.webhookRequest.customProperties?.pauseRequestId;
+  return pauseRequestId ? { clientReferenceInformation: { pauseRequestId } } : {};
+}
+
+
 export const payerAuthValidationMapper: PaymentRequestMapper = {
   supports: (context: PaymentContext) => Boolean(context.webhookRequest.customProperties?.authenticationTransactionId),
 
@@ -14,7 +21,8 @@ export const payerAuthValidationMapper: PaymentRequestMapper = {
       },
       consumerAuthenticationInformation: {
         authenticationTransactionId: webhookRequest.customProperties!.authenticationTransactionId
-      }
+      },
+      ...getPauseRequestId(context)
     };
   }
 };