Add the request to error response for apple pay validate #201
Conversation
| .then((a) => { | ||
| // return the json received from Apple Pay server unmodified | ||
| res.send(a.data) | ||
| }) | ||
| .catch((a) => { | ||
| res.send({ | ||
| message: a.message, | ||
| errorMessage: a.message, | ||
| request: requestData, |
There was a problem hiding this comment.
does this change make sensitive data like keys/certificates available?
There was a problem hiding this comment.
It only makes the merchant identifier, domain name, and display name available, all of which were previously hard coded into the file
| .then((a) => { | ||
| // return the json received from Apple Pay server unmodified | ||
| res.send(a.data) | ||
| }) | ||
| .catch((a) => { | ||
| res.send({ | ||
| message: a.message, | ||
| errorMessage: a.message, |
There was a problem hiding this comment.
i d say send ALL (checksum of cert/key), applePayUrl, every possible detail and compare
if this is not due to domain verification revoked then it is down to SOMETHING being off, so better to verify all
There was a problem hiding this comment.
you can send back a bit by a bit, and come back to have merged, wait for deployment... repeat until all is verified
OR immediately make a big return object and verify all fields (as this issue doesn't seem trivial, likely it will fail until you understand it entirely, which in this case is have all fields)
Additional PR for debugging the apple pay validate (to be removed once issue is resolved)