-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(core): inclusion of locker to store fingerprints #3630
Conversation
…uspay/hyperswitch into blocklist_locker_compatibility
…uspay/hyperswitch into blocklist_locker_compatibility
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM,
just a question, can we also plan on deprecating the fingerprint id column in payment intent
Well we are adding the fingerprint of the successful attempt in our intent so we are not going to depreciate it. Intents's fingerprint Will be used by dashboard to flag payments. |
…uspay/hyperswitch into blocklist_locker_compatibility
82cb2e5
…uspay/hyperswitch into blocklist_locker_compatibility
f6f9817
Type of Change
Refactoring the present blocklist flow and storing the fingerprint on our locker end for more security and efficiency.
More details are here in this issue.
Description
After this change we will store the fingerprints on our locker in fingerprints table. No more storing anything related to fingerprints in our DB. There will be only one table usable left for blocklsit which will be
blocklist
(stores all the fingerprints blocked by a merchant with their type and metadata).Previously we were generating the fingerprints on our application end itself after this change we will have the fingerprints generated by our locker.
Fingerprint is generated for each and every card payment. Moreover we are storing fingerprint in all the attempt tables.
Now vouching for the scenarios were there are more than one attempt associated with one intent in that case we are adding the successful attempt's fingerprint in intent.
Required DB changes
purpose: support for addition of fingerprint_id in payment_attempt table
Query:
ALTER TABLE payment_attempt ADD COLUMN IF NOT EXISTS fingerprint_id VARCHAR(64);
So how does the whole flow works:
Note: All successful attempts will have a fingerprint but intent's fingerprint will always be the successful attempt's fingerprint.
Other checkpoints under same hood
/cards/fingerprint
API call withhash_key
.Additional Changes
Motivation and Context
How did you test it?
Generating fingerprints
-> Toggle the blocklist guard from merchant account being used using
/blocklist/toggle?status=true
. More abouttoggling guard here.
-> We need to create a payment.
-> While trying to confirm the payment it will have the
fingerprint_id
in the response. This can be used to block theinstrument. If the payment was able to be captured the fingerprint will be stored in the intent table as well
Blocking fingerprints
Refer to the attached postman collection for the API contracts for the blocklist APIs(Description). Currently we support blocking three types of resources i.e. card numbers (payment intrument), card bin, and extended card bin.
blocklist_api_postman.zip
The respected curls are mentioned in the issue.
Checklist
cargo +nightly fmt --all
cargo clippy