Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(connector): [BAMBORA] Audit Fixes for Bambora #4604

Merged
merged 4 commits into from
May 9, 2024

Conversation

deepanshu-iiitu
Copy link
Contributor

@deepanshu-iiitu deepanshu-iiitu commented May 9, 2024

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

Following code improvements are done for connector Bambora:

  • Optional fields that are being passed for payments request are removed
  • 2XX and 4XX Error response are now handled properly
  • Separate try_from are now used for all the flows
  • Unwanted configs are removed
  • Default case handling is removed

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Following are the paths where you can find config files which have been updated:

  1. crates/connector_configs/toml/development.toml
  2. crates/connector_configs/toml/sandbox.toml
  3. crates/connector_configs/toml/production.toml

Motivation and Context

#4605

How did you test it?

All the payment flows need to be tested(except void) for cards(Non-3DS) via Bambora.

  1. Payments (Automatic):
    Request -
curl --location 'http://localhost:8080/payments' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'api-key: API_KEY_HERE' \
--data '{
    "amount": 2000,
    "currency": "USD",
    "confirm": true,
    "customer_id": "assdre1v",
    "authentication_type": "no_three_ds",
    "payment_method": "card",
    "payment_method_type": "credit",
    "payment_method_data": {
        "card": {
            "card_number": "4030000010001234",
            "card_exp_month": "10",
            "card_exp_year": "2024",
            "card_holder_name": "Sundari KK",
            "card_cvc": "123"
        }
    }
}'

Response -

{
    "payment_id": "pay_WLq2W1Lf6nDlkSVsTfXH",
    "merchant_id": "merchant_1714730521",
    "status": "succeeded",
    "amount": 2000,
    "net_amount": 2000,
    "amount_capturable": 0,
    "amount_received": 2000,
    "connector": "bambora",
    "client_secret": "pay_WLq2W1Lf6nDlkSVsTfXH_secret_AGkc7on7LPYnS4tzNDrh",
    "created": "2024-05-09T11:29:26.243Z",
    "currency": "USD",
    "customer_id": "assdre1v",
    "customer": {
        "id": "assdre1v",
        "name": null,
        "email": null,
        "phone": null,
        "phone_country_code": null
    },
    "description": null,
    "refunds": null,
    "disputes": null,
    "mandate_id": null,
    "mandate_data": null,
    "setup_future_usage": null,
    "off_session": null,
    "capture_on": null,
    "capture_method": null,
    "payment_method": "card",
    "payment_method_data": {
        "card": {
            "last4": "1234",
            "card_type": null,
            "card_network": null,
            "card_issuer": null,
            "card_issuing_country": null,
            "card_isin": "403000",
            "card_extended_bin": null,
            "card_exp_month": "10",
            "card_exp_year": "2024",
            "card_holder_name": "Sundari KK",
            "payment_checks": null,
            "authentication_data": null
        },
        "billing": null
    },
    "payment_token": null,
    "shipping": null,
    "billing": null,
    "order_details": null,
    "email": null,
    "name": null,
    "phone": null,
    "return_url": null,
    "authentication_type": "no_three_ds",
    "statement_descriptor_name": null,
    "statement_descriptor_suffix": null,
    "next_action": null,
    "cancellation_reason": null,
    "error_code": null,
    "error_message": null,
    "unified_code": null,
    "unified_message": null,
    "payment_experience": null,
    "payment_method_type": "credit",
    "connector_label": null,
    "business_country": null,
    "business_label": "default",
    "business_sub_label": null,
    "allowed_payment_method_types": null,
    "ephemeral_key": {
        "customer_id": "assdre1v",
        "created_at": 1715254166,
        "expires": 1715257766,
        "secret": "epk_1b0a796b1c1d4f2ebac92c20ba7f2381"
    },
    "manual_retry_allowed": false,
    "connector_transaction_id": "10004856",
    "frm_message": null,
    "metadata": null,
    "connector_metadata": null,
    "feature_metadata": null,
    "reference_id": "pay_WLq2W1Lf6nDlkSVsTfXH_1",
    "payment_link": null,
    "profile_id": "pro_l8ERwD92l71RbPpGZZz9",
    "surcharge_details": null,
    "attempt_count": 1,
    "merchant_decision": null,
    "merchant_connector_id": "mca_ybl21De1o5q31x82RpEj",
    "incremental_authorization_allowed": null,
    "authorization_count": null,
    "incremental_authorizations": null,
    "external_authentication_details": null,
    "external_3ds_authentication_attempted": false,
    "expires_on": "2024-05-09T11:44:26.243Z",
    "fingerprint": null,
    "browser_info": null,
    "payment_method_id": null,
    "payment_method_status": null,
    "updated": "2024-05-09T11:29:28.588Z"
}
  1. Payments (Manual):
    Request -
curl --location 'http://localhost:8080/payments' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'api-key: API_KEY_HERE' \
--data '{
    "amount": 2000,
    "currency": "USD",
    "confirm": true,
    "customer_id": "assdre1v",
    "capture_method": "manual",
    "authentication_type": "no_three_ds",
    "payment_method": "card",
    "payment_method_type": "credit",
    "payment_method_data": {
        "card": {
            "card_number": "4030000010001234",
            "card_exp_month": "10",
            "card_exp_year": "2024",
            "card_holder_name": "Sundari KK",
            "card_cvc": "123"
        }
    }
}'

Response -

{
    "payment_id": "pay_xHfLlrcSjSKeOPaw1GGz",
    "merchant_id": "merchant_1714730521",
    "status": "requires_capture",
    "amount": 2000,
    "net_amount": 2000,
    "amount_capturable": 2000,
    "amount_received": null,
    "connector": "bambora",
    "client_secret": "pay_xHfLlrcSjSKeOPaw1GGz_secret_wTB68iFSUs9LuEiSJy6O",
    "created": "2024-05-09T11:29:40.405Z",
    "currency": "USD",
    "customer_id": "assdre1v",
    "customer": {
        "id": "assdre1v",
        "name": null,
        "email": null,
        "phone": null,
        "phone_country_code": null
    },
    "description": null,
    "refunds": null,
    "disputes": null,
    "mandate_id": null,
    "mandate_data": null,
    "setup_future_usage": null,
    "off_session": null,
    "capture_on": null,
    "capture_method": "manual",
    "payment_method": "card",
    "payment_method_data": {
        "card": {
            "last4": "1234",
            "card_type": null,
            "card_network": null,
            "card_issuer": null,
            "card_issuing_country": null,
            "card_isin": "403000",
            "card_extended_bin": null,
            "card_exp_month": "10",
            "card_exp_year": "2024",
            "card_holder_name": "Sundari KK",
            "payment_checks": null,
            "authentication_data": null
        },
        "billing": null
    },
    "payment_token": null,
    "shipping": null,
    "billing": null,
    "order_details": null,
    "email": null,
    "name": null,
    "phone": null,
    "return_url": null,
    "authentication_type": "no_three_ds",
    "statement_descriptor_name": null,
    "statement_descriptor_suffix": null,
    "next_action": null,
    "cancellation_reason": null,
    "error_code": null,
    "error_message": null,
    "unified_code": null,
    "unified_message": null,
    "payment_experience": null,
    "payment_method_type": "credit",
    "connector_label": null,
    "business_country": null,
    "business_label": "default",
    "business_sub_label": null,
    "allowed_payment_method_types": null,
    "ephemeral_key": {
        "customer_id": "assdre1v",
        "created_at": 1715254180,
        "expires": 1715257780,
        "secret": "epk_28013d1f51344818865586555d178f34"
    },
    "manual_retry_allowed": false,
    "connector_transaction_id": "10004857",
    "frm_message": null,
    "metadata": null,
    "connector_metadata": null,
    "feature_metadata": null,
    "reference_id": "pay_xHfLlrcSjSKeOPaw1GGz_1",
    "payment_link": null,
    "profile_id": "pro_l8ERwD92l71RbPpGZZz9",
    "surcharge_details": null,
    "attempt_count": 1,
    "merchant_decision": null,
    "merchant_connector_id": "mca_ybl21De1o5q31x82RpEj",
    "incremental_authorization_allowed": null,
    "authorization_count": null,
    "incremental_authorizations": null,
    "external_authentication_details": null,
    "external_3ds_authentication_attempted": false,
    "expires_on": "2024-05-09T11:44:40.405Z",
    "fingerprint": null,
    "browser_info": null,
    "payment_method_id": null,
    "payment_method_status": null,
    "updated": "2024-05-09T11:29:42.247Z"
}
  1. Payments (Capture):
    Request -
curl --location 'http://localhost:8080/payments/pay_Qjbk8kB5wduiuuBOvI2Y/capture' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'api-key: API_KEY_HERE' \
--data '{
    "amount_to_capture": 2000,
    "statement_descriptor_name": "Joseph",
    "statement_descriptor_suffix": "JS"
}'

Response -

{
    "payment_id": "pay_xHfLlrcSjSKeOPaw1GGz",
    "merchant_id": "merchant_1714730521",
    "status": "succeeded",
    "amount": 2000,
    "net_amount": 2000,
    "amount_capturable": 0,
    "amount_received": 2000,
    "connector": "bambora",
    "client_secret": "pay_xHfLlrcSjSKeOPaw1GGz_secret_wTB68iFSUs9LuEiSJy6O",
    "created": "2024-05-09T11:29:40.405Z",
    "currency": "USD",
    "customer_id": "assdre1v",
    "customer": {
        "id": "assdre1v",
        "name": null,
        "email": null,
        "phone": null,
        "phone_country_code": null
    },
    "description": null,
    "refunds": null,
    "disputes": null,
    "mandate_id": null,
    "mandate_data": null,
    "setup_future_usage": null,
    "off_session": null,
    "capture_on": null,
    "capture_method": "manual",
    "payment_method": "card",
    "payment_method_data": {
        "card": {
            "last4": "1234",
            "card_type": null,
            "card_network": null,
            "card_issuer": null,
            "card_issuing_country": null,
            "card_isin": "403000",
            "card_extended_bin": null,
            "card_exp_month": "10",
            "card_exp_year": "2024",
            "card_holder_name": "Sundari KK",
            "payment_checks": null,
            "authentication_data": null
        },
        "billing": null
    },
    "payment_token": null,
    "shipping": null,
    "billing": null,
    "order_details": null,
    "email": null,
    "name": null,
    "phone": null,
    "return_url": null,
    "authentication_type": "no_three_ds",
    "statement_descriptor_name": null,
    "statement_descriptor_suffix": null,
    "next_action": null,
    "cancellation_reason": null,
    "error_code": null,
    "error_message": null,
    "unified_code": null,
    "unified_message": null,
    "payment_experience": null,
    "payment_method_type": "credit",
    "connector_label": null,
    "business_country": null,
    "business_label": "default",
    "business_sub_label": null,
    "allowed_payment_method_types": null,
    "ephemeral_key": null,
    "manual_retry_allowed": false,
    "connector_transaction_id": "10004858",
    "frm_message": null,
    "metadata": null,
    "connector_metadata": null,
    "feature_metadata": null,
    "reference_id": "pay_xHfLlrcSjSKeOPaw1GGz_1",
    "payment_link": null,
    "profile_id": "pro_l8ERwD92l71RbPpGZZz9",
    "surcharge_details": null,
    "attempt_count": 1,
    "merchant_decision": null,
    "merchant_connector_id": "mca_ybl21De1o5q31x82RpEj",
    "incremental_authorization_allowed": null,
    "authorization_count": null,
    "incremental_authorizations": null,
    "external_authentication_details": null,
    "external_3ds_authentication_attempted": false,
    "expires_on": "2024-05-09T11:44:40.405Z",
    "fingerprint": null,
    "browser_info": null,
    "payment_method_id": null,
    "payment_method_status": null,
    "updated": "2024-05-09T11:30:15.379Z"
}
  1. Refunds:
    Request -
curl --location 'http://localhost:8080/refunds' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'api-key: API_KEY_HERE' \
--data '{
    "amount": 100,
    "payment_id": "pay_xHfLlrcSjSKeOPaw1GGz",
    "reason": "Customer returned product",
    "refund_type": "instant",
    "metadata": {
        "udf1": "value1",
        "new_customer": "true",
        "login_date": "2019-09-10T10:11:12Z"
    }
}'

Response:

{
    "refund_id": "ref_i2J7zKX1kzvU00IPSW2m",
    "payment_id": "pay_xHfLlrcSjSKeOPaw1GGz",
    "amount": 100,
    "currency": "USD",
    "status": "succeeded",
    "reason": "Customer returned product",
    "metadata": {
        "udf1": "value1",
        "new_customer": "true",
        "login_date": "2019-09-10T10:11:12Z"
    },
    "error_message": null,
    "error_code": null,
    "created_at": "2024-05-09T11:33:37.772Z",
    "updated_at": "2024-05-09T11:33:37.772Z",
    "connector": "bambora",
    "profile_id": "pro_l8ERwD92l71RbPpGZZz9",
    "merchant_connector_id": "mca_ybl21De1o5q31x82RpEj"
}

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@deepanshu-iiitu deepanshu-iiitu added A-connector-integration Area: Connector integration C-bug Category: Bug labels May 9, 2024
@deepanshu-iiitu deepanshu-iiitu self-assigned this May 9, 2024
@deepanshu-iiitu deepanshu-iiitu requested a review from a team as a code owner May 9, 2024 11:01
@deepanshu-iiitu deepanshu-iiitu linked an issue May 9, 2024 that may be closed by this pull request
2 tasks
@deepanshu-iiitu deepanshu-iiitu requested a review from a team as a code owner May 9, 2024 11:21
Comment on lines 559 to 563
Ok(format!(
"{}/v1/payments/{}{}",
self.base_url(connectors),
connector_payment_id,
"/void"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not required as a variable

Suggested change
Ok(format!(
"{}/v1/payments/{}{}",
self.base_url(connectors),
connector_payment_id,
"/void"
Ok(format!(
"{}/v1/payments/{}/void",
self.base_url(connectors),
connector_payment_id,

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

Comment on lines 150 to 152
.ip_address
.map(|ip_address| Secret::new(format!("{ip_address}"))),
),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use the util get_ip_address

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

Comment on lines 404 to 405
[bambora.connector_webhook_details]
merchant_secret="Source verification key"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can remove this as well, if we don't support webhooks via Bambora

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue May 9, 2024
Merged via the queue into main with commit 366596f May 9, 2024
9 of 12 checks passed
@Gnanasundari24 Gnanasundari24 deleted the bambora-audit-fixes branch May 9, 2024 13:22
pixincreate added a commit that referenced this pull request May 10, 2024
…efactor

* 'main' of github.com:juspay/hyperswitch:
  chore(version): 2024.05.10.0
  fix(router): [NETCETERA] skip sending browser_information in authentication request for app device_channel (#4613)
  fix(users): Fix bugs caused by the new token only flows (#4607)
  ci(cypress): Fix card expiry for savecard flows (#4585)
  refactor(billing): store `payment_method_data_billing` for recurring payments (#4513)
  feat(users): new routes to accept invite and list merchants (#4591)
  fix(connector): [BAMBORA] Audit Fixes for Bambora (#4604)
  fix(connector): [iatapay]handle empty error response in case of 401 (#4291)
  feat(connector): [Payone] add connector template code (#4469)
  feat(users): Create API to Verify TOTP (#4597)
  chore(version): 2024.05.09.0
  chore(postman): update Postman collection files
  fix(core): drop three_dsserver_trans_id from authentication table (#4587)
  refactor(db): Add TenantId field to the KafkaStore struct (#4512)
  feat(users): Create `user_key_store` table and `begin_totp` API (#4577)
  Fix(connector): [BOA/CYBS] make rsync status optional (#4570)
  fix(users): Correct the condition for `verify_email` flow in decision manger (#4580)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-connector-integration Area: Connector integration C-bug Category: Bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[FEATURE] [BAMBORA] Audit Fixes for connector Bambora
4 participants