Merge pull request #22 from xendit/TPI-7505/whmcs-3-ds-2

Implement new 3DS
xendit · Jul 4, 2022 · 8ec4669 · 8ec4669
2 parents ce5f11d + 8460c09
commit 8ec4669
Show file tree

Hide file tree

Showing 11 changed files with 333 additions and 121 deletions.
diff --git a/modules/gateways/callback/xendit.php b/modules/gateways/callback/xendit.php
@@ -14,76 +14,96 @@
 
 $gatewayModuleName = basename(__FILE__, '.php');
 $gatewayParams = getGatewayVariables($gatewayModuleName);
-$action = $_REQUEST['action'] ?? "";
+$postData = $_REQUEST;
+$action = $postData['action'] ?? "";
 
 // Create/Update credit card
 if ($action == 'updatecc' || $action == "createcc") {
-    // Retrieve data returned in redirect
-    $params = [
-        "publicKey" => $xenditRequest->getPublicKey(),
-        "secretKey" => $xenditRequest->getSecretKey(),
-        "gatewayModuleName" => $gatewayParams['paymentmethod'],
-        "customerId" => $_REQUEST['customer_id'] ?? '',
-        "cardLastFour" => $_REQUEST['xendit_card_number'] ? substr($_REQUEST['xendit_card_number'], -4, 4) : "",
-        "cardExpiryDate" => isset($_REQUEST['xendit_card_exp_month']) && isset($_REQUEST['xendit_card_exp_year'])
-            ? sprintf("%s%s", $_REQUEST['xendit_card_exp_month'], substr($_REQUEST['xendit_card_exp_year'], -2))
-            : "",
-        "cardType" => $_REQUEST['xendit_card_type'] ? (
-            CreditCard::CARD_LABEL[$_REQUEST['xendit_card_type']] ?? ""
-        ) : "",
-        "cardToken" => $_REQUEST['xendit_token'] ?? "",
-        "cardDescription" => $_REQUEST['card_description'] ?? "",
-        "paymentmethod" => $gatewayParams['paymentmethod'],
-        "invoiceId" => $_REQUEST['invoice_id'] ?? '',
-        "payMethodId" => $_REQUEST['custom_reference'] ?? ''
-    ];
-    $verificationHash = $_REQUEST['verification_hash'] ?? '';
-    $payMethodId = isset($_REQUEST['custom_reference']) ? (int)$_REQUEST['custom_reference'] : 0;
+    /*
+     * Make sure the 3DS authentication status = 1
+     * That mean the CC token is valid to create the charge
+     */
+//    if(!isset($postData['xendit_3ds_authentication_status']) || $postData['xendit_3ds_authentication_status'] == 0){
+//        logTransaction($gatewayParams['paymentmethod'], $postData, "3DS authentication failed");
+//        $creditCard->renderJson(
+//            [
+//                'error' => true,
+//                'message' => '3DS authentication failed.',
+//            ]
+//        );
+//    }
 
-    // validate hash
+    /*
+     * Make sure the credit card info has value
+     * We extract card data to save card token
+     */
+    if (!$creditCard->validateCardInfo($postData)) {
+        logTransaction($gatewayParams['paymentmethod'], $postData, "Missing cared information.");
+        $creditCard->renderJson(
+            [
+                'error' => true,
+                'message' => 'Missing card information.',
+            ]
+        );
+    }
+
+    /*
+     * Extract CC data from REQUEST
+     */
+    $params = array_merge(
+        $creditCard->extractCardData($postData),
+        [
+            "publicKey" => $xenditRequest->getPublicKey(),
+            "secretKey" => $xenditRequest->getSecretKey(),
+            "gatewayModuleName" => $gatewayParams['paymentmethod'],
+            "paymentmethod" => $gatewayParams['paymentmethod'],
+        ]
+    );
+
+    /*
+     * Verification hash data is correct
+     * We generate the hash on the create/update CC form which used to validate again before save CC
+     */
+    $verificationHash = $postData['verification_hash'] ?? '';
     if ($creditCard->compareHash($verificationHash, $params)) {
-        logTransaction($gatewayParams['paymentmethod'], $_REQUEST, "Invalid Hash");
-        die('Invalid hash.');
+        logTransaction($gatewayParams['paymentmethod'], $postData, "Invalid Hash");
+        $creditCard->renderJson(
+            [
+                'error' => true,
+                'message' => 'Invalid Hash',
+            ]
+        );
     }
 
     // Save credit card if it has card Token
     if (!empty($params["cardToken"])) {
         try {
             $creditCard->saveCreditCardToken($params, $action == "createcc");
-
-            // Show success message.
-            echo json_encode(
+            $creditCard->renderJson(
                 [
                     'error' => false,
-                    'message' => 'Success'
+                    'message' => 'Success',
                 ]
             );
-            exit;
         } catch (Exception $e) {
             // Log to gateway log as unsuccessful.
-            logTransaction($gatewayParams['paymentmethod'], $_REQUEST, $e->getMessage());
-
-            // Show failure message.
-            echo json_encode(
+            logTransaction($gatewayParams['paymentmethod'], $postData, $e->getMessage());
+            $creditCard->renderJson(
                 [
                     'error' => true,
-                    'message' => $e->getMessage()
+                    'message' => $e->getMessage(),
                 ]
             );
-            exit;
         }
     } else {
         // Log to gateway log as unsuccessful.
-        logTransaction($gatewayParams['paymentmethod'], $_REQUEST, 'Save credit card failed');
-
-        // Show failure message.
-        echo json_encode(
+        logTransaction($gatewayParams['paymentmethod'], $postData, 'Save credit card failed');
+        $creditCard->renderJson(
             [
                 'error' => true,
-                'message' => $action == "createcc" ? "Payment method failed to create successfully. Please try again." : "Payment method failed to save changes. Please try again."
+                'message' => $action == "createcc" ? "Payment method failed to create successfully. Please try again." : "Payment method failed to save changes. Please try again.",
             ]
         );
-        exit;
     }
 } else {
     // use for callback

diff --git a/modules/gateways/xendit.php b/modules/gateways/xendit.php
@@ -10,9 +10,11 @@
 require __DIR__ . '/xendit/autoload.php';
 
 // defines
-define('XENDIT_PAYMENT_GATEWAY_VERSION', '1.0.5');
+define('XENDIT_PAYMENT_GATEWAY_VERSION', '1.0.6');
 
 use WHMCS\Billing\Invoice;
+use Xendit\Lib\ActionBase;
+use Xendit\Lib\Link;
 use Xendit\Lib\Model\XenditTransaction;
 use Xendit\Lib\Recurring;
 use Xendit\Lib\XenditRequest;
@@ -38,7 +40,7 @@ function xendit_MetaData()
 function xendit_config()
 {
     (new \Xendit\Lib\Migrate())->createTransactionTable();
-    return (new \Xendit\Lib\ActionBase())->createConfig();
+    return (new ActionBase())->createConfig();
 }
 
 /**
@@ -67,11 +69,15 @@ function xendit_deactivate()
 /**
  * @param $params
  * @return string
- * @throws Exception
  */
 function xendit_link($params)
 {
-    return (new \Xendit\Lib\Link())->generatePaymentLink($params);
+    $link = new Link();
+    try {
+        return $link->generatePaymentLink($params);
+    } catch (\Exception $e) {
+        return $link->errorMessage($e->getMessage());
+    }
 }
 
 /**
@@ -188,6 +194,16 @@ function xendit_remoteinput($params)
     $publicKey = $params['xenditTestMode'] == 'on' ? $params['xenditTestPublicKey'] : $params['xenditPublicKey'];
     $secretKey = $params['xenditTestMode'] == 'on' ? $params['xenditTestSecretKey'] : $params['xenditSecretKey'];
 
+    $xenditRequest = new XenditRequest();
+
+    // Card settings
+    try {
+        $cardSettings = $xenditRequest->getCardSettings();
+        $canUseDynamic3ds = $cardSettings['can_use_dynamic_3ds'] ?? 0;
+    } catch (\Exception $e) {
+        return (new ActionBase)->errorMessage($e->getMessage());
+    }
+
     // Client Parameters
     $clientId = $params["clientdetails"]["id"] ?? $params['userid'];
 
@@ -211,6 +227,7 @@ function xendit_remoteinput($params)
         'customer_id' => $clientId,
         'return_url' => $systemUrl . 'modules/gateways/callback/xendit.php',
         'payment_method_url' => $systemUrl . 'index.php?rp=/account/paymentmethods',
+        'can_use_dynamic_3ds' => $canUseDynamic3ds,
         'verification_hash' => sha1(
             implode('|', [
                 $publicKey,
@@ -275,6 +292,14 @@ function xendit_remoteupdate($params)
     $secretKey = $xenditRequest->getSecretKey();
     $remoteStorageToken = $params['gatewayid'];
 
+    // Card settings
+    try {
+        $cardSettings = $xenditRequest->getCardSettings();
+        $canUseDynamic3ds = $cardSettings['can_use_dynamic_3ds'] ?? 0;
+    } catch (\Exception $e) {
+        return (new ActionBase)->errorMessage($e->getMessage());
+    }
+
     // Client Parameters
     $clientId = $params['client_id'] ?? $params['userid'];
     $payMethodId = $params['paymethodid'];
@@ -301,6 +326,7 @@ function xendit_remoteupdate($params)
         'customer_id' => $clientId,
         'return_url' => $systemUrl . 'modules/gateways/callback/xendit.php',
         'payment_method_url' => $systemUrl . 'index.php?rp=/account/paymentmethods',
+        'can_use_dynamic_3ds' => $canUseDynamic3ds,
         'verification_hash' => sha1(
             implode('|', [
                 $publicKey,

diff --git a/modules/gateways/xendit/assets/css/styles.css b/modules/gateways/xendit/assets/css/styles.css
@@ -0,0 +1,24 @@
+.three-ds-overlay {
+    position: fixed;
+    top: 0;
+    left: 0;
+    height: 100%;
+    width: 100%;
+    background-color: rgba(0,0,0,0.5);
+    z-index: 999;
+}
+
+#three-ds-container {
+    width: 550px;
+    height: 450px;
+    line-height: 200px;
+    position: fixed;
+    top: 25%;
+    left: 32%;
+    margin-top: -100px;
+    margin-left: -150px;
+    background-color: #ffffff;
+    border-radius: 5px;
+    text-align: center;
+    z-index: 9999; /* 1px higher than the overlay layer */
+}