Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(router): handle authorization for frictionless flow in external 3ds flow #4471

Merged
merged 3 commits into from Apr 29, 2024
Merged

feat(router): handle authorization for frictionless flow in external 3ds flow #4471

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bb423f3
handle authorization for frictionless netcetera
sai-harsha-vardhan Apr 26, 2024
df65703
resolve conflicts
sai-harsha-vardhan Apr 29, 2024
7bd7f03
fix postauth flow
sai-harsha-vardhan Apr 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
19 changes: 18 additions & 1 deletion crates/router/src/core/payments.rs
View file
Open in desktop
Expand Up @@ -1152,6 +1152,20 @@ impl<Ctx: PaymentMethodRetrieve> PaymentRedirectFlow<Ctx> for PaymentAuthenticat
)
.await
.to_not_found_response(errors::ApiErrorResponse::PaymentNotFound)?;
let authentication_id = payment_attempt
.authentication_id
.ok_or(errors::ApiErrorResponse::InternalServerError)
.attach_printable("missing authentication_id in payment_attempt")?;
let authentication = state
.store
.find_authentication_by_merchant_id_authentication_id(
merchant_id.clone(),
authentication_id.clone(),
)
.await
.to_not_found_response(errors::ApiErrorResponse::AuthenticationNotFound {
id: authentication_id,
})?;
// Fetching merchant_connector_account to check if pull_mechanism is enabled for 3ds connector
let authentication_merchant_connector_account = helpers::get_merchant_connector_account(
state,
Expand All @@ -1175,7 +1189,10 @@ impl<Ctx: PaymentMethodRetrieve> PaymentRedirectFlow<Ctx> for PaymentAuthenticat
.get_metadata()
.map(|metadata| metadata.expose()),
);
let response = if is_pull_mechanism_enabled {
let response = if is_pull_mechanism_enabled
|| authentication.authentication_type
== Some(common_enums::DecoupledAuthenticationType::Frictionless)
{
let payment_confirm_req = api::PaymentsRequest {
payment_id: Some(req.resource_id.clone()),
merchant_id: req.merchant_id.clone(),
Expand Down
4 changes: 3 additions & 1 deletion crates/router/src/core/webhooks.rs
View file
Open in desktop
Expand Up @@ -490,8 +490,10 @@ pub async fn external_authentication_incoming_webhook_flow<Ctx: PaymentMethodRet
// Check if it's a payment authentication flow, payment_id would be there only for payment authentication flows
if let Some(payment_id) = updated_authentication.payment_id {
let is_pull_mechanism_enabled = helper_utils::check_if_pull_mechanism_for_external_3ds_enabled_from_connector_metadata(merchant_connector_account.metadata.map(|metadata| metadata.expose()));
// Merchant doesn't have pull mechanism enabled, so we have to authorize whenever we receive a ARes webhook
// Merchant doesn't have pull mechanism enabled and if it's challenge flow, we have to authorize whenever we receive a ARes webhook
if !is_pull_mechanism_enabled
&& updated_authentication.authentication_type
== Some(common_enums::DecoupledAuthenticationType::Challenge)
&& event_type == webhooks::IncomingWebhookEvent::ExternalAuthenticationARes
{
let payment_confirm_req = api::PaymentsRequest {
Expand Down