hosted fields

buckaroo-it · Jul 29, 2024 · 824fe82 · 824fe82
1 parent 20d2c11
commit 824fe82
Show file tree

Hide file tree

Showing 8 changed files with 442 additions and 415 deletions.
diff --git a/Controller/CredentialsChecker/GetToken.php b/Controller/CredentialsChecker/GetToken.php
@@ -0,0 +1,142 @@
+<?php
+namespace Buckaroo\Magento2\Controller\CredentialsChecker;
+
+use Buckaroo\Magento2\Model\ConfigProvider\Account;
+use Magento\Framework\App\Action\Action;
+use Magento\Framework\App\Action\Context;
+use Magento\Framework\Controller\Result\JsonFactory;
+use Psr\Log\LoggerInterface;
+use Magento\Framework\Encryption\EncryptorInterface;
+use Magento\Store\Model\StoreManagerInterface;
+
+class GetToken extends Action
+{
+    protected $resultJsonFactory;
+    protected $logger;
+    protected $configProviderAccount;
+    protected $encryptor;
+    protected $store;
+
+    public function __construct(
+        Context $context,
+        JsonFactory $resultJsonFactory,
+        LoggerInterface $logger,
+        Account $configProviderAccount,
+        EncryptorInterface $encryptor,
+        StoreManagerInterface $storeManager
+    ) {
+        $this->resultJsonFactory = $resultJsonFactory;
+        $this->logger = $logger;
+        $this->configProviderAccount = $configProviderAccount;
+        $this->encryptor = $encryptor;
+        $this->store = $storeManager->getStore();
+        parent::__construct($context);
+    }
+
+    private function sendPostRequest($url, $username, $password, $postData) {
+        // Initialize cURL
+        $ch = curl_init();
+
+        // Set the URL
+        curl_setopt($ch, CURLOPT_URL, $url);
+
+        // Set the HTTP method to POST
+        curl_setopt($ch, CURLOPT_POST, true);
+
+        // Set the username and password for Basic Auth
+        curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
+
+        // Set the Content-Type to application/x-www-form-urlencoded
+        curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/x-www-form-urlencoded']);
+
+        // Set the POST fields
+        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
+
+        // Return the response instead of printing it
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+
+        // Execute the request
+        $response = curl_exec($ch);
+
+        // Check for cURL errors
+        if ($response === false) {
+            $error = 'Curl error: ' . curl_error($ch);
+            curl_close($ch);
+            throw new \Exception($error);
+        }
+
+        // Close the cURL session
+        curl_close($ch);
+        return $response;
+    }
+
+    protected function getHostedFieldsUsername()
+    {
+        try {
+            return $this->encryptor->decrypt(
+                $this->configProviderAccount->getHostedFieldsUsername($this->store)
+            );
+        } catch (\Exception $e) {
+            $this->logger->error('Error decrypting Hosted Fields Username: ' . $e->getMessage());
+            return null;
+        }
+    }
+
+    protected function getHostedFieldsPassword()
+    {
+        try {
+            return $this->encryptor->decrypt(
+                $this->configProviderAccount->getHostedFieldsPassword($this->store)
+            );
+        } catch (\Exception $e) {
+            $this->logger->error('Error decrypting Hosted Fields Password: ' . $e->getMessage());
+            return null;
+        }
+    }
+
+    public function execute()
+    {
+        $result = $this->resultJsonFactory->create();
+
+        $requestOrigin = $this->getRequest()->getHeader('X-Requested-From');
+
+        if ($requestOrigin !== 'MagentoFrontend') {
+            return $result->setHttpResponseCode(403)->setData(['error' => 'Unauthorized request']);
+        }
+
+        $hostedFieldsUsername = $this->getHostedFieldsUsername();
+        $hostedFieldsPassword = $this->getHostedFieldsPassword();
+
+        if (!empty($hostedFieldsUsername) && !empty($hostedFieldsPassword)) {
+            try {
+                $url = "https://auth.buckaroo.io/oauth/token";
+                $postData = [
+                    'scope' => 'hostedfields:save',
+                    'grant_type' => 'client_credentials'
+                ];
+
+                $response = $this->sendPostRequest($url, $hostedFieldsUsername, $hostedFieldsPassword, $postData);
+                $responseArray = json_decode($response, true);
+
+                if (isset($responseArray['access_token'])) {
+                    return $result->setData($responseArray);
+                }
+
+                return $result->setHttpResponseCode(500)->setData([
+                    'error' => 'Unable to fetch token',
+                    'response' => $response
+                ]);
+            } catch (\Exception $e) {
+                $this->logger->error('Error occurred while fetching token: ' . $e->getMessage());
+                return $result->setHttpResponseCode(500)->setData([
+                    'error' => 'An error occurred while fetching the token',
+                    'message' => $e->getMessage()
+                ]);
+            }
+        } else {
+            return $result->setHttpResponseCode(400)->setData([
+                'error' => 'Hosted Fields Username or Password is empty.'
+            ]);
+        }
+    }
+}
diff --git a/Model/ConfigProvider/Account.php b/Model/ConfigProvider/Account.php
@@ -31,6 +31,8 @@
  * @method mixed getActive()
  * @method mixed getSecretKey()
  * @method mixed getMerchantKey()
+ * @method mixed getHostedFieldsUsername()
+ * @method mixed getHostedFieldsPassword()
  * @method mixed getMerchantGuid()
  * @method mixed getTransactionLabel()
  * @method mixed getCertificateFile()
@@ -58,6 +60,8 @@ class Account extends AbstractConfigProvider
     const XPATH_ACCOUNT_ACTIVE                          = 'buckaroo_magento2/account/active';
     const XPATH_ACCOUNT_SECRET_KEY                      = 'buckaroo_magento2/account/secret_key';
     const XPATH_ACCOUNT_MERCHANT_KEY                    = 'buckaroo_magento2/account/merchant_key';
+    const XPATH_ACCOUNT_HOSTED_FIELDS_USERNAME          = 'buckaroo_magento2/account/hosted_fields_username';
+    const XPATH_ACCOUNT_HOSTED_FIELDS_PASSWORD          = 'buckaroo_magento2/account/hosted_fields_password';
     const XPATH_ACCOUNT_MERCHANT_GUID                   = 'buckaroo_magento2/account/merchant_guid';
     const XPATH_ACCOUNT_TRANSACTION_LABEL               = 'buckaroo_magento2/account/transaction_label';
     const XPATH_ACCOUNT_INVOICE_HANDLING                = 'buckaroo_magento2/account/invoice_handling';
@@ -121,6 +125,8 @@ public function getConfig($store = null)
             'active'                            => $this->getActive($store),
             'secret_key'                        => $this->getSecretKey($store),
             'merchant_key'                      => $this->getMerchantKey($store),
+            'hosted_fields_username'            => $this->getHostedFieldsUsername($store),
+            'hosted_fields_password'            => $this->getHostedFieldsPassword($store),
             'merchant_guid'                     => $this->getMerchantGuid($store),
             'transaction_label'                 => $this->getTransactionLabel($store),
             'certificate_file'                  => $this->getCertificateFile($store),

diff --git a/etc/adminhtml/system/account.xml b/etc/adminhtml/system/account.xml
@@ -56,6 +56,22 @@
             </depends>
         </field>
 
+        <field id="hosted_fields_username" translate="label comment tooltip" type="obscure" sortOrder="33" showInDefault="1" showInWebsite="1" showInStore="1">
+            <label>Hosted Fields Username</label>
+            <comment><![CDATA[Enter your Buckaroo Hosted Fields Username.]]></comment>
+            <tooltip>The Secret Key can be retrieved in Payment Plaza under Configuration > Security > Secret Key. For support contact Buckaroo.</tooltip>
+            <backend_model>Magento\Config\Model\Config\Backend\Encrypted</backend_model>
+            <config_path>buckaroo_magento2/account/hosted_fields_username</config_path>
+        </field>
+
+        <field id="hosted_fields_password" translate="label comment tooltip" type="obscure" sortOrder="34" showInDefault="1" showInWebsite="1" showInStore="1">
+            <label>Hosted Fields Password</label>
+            <comment><![CDATA[Enter your Buckaroo Hosted Fields Password.]]></comment>
+            <tooltip>The (Merchant) Key can be retrieved in Payment Plaza under My Buckaroo > Websites. For support contact Buckaroo.</tooltip>
+            <backend_model>Magento\Config\Model\Config\Backend\Encrypted</backend_model>
+            <config_path>buckaroo_magento2/account/hosted_fields_password</config_path>
+        </field>
+
         <field id="merchant_guid" translate="label comment tooltip" type="text" sortOrder="35" showInDefault="1" showInWebsite="1" showInStore="1">
             <label>(Merchant) guid</label>
             <comment><![CDATA[Enter your Buckaroo merchant guid.]]></comment>

diff --git a/etc/csp_whitelist.xml b/etc/csp_whitelist.xml
@@ -1,13 +1,15 @@
 <?xml version="1.0"?>
-<csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp:etc/csp_white
-list.xsd">
+<csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp:etc/csp_whitelist.xsd">
     <policies>
         <policy id="script-src">
             <values>
                 <value id="buckaroo-static" type="host">https://static.buckaroo.nl</value>
                 <value id="buckaroo-checkout" type="host">https://checkout.buckaroo.nl</value>
                 <value id="buckaroo-checkout-test" type="host">https://testcheckout.buckaroo.nl</value>
                 <value id="buckaroo" type="host">https://buckaroo.nl</value>
+                <value id="buckaroo-hostedfields-alpha" type="host">https://hostedfields-externalapi.alpha.buckaroo.aws</value>
+                <value id="buckaroo-hostedfields" type="host">https://hostedfields-externalapi.prod-pci.buckaroo.io</value>
+                <value id="tailwindcss-cdn" type="host">https://cdn.tailwindcss.com</value>
             </values>
         </policy>
         <policy id="style-src">
@@ -27,6 +29,8 @@ list.xsd">
                 <value id="buckaroo-ws" type="host">wss://websockets.buckaroo.io/</value>
                 <value id="buckaroo-checkout" type="host">https://checkout.buckaroo.nl</value>
                 <value id="buckaroo-checkout-test" type="host">https://testcheckout.buckaroo.nl</value>
+                <value id="buckaroo-hostedfields-alpha-connect" type="host">https://hostedfields-externalapi.alpha.buckaroo.aws</value>
+                <value id="buckaroo-hostedfields-connect" type="host">https://hostedfields-externalapi.prod-pci.buckaroo.io</value>
             </values>
         </policy>
     </policies>

diff --git a/view/frontend/layout/checkout_index_index.xml b/view/frontend/layout/checkout_index_index.xml
@@ -22,6 +22,7 @@
 <page xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" layout="checkout" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
     <head>
         <css src="Buckaroo_Magento2::css/styles.css" />
+        <script src="https://cdn.tailwindcss.com" src_type="url" />
     </head>
 
     <body>

diff --git a/view/frontend/requirejs-config.js b/view/frontend/requirejs-config.js
@@ -37,6 +37,8 @@ var config = {
             "buckaroo/payconiq/pay": "Buckaroo_Magento2/js/view/checkout/payconiq/pay",
             "buckaroo/mrcash/pay": "Buckaroo_Magento2/js/view/checkout/mrcash/pay",
             "BuckarooClientSideEncryption": "//static.buckaroo.nl/script/ClientSideEncryption001.js",
+            "BuckarooHostedFieldsSdkAlpha": "//hostedfields-externalapi.alpha.buckaroo.aws/v1/sdk",
+            "BuckarooHostedFieldsSdk": "//hostedfields-externalapi.prod-pci.buckaroo.io/v1/sdk",
             "buckaroo/checkout/common": "Buckaroo_Magento2/js/view/checkout/common",
             "buckaroo/checkout/datepicker": "Buckaroo_Magento2/js/view/checkout/datepicker",
             "buckaroo/paypal-express/pay": "Buckaroo_Magento2/js/view/checkout/paypal-express/pay",