Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(payment_methods_v2): Added Ephemeral auth for v2 #6813

Merged
merged 30 commits into from
Dec 22, 2024
Merged

feat(payment_methods_v2): Added Ephemeral auth for v2 #6813

merged 30 commits into from
Dec 22, 2024

Conversation

Sarthak1799
Copy link
Contributor

@Sarthak1799 Sarthak1799 commented Dec 11, 2024
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

This PR contains -

  • Ephemeral auth support for v2 (including resource type product identifier)
  • Minor Fixes for Payment methods v2 CRUD APIs
  • Removed Client secret auth from PaymentMethod CRUD APIs

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

  1. Create Payment Method Intent
curl --location --request POST 'http://localhost:8080/v2/payment-methods/create-intent' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'X-Profile-Id: pro_DMmRBLpkNczeVDPd2EKd' \
--header 'api-key: dev_HVwdf7yWqJ9GGfw1CLDbAgjOFYHrPXoisK8pJcVPfdbc73238GROVpDhN3M9cPe2' \
--data-raw '{
  "customer_id": "cus_0193ab7e6cc074939f389817610cd5b1"
}'

Response

{
    "merchant_id": "cloth_seller_pcGA5SfzTmVUTBKvh2T3",
    "customer_id": "cus_0193ab7e6cc074939f389817610cd5b1",
    "payment_method_id": "12345_pm_0193b69ba645716086c0fe21c462cf2d",
    "payment_method_type": null,
    "payment_method_subtype": null,
    "recurring_enabled": false,
    "created": "2024-12-11T16:44:34.261Z",
    "last_used_at": "2024-12-11T16:44:34.261Z",
    "ephemeral_key": "epk_0c6ebab77f51446ab30467640a6f8f02",
    "payment_method_data": null
}
  1. Use Ephemeral key to confirm intent
curl --location --request POST 'http://localhost:8080/v2/payment-methods/12345_pm_0193b69ba645716086c0fe21c462cf2d/confirm-intent' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'X-Profile-Id: pro_DMmRBLpkNczeVDPd2EKd' \
--header 'X-Resource-Type: payment_method' \
--header 'api-key: epk_0c6ebab77f51446ab30467640a6f8f02' \
--data-raw '{
    "payment_method_type": "card",
    "payment_method_subtype": "credit",
    "payment_method_data": {
        "card": {
            "card_number": "4242424242424242",
            "card_exp_month": "12",
            "card_exp_year": "2025",
            "card_holder_name": "joseph Doe"
        }
    },
    "customer_id": "cus_0193ab7e6cc074939f389817610cd5b1"
}'

Response -

{
    "merchant_id": "cloth_seller_pcGA5SfzTmVUTBKvh2T3",
    "customer_id": "cus_0193ab7e6cc074939f389817610cd5b1",
    "payment_method_id": "12345_pm_0193b69ba645716086c0fe21c462cf2d",
    "payment_method_type": "card",
    "payment_method_subtype": "credit",
    "recurring_enabled": false,
    "created": "2024-12-11T16:44:34.261Z",
    "last_used_at": "2024-12-11T16:44:34.261Z",
    "ephemeral_key": null,
    "payment_method_data": {
        "card": {
            "issuer_country": null,
            "last4_digits": "4242",
            "expiry_month": "12",
            "expiry_year": "2025",
            "card_holder_name": "joseph Doe",
            "card_fingerprint": null,
            "nick_name": null,
            "card_network": null,
            "card_isin": null,
            "card_issuer": null,
            "card_type": null,
            "saved_to_locker": true
        }
    }
}
  1. Retrieve a PM -
curl --location --request GET 'http://localhost:8080/v2/payment-methods/12345_pm_0193cec5b7637f33a36b1f9ce34137bd' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'X-Profile-Id: pro_OqoV7IKp695hRjM1zRfE' \
--header 'X-Resource-Type: payment_method' \
--header 'api-key: dev_qxDW3eUAAg8u1Yagzfzur089lWvt4ZwendCYibU4XBTV9Mo6tJ3wi0inMiO9gnTO'

Response -

{
    "merchant_id": "cloth_seller_R8JPuhk0GnkqHNDBzs7g",
    "customer_id": "cus_0193ce809d9e7411bd207c8f85eac45b",
    "payment_method_id": "12345_pm_0193cec5b7637f33a36b1f9ce34137bd",
    "payment_method_type": "card",
    "payment_method_subtype": "credit",
    "recurring_enabled": false,
    "created": "2024-12-16T09:21:24.377Z",
    "last_used_at": "2024-12-16T09:21:24.377Z",
    "ephemeral_key": null,
    "payment_method_data": {
        "card": {
            "issuer_country": null,
            "last4_digits": "4242",
            "expiry_month": "12",
            "expiry_year": "2025",
            "card_holder_name": "joseph Doe",
            "card_fingerprint": null,
            "nick_name": null,
            "card_network": null,
            "card_isin": null,
            "card_issuer": null,
            "card_type": null,
            "saved_to_locker": true
        }
    }
}
  1. Update a PM -
curl --location --request PATCH 'http://localhost:8080/v2/payment-methods/12345_pm_0193b69ba645716086c0fe21c462cf2d/update-saved-payment-method' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'X-Profile-Id: pro_DMmRBLpkNczeVDPd2EKd' \
--header 'X-Resource-Type: payment_method' \
--header 'api-key: epk_0c6ebab77f51446ab30467640a6f8f02' \
--data-raw '{
    "payment_method_data": {
        "card": {
            "card_holder_name": "joseph",
            "nick_name": "some_name11"
        }
    }
}'

Response -

{
    "merchant_id": "cloth_seller_pcGA5SfzTmVUTBKvh2T3",
    "customer_id": "cus_0193ab7e6cc074939f389817610cd5b1",
    "payment_method_id": "12345_pm_0193b69ba645716086c0fe21c462cf2d",
    "payment_method_type": "card",
    "payment_method_subtype": "credit",
    "recurring_enabled": false,
    "created": "2024-12-11T16:44:34.261Z",
    "last_used_at": "2024-12-11T16:44:34.261Z",
    "ephemeral_key": null,
    "payment_method_data": {
        "card": {
            "issuer_country": null,
            "last4_digits": "4242",
            "expiry_month": "12",
            "expiry_year": "2025",
            "card_holder_name": "joseph",
            "card_fingerprint": null,
            "nick_name": "some_name11",
            "card_network": null,
            "card_isin": null,
            "card_issuer": null,
            "card_type": null,
            "saved_to_locker": true
        }
    }
}
  1. Delete a PM -
curl --location --request DELETE 'http://localhost:8080/v2/payment-methods/12345_pm_0193cec5b7637f33a36b1f9ce34137bd' \
--header 'Accept: application/json' \
--header 'X-Profile-Id: pro_OqoV7IKp695hRjM1zRfE' \
--header 'X-Resource-Type: payment_method' \
--header 'api-key: dev_qxDW3eUAAg8u1Yagzfzur089lWvt4ZwendCYibU4XBTV9Mo6tJ3wi0inMiO9gnTO'

Response -

{
    "payment_method_id": "12345_pm_0193b69ba645716086c0fe21c462cf2d"
}
  1. Standalone Ephemeral key create -
curl --location --request POST 'http://localhost:8080/v2/ephemeral-keys' \
--header 'Content-Type: application/json' \
--header 'X-Profile-Id: pro_CwrzjgurYtopm4AU4ckw' \
--header 'X-Resource-Type: payment_method' \
--header 'api-key: dev_XhFPyn6hxjHV0kwfx5TuqP01AACTenU00ioSS352L5uUFufVKqfWNAtI1reaYO3S' \
--data-raw '{
    "customer_id": "12345_cus_0193d93f0f267882b5b843a648890ede"
}'

Response -

{
    "id": "eki_TEEmZPBA0XL1jyQYaXVY",
    "customer_id": "12345_cus_0193d93f0f267882b5b843a648890ede",
    "created_at": "2024-12-19 12:17:01.909893",
    "expires": "2024-12-19 13:17:01.909893",
    "secret": "epk_0193ded995d57fd290ed0ce218e01cf9"
}

Can use the ephemeral key obtained here to hit the above APIs

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@Sarthak1799 Sarthak1799 self-assigned this Dec 11, 2024
@Sarthak1799 Sarthak1799 requested review from a team as code owners December 11, 2024 18:52
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Dec 11, 2024
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/hyperswitch_domain_models/src/payments.rs  64% smaller
  crates/router/src/routes/app.rs  48% smaller
  crates/router/src/core/payment_methods/vault.rs  41% smaller
  crates/router/src/core/payment_methods.rs  38% smaller
  crates/router/src/lib.rs  36% smaller
  crates/router/src/routes/payment_methods.rs  29% smaller
  crates/api_models/src/payment_methods.rs  11% smaller
  crates/router/src/routes/ephemeral_key.rs  4% smaller
  api-reference-v2/openapi_spec.json  0% smaller
  crates/api_models/src/ephemeral_key.rs  0% smaller
  crates/common_utils/src/events.rs  0% smaller
  crates/common_utils/src/id_type.rs  0% smaller
  crates/common_utils/src/id_type/ephemeral_key.rs  0% smaller
  crates/diesel_models/src/ephemeral_key.rs  0% smaller
  crates/diesel_models/src/payment_method.rs  0% smaller
  crates/router/src/consts.rs  0% smaller
  crates/router/src/core/payment_methods/transformers.rs  0% smaller
  crates/router/src/core/payments/helpers.rs  0% smaller
  crates/router/src/db/ephemeral_key.rs  0% smaller
  crates/router/src/db/kafka_store.rs  0% smaller
  crates/router/src/services/authentication.rs  0% smaller
  crates/router/src/types/payment_methods.rs  0% smaller
  crates/router/src/types/storage/ephemeral_key.rs  0% smaller

@hyperswitch-bot hyperswitch-bot bot added the M-api-contract-changes Metadata: This PR involves API contract changes label Dec 11, 2024
@Sarthak1799 Sarthak1799 linked an issue Dec 11, 2024 that may be closed by this pull request
[FEATURE] Ephemeral Auth for v2 #6814
Closed
2 tasks
jarnura
jarnura requested changes Dec 12, 2024
View reviewed changes
crates/router/src/core/payments/helpers.rs Outdated Show resolved Hide resolved
crates/router/src/core/payments/helpers.rs Outdated Show resolved Hide resolved
crates/router/src/routes/payment_methods.rs Outdated Show resolved Hide resolved
crates/router/src/routes/payment_methods.rs Outdated Show resolved Hide resolved
jarnura
jarnura previously approved these changes Dec 16, 2024
View reviewed changes
tsdk02
tsdk02 previously approved these changes Dec 17, 2024
View reviewed changes
@Sarthak1799 Sarthak1799 dismissed stale reviews from tsdk02 and jarnura via ba456d6 December 17, 2024 12:21
Narayanbhat166
Narayanbhat166 reviewed Dec 19, 2024
View reviewed changes
crates/router/src/core/payments/helpers.rs
.change_context(errors::ApiErrorResponse::InvalidRequestData {
message: format!("`{}` header is invalid", headers::X_RESOURCE_TYPE),
})?
.get_required_value("ResourceType")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this always tied to a customer? we might create the ephemeral key for payment as well right?

crates/router/src/core/payments/helpers.rs Show resolved Hide resolved
crates/router/src/core/payments/helpers.rs Outdated Show resolved Hide resolved
SanchithHegde
SanchithHegde reviewed Dec 19, 2024
View reviewed changes
crates/api_models/src/ephemeral_key.rs Outdated Show resolved Hide resolved
crates/api_models/src/payment_methods.rs Outdated
@@ -826,7 +815,7 @@ pub struct PaymentMethodResponse {
pub last_used_at: Option<time::PrimitiveDateTime>,

/// For Client based calls
pub client_secret: Option<String>,
pub ephemeral_key: Option<String>,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we have this as a Secret?

crates/common_utils/src/id_type/ephemeral_key.rs Outdated Show resolved Hide resolved
crates/diesel_models/src/ephemeral_key.rs Outdated Show resolved Hide resolved
crates/router/src/core/payment_methods.rs Outdated Show resolved Hide resolved
Narayanbhat166
Narayanbhat166 previously approved these changes Dec 19, 2024
View reviewed changes
Narayanbhat166
Narayanbhat166 previously approved these changes Dec 19, 2024
View reviewed changes
jarnura
jarnura previously approved these changes Dec 19, 2024
View reviewed changes
ThisIsMani
ThisIsMani approved these changes Dec 19, 2024
View reviewed changes
Copy link
Contributor

@ThisIsMani ThisIsMani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dashboard specific changes looks fine.

@Narayanbhat166
Copy link
Member

Narayanbhat166 commented Dec 20, 2024
edited
Loading

couple of doubts in this PR @Sarthak1799, we are using ephemeral key without any merchant authentication part i.e publishable key. Should we add ephemeral key along with publishable key?

Also, the create payment method s2s call also creates a ephemeral key in the response, what is the use for this? If there has to be any client interactions, the merchant has to create the ephemeral key separately right?

cc: @jarnura

@Sarthak1799
Copy link
Contributor Author

Also, the create payment method s2s call also creates a ephemeral key in the response, what is the use for this? If there has to be any client interactions, the merchant has to create the ephemeral key separately right?

The Create API also should be able to provide a ephemeral key in case the the merchant wants to use the SDK post vaulting right?
Would that never be a usecase?

couple of doubts in this PR @Sarthak1799, we are using ephemeral key without any merchant authentication part i.e publishable key. Should we add ephemeral key along with publishable key?

Publishible key support is also there for the respective APIs. Merchant authentication is there in Ephemeral key as well. The case where someone would be able to use another merchant's ephemeral key is seems unlikely.

@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue Dec 22, 2024
Merged via the queue into main with commit 24401bc Dec 22, 2024
17 of 19 checks passed
@Gnanasundari24 Gnanasundari24 deleted the ephemeral-auth-v2 branch December 22, 2024 18:04
pixincreate added a commit that referenced this pull request Dec 23, 2024
@pixincreate
Merge branch 'main' of github.com:juspay/hyperswitch into cypress-del…
350792c 
…ete-pm

* 'main' of github.com:juspay/hyperswitch:
  chore(version): 2024.12.23.0
  feat(connector): [JPMORGAN] add Payment flows for cards (#6668)
  refactor(grpc): send `x-tenant-id` and `x-request-id` in grpc headers (#6904)
  feat(payment_methods_v2): Added Ephemeral auth for v2 (#6813)
  chore(cypress): payout - fix test cases for adyenplatform bank (#6887)
  refactor(connector): [Airwallex] add device_data in payment request (#6881)
  feat(router): add db interface for `/relay` (#6879)
  feat(payments_v2): implement payments capture v2 (#6722)
  feat(router): add /relay endpoint (#6870)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ThisIsMani ThisIsMani ThisIsMani approved these changes

@tsdk02 tsdk02 tsdk02 approved these changes

@Chethan-rao Chethan-rao Chethan-rao approved these changes

@Narayanbhat166 Narayanbhat166 Narayanbhat166 approved these changes

@SanchithHegde SanchithHegde SanchithHegde approved these changes

@jarnura jarnura jarnura left review comments

Assignees

@Sarthak1799 Sarthak1799

Labels
M-api-contract-changes Metadata: This PR involves API contract changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE] Ephemeral Auth for v2
8 participants
@Sarthak1799 @Narayanbhat166 @jarnura @SanchithHegde @Chethan-rao @tsdk02 @ThisIsMani @Gnanasundari24