handle iframeAllowed parameter from order request response#46
Conversation
konradkozaczenko
force-pushed
the
continue-3ds-http-redirect
branch
from
36de0c5 to
fe04f92
Compare
konradkozaczenko
force-pushed
the
continue-3ds-http-redirect
branch
from
fe04f92 to
29d625c
Compare
There was a problem hiding this comment.
Pull request overview
This PR adds handling for the iframeAllowed parameter returned in the PayU order creation response, which is used for 3DS authentication iframe handling. The new Continue3DsHttpRedirect reply class extends HttpRedirect to carry the iframeAllowed flag so consumers can determine whether to render the 3DS redirect in an iframe.
Changes:
- Added
iframeAllowedfield toOrderCreatedResponsevalue object to capture the API response parameter. - Introduced
Continue3DsHttpRedirectreply class that wrapsHttpRedirectwith aniframeAllowedboolean property. - Updated
CaptureActionto throwContinue3DsHttpRedirectinstead ofHttpRedirectfor 3DS redirects, passing the iframe-allowed state.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
src/ValueObject/Response/OrderCreatedResponse.php |
Added iframeAllowed property and included it in fromResponse and toArray |
src/Core/Reply/Continue3DsHttpRedirect.php |
New reply class extending HttpRedirect with iframeAllowed flag |
src/Action/CaptureAction.php |
Changed 3DS redirect to use Continue3DsHttpRedirect with iframeAllowed |
tests/Integration/Action/CaptureActionTest.php |
Added iframeAllowed to expected response arrays in test assertions |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
| $request->setModel($model); | ||
|
|
||
| throw new HttpRedirect($orderCreatedResponse->redirectUri); | ||
| throw new Continue3DsHttpRedirect(!(null === $orderCreatedResponse->iframeAllowed), $orderCreatedResponse->redirectUri); |
There was a problem hiding this comment.
Why you need this specific redirect?
Handle the iframeAllowed flag in the set/get methods of the \Answear\Payum\PayU\Model\Model class, such as setOrderId(), and simply retrieve this flag where needed using
$model = Model::ensureArrayObject($payment->getDetails());
$model->iframeAllowed
There was a problem hiding this comment.
iframeAllowed is strictly related to the redirect. You handle the redirect by catching the exception. When the exception is an instance of Continue3DsHttpRedirect, you can check the iframeAllowed parameter. It's part of the redirect process, not a model object that holds data about the payment, buyer, etc
| $request->setModel($model); | ||
|
|
||
| throw new HttpRedirect($orderCreatedResponse->redirectUri); | ||
| throw new Continue3DsHttpRedirect($orderCreatedResponse->iframeAllowed ?? false, $orderCreatedResponse->redirectUri); |
There was a problem hiding this comment.
iframeAllowed is strictly related to the redirect
agree
So maybe IframeHttpRedirect extends HttpRedirect and here
return match($orderCreatedResponse->iframeAllowed)
true => new IframeHttpRedirect($orderCreatedResponse->redirectUri),
false => new HttpRedirect($orderCreatedResponse->redirectUri)You will have generic exception for iframe without any flags.
| public string $orderId, | ||
| public ?string $extOrderId = null, | ||
| public ?array $payMethods = null, | ||
| public ?bool $iframeAllowed = null, |
There was a problem hiding this comment.
keep here default false, will be match better for handling
|
|
||
| use Payum\Core\Reply\HttpRedirect; | ||
|
|
||
| class Continue3DsHttpRedirect extends HttpRedirect |
There was a problem hiding this comment.
już zapomniałem, że tu się steruje exceptionami :)
konradkozaczenko
force-pushed
the
continue-3ds-http-redirect
branch
from
e9319b2 to
8f6e685
Compare
konradkozaczenko
force-pushed
the
continue-3ds-http-redirect
branch
from
8f6e685 to
dc54e4b
Compare
https://developers.payu.com/europe/docs/card-payments/threeds/auth-page/#iframe-handling