From af4bcd5a90bca57e846d72fdb6c3d2960019bc3e Mon Sep 17 00:00:00 2001 From: "Wojciech M. Wnuk" Date: Thu, 20 Jun 2024 00:58:02 +0200 Subject: [PATCH 1/4] Magento 2.4.6-p6 Csp bugfix (jquery getScript bug) --- Model/ApiFacade/TpayConfig/ConfigFacade.php | 52 +++++++-------------- Model/ApiFacade/TpayConfig/ConfigOpen.php | 27 +++++++++-- Model/ApiFacade/TpayConfig/ConfigOrigin.php | 27 +++++++++-- Model/TpayConfigProvider.php | 15 ++---- 4 files changed, 67 insertions(+), 54 deletions(-) diff --git a/Model/ApiFacade/TpayConfig/ConfigFacade.php b/Model/ApiFacade/TpayConfig/ConfigFacade.php index ef84828..3995a76 100755 --- a/Model/ApiFacade/TpayConfig/ConfigFacade.php +++ b/Model/ApiFacade/TpayConfig/ConfigFacade.php @@ -3,49 +3,36 @@ namespace Tpay\Magento2\Model\ApiFacade\TpayConfig; use Exception; -use Magento\Framework\View\Asset\Repository; use Tpay\Magento2\Api\TpayConfigInterface; -use Tpay\Magento2\Api\TpayInterface; use Tpay\Magento2\Model\ApiFacade\Transaction\TransactionOriginApi; -use Tpay\Magento2\Service\TpayService; -use Tpay\Magento2\Service\TpayTokensService; class ConfigFacade { - /** @var ConfigOrigin */ + /** @var ConfigOrigin\Proxy */ private $originConfig; - /** @var ConfigOpen */ + /** @var ConfigOpen\Proxy */ private $openApi; - /** @var CardConfigFacade */ + /** @var CardConfigFacade\Proxy */ private $cardConfig; - /** @var TpayInterface */ - private $tpay; - /** @var TpayConfigInterface */ private $tpayConfig; - /** @var Repository */ - private $assetRepository; - - /** @var TpayTokensService */ - private $tokensService; - - /** @var TpayService */ - private $tpayService; - /** @var bool */ private $useOpenApi; - public function __construct(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService, TpayService $tpayService) - { - $this->tpay = $tpay; + public function __construct( + TpayConfigInterface $tpayConfig, + ConfigOrigin\Proxy $originConfig, + ConfigOpen\Proxy $openApi, + CardConfigFacade\Proxy $cardConfig + ) { $this->tpayConfig = $tpayConfig; - $this->assetRepository = $assetRepository; - $this->tokensService = $tokensService; - $this->tpayService = $tpayService; + $this->originConfig = $originConfig; + $this->openApi = $openApi; + $this->cardConfig = $cardConfig; } public function getConfig(): array @@ -63,29 +50,26 @@ private function getCurrentApi() private function connectApi() { if (null == $this->openApi && null === $this->originConfig) { - $this->createOriginApiInstance($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService); - $this->createOpenApiInstance($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService); - $this->cardConfig = new CardConfigFacade($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService, $this->tpayService); + $this->createOriginApiInstance($this->tpayConfig); + $this->createOpenApiInstance($this->tpayConfig); } } - private function createOriginApiInstance(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService) + private function createOriginApiInstance(TpayConfigInterface $tpayConfig) { if (!$tpayConfig->isOriginApiEnabled()) { - $this->originConfig = null; return; } try { new TransactionOriginApi($tpayConfig->getApiPassword(), $tpayConfig->getApiKey(), $tpayConfig->getMerchantId(), $tpayConfig->getSecurityCode(), !$tpayConfig->useSandboxMode()); - $this->originConfig = new ConfigOrigin($tpay, $tpayConfig, $assetRepository, $tokensService); } catch (Exception $exception) { - $this->originConfig = null; + return; } } - private function createOpenApiInstance(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService) + private function createOpenApiInstance(TpayConfigInterface $tpayConfig) { if (!$tpayConfig->isPlnPayment() || !$tpayConfig->isOpenApiEnabled()) { $this->openApi = null; @@ -95,11 +79,9 @@ private function createOpenApiInstance(TpayInterface $tpay, TpayConfigInterface } try { - $this->openApi = new ConfigOpen($tpay, $tpayConfig, $assetRepository, $tokensService); $this->openApi->authorization(); $this->useOpenApi = true; } catch (Exception $exception) { - $this->openApi = null; $this->useOpenApi = false; } } diff --git a/Model/ApiFacade/TpayConfig/ConfigOpen.php b/Model/ApiFacade/TpayConfig/ConfigOpen.php index af43f85..f1b41cf 100755 --- a/Model/ApiFacade/TpayConfig/ConfigOpen.php +++ b/Model/ApiFacade/TpayConfig/ConfigOpen.php @@ -2,6 +2,8 @@ namespace Tpay\Magento2\Model\ApiFacade\TpayConfig; +use Magento\Csp\Helper\CspNonceProvider; +use Magento\Framework\Escaper; use Magento\Framework\View\Asset\Repository; use Tpay\Magento2\Api\TpayConfigInterface; use Tpay\Magento2\Api\TpayInterface; @@ -23,12 +25,26 @@ class ConfigOpen extends TpayApi /** @var Repository */ private $assetRepository; - public function __construct(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService) - { + /** @var CspNonceProvider */ + private $cspNonceProvider; + + /** @var Escaper */ + private $escaper; + + public function __construct( + TpayInterface $tpay, + TpayConfigInterface $tpayConfig, + Repository $assetRepository, + TpayTokensService $tokensService, + CspNonceProvider $cspNonceProvider, + Escaper $escaper + ) { $this->tpay = $tpay; $this->tpayConfig = $tpayConfig; $this->assetRepository = $assetRepository; $this->tokensService = $tokensService; + $this->cspNonceProvider = $cspNonceProvider; + $this->escaper = $escaper; parent::__construct($tpayConfig->getOpenApiClientId(), $tpayConfig->getOpenApiPassword(), !$tpayConfig->useSandboxMode()); } @@ -68,9 +84,12 @@ public function showChannels(): ?string public function createScript(string $script): string { return " - "; diff --git a/Model/ApiFacade/TpayConfig/ConfigOrigin.php b/Model/ApiFacade/TpayConfig/ConfigOrigin.php index a04bf29..8591034 100755 --- a/Model/ApiFacade/TpayConfig/ConfigOrigin.php +++ b/Model/ApiFacade/TpayConfig/ConfigOrigin.php @@ -2,6 +2,8 @@ namespace Tpay\Magento2\Model\ApiFacade\TpayConfig; +use Magento\Csp\Helper\CspNonceProvider; +use Magento\Framework\Escaper; use Magento\Framework\View\Asset\Repository; use Tpay\Magento2\Api\TpayConfigInterface; use Tpay\Magento2\Api\TpayInterface; @@ -22,12 +24,26 @@ class ConfigOrigin /** @var TpayConfigInterface */ private $tpayConfig; - public function __construct(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService) - { + /** @var CspNonceProvider */ + private $cspNonceProvider; + + /** @var Escaper */ + private $escaper; + + public function __construct( + TpayInterface $tpay, + TpayConfigInterface $tpayConfig, + Repository $assetRepository, + TpayTokensService $tokensService, + CspNonceProvider $cspNonceProvider, + Escaper $escaper + ) { $this->tpay = $tpay; $this->tpayConfig = $tpayConfig; $this->assetRepository = $assetRepository; $this->tokensService = $tokensService; + $this->cspNonceProvider = $cspNonceProvider; + $this->escaper = $escaper; } public function getConfig(): array @@ -69,9 +85,12 @@ public function showChannels(): ?string public function createScript(string $script): string { return " - "; diff --git a/Model/TpayConfigProvider.php b/Model/TpayConfigProvider.php index 9f6a2d6..306e1fa 100644 --- a/Model/TpayConfigProvider.php +++ b/Model/TpayConfigProvider.php @@ -5,14 +5,10 @@ namespace Tpay\Magento2\Model; use Magento\Checkout\Model\ConfigProviderInterface; -use Magento\Framework\View\Asset\Repository; use Magento\Payment\Helper\Data as PaymentHelper; -use Tpay\Magento2\Api\TpayConfigInterface; use Tpay\Magento2\Api\TpayInterface; use Tpay\Magento2\Model\ApiFacade\TpayConfig\ConfigFacade; use Tpay\Magento2\Model\ApiFacade\Transaction\TransactionApiFacade; -use Tpay\Magento2\Service\TpayService; -use Tpay\Magento2\Service\TpayTokensService; class TpayConfigProvider implements ConfigProviderInterface { @@ -22,7 +18,7 @@ class TpayConfigProvider implements ConfigProviderInterface /** @var TpayInterface */ protected $paymentMethod; - /** @var ConfigFacade */ + /** @var ConfigFacade\Proxy */ protected $configFacade; /** @var TransactionApiFacade */ @@ -30,20 +26,17 @@ class TpayConfigProvider implements ConfigProviderInterface public function __construct( PaymentHelper $paymentHelper, - Repository $assetRepository, - TpayTokensService $tokensService, TransactionApiFacade $transactionApiFacade, - TpayService $tpayService, - TpayConfigInterface $tpayConfig + ConfigFacade\Proxy $configFacade ) { $this->paymentHelper = $paymentHelper; $this->transactionApi = $transactionApiFacade; - $this->configFacade = new ConfigFacade($this->getPaymentMethodInstance(), $tpayConfig, $assetRepository, $tokensService, $tpayService); + $this->configFacade = $configFacade; } public function getConfig(): array { - if (!$this->paymentMethod->isAvailable()) { + if (!$this->getPaymentMethodInstance()->isAvailable()) { return []; } From 297a525a4eaa99c62e871d6745d5c8031589204e Mon Sep 17 00:00:00 2001 From: "Wojciech M. Wnuk" Date: Mon, 22 Jul 2024 13:42:11 +0200 Subject: [PATCH 2/4] remove extra whitespace --- Model/ApiFacade/TpayConfig/ConfigFacade.php | 1 - 1 file changed, 1 deletion(-) diff --git a/Model/ApiFacade/TpayConfig/ConfigFacade.php b/Model/ApiFacade/TpayConfig/ConfigFacade.php index 3995a76..ace5c76 100755 --- a/Model/ApiFacade/TpayConfig/ConfigFacade.php +++ b/Model/ApiFacade/TpayConfig/ConfigFacade.php @@ -58,7 +58,6 @@ private function connectApi() private function createOriginApiInstance(TpayConfigInterface $tpayConfig) { if (!$tpayConfig->isOriginApiEnabled()) { - return; } From 16c7b4f2a040989cdc9d44bb05fd0c163aa408b6 Mon Sep 17 00:00:00 2001 From: Adam Wysocki Date: Mon, 29 Jul 2024 15:59:32 +0200 Subject: [PATCH 3/4] Fix dependency injection in CardConfig --- .../ApiFacade/TpayConfig/CardConfigFacade.php | 39 +++++++++++++------ 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/Model/ApiFacade/TpayConfig/CardConfigFacade.php b/Model/ApiFacade/TpayConfig/CardConfigFacade.php index 540b99f..0b4eefb 100755 --- a/Model/ApiFacade/TpayConfig/CardConfigFacade.php +++ b/Model/ApiFacade/TpayConfig/CardConfigFacade.php @@ -3,6 +3,8 @@ namespace Tpay\Magento2\Model\ApiFacade\TpayConfig; use Exception; +use Magento\Csp\Helper\CspNonceProvider; +use Magento\Framework\Escaper; use Magento\Framework\View\Asset\Repository; use Tpay\Magento2\Api\TpayConfigInterface; use Tpay\Magento2\Api\TpayInterface; @@ -36,13 +38,28 @@ class CardConfigFacade /** @var bool */ private $useOpenApi; - public function __construct(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService, TpayService $tpayService) - { + /** @var CspNonceProvider */ + private $cspNonceProvider; + + /** @var Escaper */ + private $escaper; + + public function __construct( + TpayInterface $tpay, + TpayConfigInterface $tpayConfig, + Repository $assetRepository, + TpayTokensService $tokensService, + TpayService $tpayService, + CspNonceProvider $cspNonceProvider, + Escaper $escaper + ) { $this->tpay = $tpay; $this->tpayConfig = $tpayConfig; $this->assetRepository = $assetRepository; $this->tokensService = $tokensService; $this->tpayService = $tpayService; + $this->cspNonceProvider = $cspNonceProvider; + $this->escaper = $escaper; } public function getConfig(): array @@ -60,7 +77,7 @@ private function getCurrentApi() private function connectApi() { if (null == $this->openApi && null === $this->originApi) { - $originAuthorization = $this->createOriginApiInstance($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService, $this->tpayService); + $originAuthorization = $this->createOriginApiInstance(); if (isset($originAuthorization['content']) && 'correct' == $originAuthorization['content']) { $this->useOpenApi = false; @@ -68,21 +85,21 @@ private function connectApi() return; } - $this->createOpenApiInstance($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService); + $this->createOpenApiInstance(); } } - private function createOriginApiInstance(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService, TpayService $tpayService): array + private function createOriginApiInstance(): array { - if (!$tpayConfig->isCardEnabled()) { + if (!$this->tpayConfig->isCardEnabled()) { $this->originApi = null; return []; } try { - $cardOrigin = new CardOrigin($tpay, $tpayConfig, $tokensService, $tpayService); - $this->originApi = new ConfigOrigin($tpay, $tpayConfig, $assetRepository, $tokensService); + $cardOrigin = new CardOrigin($this->tpay, $this->tpayConfig, $this->tokensService, $this->tpayService); + $this->originApi = new ConfigOrigin($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService, $this->cspNonceProvider, $this->escaper); return $cardOrigin->requests($cardOrigin->cardsApiURL.$this->tpayConfig->getCardApiKey(), ['api_password' => $this->tpayConfig->getCardApiPassword(), 'method' => 'check']); } catch (Exception $exception) { @@ -92,9 +109,9 @@ private function createOriginApiInstance(TpayInterface $tpay, TpayConfigInterfac } } - private function createOpenApiInstance(TpayInterface $tpay, TpayConfigInterface $tpayConfig, Repository $assetRepository, TpayTokensService $tokensService) + private function createOpenApiInstance() { - if (!$tpayConfig->isOpenApiEnabled() || !$tpayConfig->isPlnPayment()) { + if (!$this->tpayConfig->isOpenApiEnabled() || !$this->tpayConfig->isPlnPayment()) { $this->openApi = null; $this->useOpenApi = false; @@ -102,7 +119,7 @@ private function createOpenApiInstance(TpayInterface $tpay, TpayConfigInterface } try { - $this->openApi = new ConfigOpen($tpay, $tpayConfig, $assetRepository, $tokensService); + $this->openApi = new ConfigOpen($this->tpay, $this->tpayConfig, $this->assetRepository, $this->tokensService, $this->cspNonceProvider, $this->escaper); $this->openApi->authorization(); $this->useOpenApi = true; } catch (Exception $exception) { From 6c08a30453321660edeb92cef632eeb1bb421c97 Mon Sep 17 00:00:00 2001 From: Adam Wysocki Date: Mon, 29 Jul 2024 16:02:52 +0200 Subject: [PATCH 4/4] Fix PR action --- .github/workflows/pull_request.yaml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 0b25d87..6d9f4e0 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -5,6 +5,7 @@ on: permissions: contents: write + pull-requests: write jobs: check: @@ -19,13 +20,7 @@ jobs: name: 'tpay-magento2-basic' path: './' - - uses: actions/github-script@v6 + - uses: mshick/add-pr-comment@v2 with: - github-token: ${{ secrets.TOKEN }} - script: | - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: 'Tpay Magento2 plugin - ${{ steps.plugin-upload.outputs.artifact-url }}' - }) + message: | + Tpay Magento2 plugin - ${{ steps.plugin-upload.outputs.artifact-url }}