NotificationReceiverController - Should use custom RouteScope so it works with headless sales channels as well #261
Comments
AndreasA
changed the title
|
Hi @AndreasA , Thank you for reaching out to us. We have received your ticket and will review it promptly. Our team will analyze the details and get back to you with further updates as soon as possible. If you have any additional information or questions in the meantime, please feel free to share them. Thank you for your patience and understanding. Best regards |
|
Hi @AndreasA , The Adyen plugin uses the sw-sales-channel-id request attribute set by Shopware framework to determine the sales channel for the webhooks requests. Shopware sets the sw-sales-channel-id request based on the request URL by matching the configured domains of a sales channel with the request domain. Once the sales channel is determined from the webhooks request, the plugin will perform HMAC and username/password authentication based on plugin configuration values. Please note that you can set up different configuration values for each sales channel. Please note that Adyen plugin exposes store API endpoints to enable building a custom front end for your headless Shopware 6 integration using either Adyen's pre-built UI solutions or your own UI. Your front end connects to your existing back end that uses Shopware's Store API endpoints (more details can be found here). Based on the above, the plugin behavior behind the NotificationReceiverController is in line with its purpose of handling webhooks from Adyen. Please let us know if you need further assistance or if there’s anything else we can do to support you. Best regards |
Describe the bug
With multiple sales channels the NotificationReceiverController would require a corresponding Storefront sales channel with a correct domain configuration. It will not work for headless sales channels and it might also be tricky regarding which URL to use if the sales channel has multiple or one uses the same adyen configuration for multiple sales channels.
Instead if would make more sense to either use the admin API ACL definitions with a corresponding permission
or a custom route scope defintion.
The custom route scope is probably the way to go as you can define it for the
adyenprefix, and can create your own authentication which you probably need for the web hooks. It should optionally be possible to specify the sales channel ID in the URL, e.g. as query parameter or suffix.It would probably be necessary
Versions
Shopware version: 6.4.11.1
Plugin version: 3.4.1
The text was updated successfully, but these errors were encountered: