fix(connectors): Mask fields for webhook_resource_object #4407

Sakilmostak · 2024-04-22T07:24:14Z

Type of Change

Description

Serde json value was being passed which doesn't support masking which exposed sensitive fields in the log. Rather than sending serde json value, the object struct should be passed to mask the sensitive fields

Corresponding main PR

Additional Changes

This PR modifies the API contract
This PR modifies the database schema
This PR modifies application configuration/environment variables

How did you test it?

Tested through Postman:

Create a Merchant Account:

{
    "merchant_id": "merchant_{{$timestamp}}",
    "locker_id": "m0010",
    "merchant_name": "NewAge Retailer",
    "merchant_details": {
        "primary_contact_person": "John Test",
        "primary_email": "[email protected]",
        "primary_phone": "sunt laborum",
        "secondary_contact_person": "John Test2",
        "secondary_email": "[email protected]",
        "secondary_phone": "cillum do dolor id",
        "website": "www.example.com",
        "about_business": "Online Retail with a wide selection of organic products for North America",
        "address": {
            "line1": "1467",
            "line2": "Harrison Street",
            "line3": "Harrison Street",
            "city": "San Fransico",
            "state": "California",
            "zip": "94122",
            "country": "US"
        }
    },
    "return_url": "https://google.com/success",
    "webhook_details": {
        "webhook_version": "1.0.1",
        "webhook_username": "ekart_retail",
        "webhook_password": "password_ekart@123",
        "payment_created_enabled": true,
        "payment_succeeded_enabled": true,
        "payment_failed_enabled": true
    },
    "sub_merchants_enabled": false,
    "metadata": {
        "city": "NY",
        "unit": "245"
    },
    "primary_business_details": [
        {
            "country": "US",
            "business": "default"
        }
    ]
}

Update the merchant account with url of where you want to receive webhooks:

{
    "merchant_id": "{{merchant_id}}",
    "webhook_details": {
        "webhook_version": "1.0.1",
        "webhook_username": "ekart_retail",
        "webhook_password": "password_ekart@123",
        "payment_created_enabled": true,
        "payment_succeeded_enabled": true,
        "payment_failed_enabled": true,
        "webhook_url": "{{target_url}}"
    }
}

Create a MCA (Checkout):

{
    "connector_type": "payment_processor",
    "connector_name": "checkout",
    "connector_account_details": {
        "auth_type": "SignatureKey",
        "api_key": "{{api_Key}}",
        "api_secret": "{{api_secret}}",
        "key1": "{{key1}}"
    },
    "test_mode": false,
    "disabled": false,
    "business_country": "US",
    "business_label": "default",
    "payment_methods_enabled": [
        {
            "payment_method": "card",
            "payment_method_types": [
                {
                    "payment_method_type": "credit",
                    "card_networks": [
                        "AmericanExpress",
                        "Discover",
                        "Interac",
                        "JCB",
                        "Mastercard",
                        "Visa",
                        "DinersClub",
                        "UnionPay",
                        "RuPay"
                    ],
                    "minimum_amount": 1,
                    "maximum_amount": 68607706,
                    "recurring_enabled": true,
                    "installment_payment_enabled": true
                },
                {
                    "payment_method_type": "debit",
                    "card_networks": [
                        "AmericanExpress",
                        "Discover",
                        "Interac",
                        "JCB",
                        "Mastercard",
                        "Visa",
                        "DinersClub",
                        "UnionPay",
                        "RuPay"
                    ],
                    "minimum_amount": 1,
                    "maximum_amount": 68607706,
                    "recurring_enabled": true,
                    "installment_payment_enabled": true
                }
            ]
        },
        {
            "payment_method": "wallet",
            "payment_method_types": [
                {
                    "payment_method_type": "paypal",
                    "payment_experience": "redirect_to_url",
                    "minimum_amount": 1,
                    "maximum_amount": 68607706,
                    "recurring_enabled": false,
                    "installment_payment_enabled": false
                }
            ]
        }
    ],
    "metadata": {
        "city": "NY",
        "unit": "245"
    }
}

Update the merchant secret for MCA:

{
    "connector_type": "payment_processor",
    "connector_webhook_details": {
        "merchant_secret": "{{merchant_secret}}"
    }
}

Create a Payment:

{
    "amount": 1043,
    "currency": "USD",
    "confirm": true,
    "capture_method": "automatic",
    "capture_on": "2022-09-10T10:11:12Z",
    "customer_id": "StripeCustomer",
    "email": "[email protected]",
    "name": "John Doe",
    "phone": "999999999",
    "phone_country_code": "+1",
    "description": "Its my first payment request",
    "authentication_type": "no_three_ds",
    "return_url": "https://google.com",
    "payment_method": "card",
    "payment_method_data": {
        "card": {
            "card_number": "4485040371536584",
            "card_exp_month": "01",
            "card_exp_year": "99",
            "card_holder_name": "joseph Doe",
            "card_cvc": "123"
        }
    },
    "billing": {
        "address": {
            "line1": "1467",
            "line2": "Harrison Street",
            "line3": "Harrison Street",
            "city": "San Fransico",
            "state": "California",
            "zip": "94122",
            "country": "US",
            "first_name": "PiX"
        }
    },
    "shipping": {
        "address": {
            "line1": "1467",
            "line2": "Harrison Street",
            "line3": "Harrison Street",
            "city": "San Fransico",
            "state": "California",
            "zip": "94122",
            "country": "US",
            "first_name": "PiX"
        }
    },
    "statement_descriptor_name": "joseph",
    "statement_descriptor_suffix": "JS",
    "metadata": {
        "udf1": "value1",
        "new_customer": "true",
        "login_date": "2019-09-10T10:11:12Z"
    }
}

You should receive webhook in your target url

Note: This affects the webhook flow of Stripe and Checkout

Checklist

I formatted the code cargo +nightly fmt --all
I addressed lints thrown by cargo clippy
I reviewed the submitted code
I added unit tests for my changes where possible
I added a CHANGELOG entry if applicable

fix: mask sensitive fields by sending proper data

393c04d

Sakilmostak added A-connector-integration Area: Connector integration A-core Area: Core flows C-bug Category: Bug labels Apr 22, 2024

Sakilmostak self-assigned this Apr 22, 2024

Sakilmostak requested review from a team as code owners April 22, 2024 07:24

sai-harsha-vardhan approved these changes Apr 22, 2024

View reviewed changes

swangi-kumari approved these changes Apr 22, 2024

View reviewed changes

likhinbopanna merged commit bec0ee0 into hotfix-2024.04.12.1 Apr 22, 2024
14 of 17 checks passed

likhinbopanna deleted the mask_fields_hotfix branch April 22, 2024 08:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(connectors): Mask fields for webhook_resource_object #4407

fix(connectors): Mask fields for webhook_resource_object #4407

Sakilmostak commented Apr 22, 2024 •

edited

Loading

fix(connectors): Mask fields for webhook_resource_object #4407

fix(connectors): Mask fields for webhook_resource_object #4407

Conversation

Sakilmostak commented Apr 22, 2024 • edited Loading

Type of Change

Description

Additional Changes

How did you test it?

Checklist

Sakilmostak commented Apr 22, 2024 •

edited

Loading