feat(payout_link): secure payout links using server side validations and client side headers (#5219)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>

crates/router/src/compatibility/stripe/errors.rs

@@ -264,6 +264,8 @@ pub enum StripeErrorCode {
     PaymentMethodDeleteFailed,
     #[error(error_type = StripeErrorType::InvalidRequestError, code = "", message = "Extended card info does not exist")]
     ExtendedCardInfoNotFound,
+    #[error(error_type = StripeErrorType::InvalidRequestError, code = "not_configured", message = "{message}")]
+    LinkConfigurationError { message: String },
     #[error(error_type = StripeErrorType::ConnectorError, code = "CE", message = "{reason} as data mismatched for {field_names}")]
     IntegrityCheckFailed {
         reason: String,
@@ -656,6 +658,9 @@ impl From<errors::ApiErrorResponse> for StripeErrorCode {
                 Self::InvalidWalletToken { wallet_name }
             }
             errors::ApiErrorResponse::ExtendedCardInfoNotFound => Self::ExtendedCardInfoNotFound,
+            errors::ApiErrorResponse::LinkConfigurationError { message } => {
+                Self::LinkConfigurationError { message }
+            }
             errors::ApiErrorResponse::IntegrityCheckFailed {
                 reason,
                 field_names,
@@ -742,7 +747,8 @@ impl actix_web::ResponseError for StripeErrorCode {
             | Self::InvalidConnectorConfiguration { .. }
             | Self::CurrencyConversionFailed
             | Self::PaymentMethodDeleteFailed
-            | Self::ExtendedCardInfoNotFound => StatusCode::BAD_REQUEST,
+            | Self::ExtendedCardInfoNotFound
+            | Self::LinkConfigurationError { .. } => StatusCode::BAD_REQUEST,
             Self::RefundFailed
             | Self::PayoutFailed
             | Self::PaymentLinkNotFound

crates/router/src/compatibility/wrap.rs

@@ -141,10 +141,11 @@ where
         }
 
         Ok(api::ApplicationResponse::GenericLinkForm(boxed_generic_link_data)) => {
-            let link_type = (boxed_generic_link_data).to_string();
-            match services::generic_link_response::build_generic_link_html(*boxed_generic_link_data)
-            {
-                Ok(rendered_html) => api::http_response_html_data(rendered_html),
+            let link_type = (boxed_generic_link_data).data.to_string();
+            match services::generic_link_response::build_generic_link_html(
+                boxed_generic_link_data.data,
+            ) {
+                Ok(rendered_html) => api::http_response_html_data(rendered_html, None),
                 Err(_) => {
                     api::http_response_err(format!("Error while rendering {} HTML page", link_type))
                 }
@@ -155,7 +156,7 @@ where
             match *boxed_payment_link_data {
                 api::PaymentLinkAction::PaymentLinkFormData(payment_link_data) => {
                     match api::build_payment_link_html(payment_link_data) {
-                        Ok(rendered_html) => api::http_response_html_data(rendered_html),
+                        Ok(rendered_html) => api::http_response_html_data(rendered_html, None),
                         Err(_) => api::http_response_err(
                             r#"{
                                 "error": {
@@ -167,7 +168,7 @@ where
                 }
                 api::PaymentLinkAction::PaymentLinkStatus(payment_link_data) => {
                     match api::get_payment_link_status(payment_link_data) {
-                        Ok(rendered_html) => api::http_response_html_data(rendered_html),
+                        Ok(rendered_html) => api::http_response_html_data(rendered_html, None),
                         Err(_) => api::http_response_err(
                             r#"{
                                 "error": {