feat(payments): add client_secret auth for payments retrieve (#1663)

2025-10-31 10:06:32 +08:00 · 2023-07-10 13:21:10 +05:30
parent be5d55c98f
commit b428298030
9 changed files with 52 additions and 14 deletions
--- a/crates/router/src/compatibility/stripe/payment_intents.rs
+++ b/crates/router/src/compatibility/stripe/payment_intents.rs
@ -70,6 +70,7 @@ pub async fn payment_intents_retrieve(
    state: web::Data<routes::AppState>,
    req: HttpRequest,
    path: web::Path<String>,
+    query_payload: web::Query<types::StripePaymentRetrieveBody>,
 ) -> HttpResponse {
    let payload = payment_types::PaymentsRetrieveRequest {
        resource_id: api_types::PaymentIdType::PaymentIntentId(path.to_string()),
@ -78,12 +79,14 @@ pub async fn payment_intents_retrieve(
        connector: None,
        param: None,
        merchant_connector_details: None,
+        client_secret: query_payload.client_secret.clone(),
    };

-    let (auth_type, auth_flow) = match auth::get_auth_type_and_flow(req.headers()) {
-        Ok(auth) => auth,
-        Err(err) => return api::log_and_return_error_response(report!(err)),
-    };
+    let (auth_type, auth_flow) =
+        match auth::check_client_secret_and_get_auth(req.headers(), &payload) {
+            Ok(auth) => auth,
+            Err(err) => return api::log_and_return_error_response(report!(err)),
+        };

    let flow = Flow::PaymentsRetrieve;

--- a/crates/router/src/compatibility/stripe/payment_intents/types.rs
+++ b/crates/router/src/compatibility/stripe/payment_intents/types.rs
@ -718,3 +718,8 @@ pub(crate) fn into_stripe_next_action(
        }
    })
 }
+
+#[derive(Deserialize, Clone)]
+pub struct StripePaymentRetrieveBody {
+    pub client_secret: Option<String>,
+}
--- a/crates/router/src/compatibility/stripe/setup_intents.rs
+++ b/crates/router/src/compatibility/stripe/setup_intents.rs
@ -6,7 +6,10 @@ use error_stack::report;
 use router_env::{instrument, tracing, Flow};

 use crate::{
-    compatibility::{stripe::errors, wrap},
+    compatibility::{
+        stripe::{errors, payment_intents::types as stripe_payment_types},
+        wrap,
+    },
    core::payments,
    routes,
    services::{api, authentication as auth},
@ -71,6 +74,7 @@ pub async fn setup_intents_retrieve(
    state: web::Data<routes::AppState>,
    req: HttpRequest,
    path: web::Path<String>,
+    query_payload: web::Query<stripe_payment_types::StripePaymentRetrieveBody>,
 ) -> HttpResponse {
    let payload = payment_types::PaymentsRetrieveRequest {
        resource_id: api_types::PaymentIdType::PaymentIntentId(path.to_string()),
@ -79,12 +83,14 @@ pub async fn setup_intents_retrieve(
        connector: None,
        param: None,
        merchant_connector_details: None,
+        client_secret: query_payload.client_secret.clone(),
    };

-    let (auth_type, auth_flow) = match auth::get_auth_type_and_flow(req.headers()) {
-        Ok(auth) => auth,
-        Err(err) => return api::log_and_return_error_response(report!(err)),
-    };
+    let (auth_type, auth_flow) =
+        match auth::check_client_secret_and_get_auth(req.headers(), &payload) {
+            Ok(auth) => auth,
+            Err(err) => return api::log_and_return_error_response(report!(err)),
+        };

    let flow = Flow::PaymentsRetrieve;