diff --git a/crates/api_models/src/payments.rs b/crates/api_models/src/payments.rs index bd19443d00..d730fa8c85 100644 --- a/crates/api_models/src/payments.rs +++ b/crates/api_models/src/payments.rs @@ -3894,8 +3894,10 @@ pub struct PaymentRequestMetadata { #[derive(Debug, Clone, serde::Serialize, serde::Deserialize, ToSchema)] pub struct SessionTokenInfo { - pub certificate: String, - pub certificate_keys: String, + #[schema(value_type = String)] + pub certificate: Secret, + #[schema(value_type = String)] + pub certificate_keys: Secret, pub merchant_identifier: String, pub display_name: String, pub initiative: String, diff --git a/crates/common_utils/src/request.rs b/crates/common_utils/src/request.rs index 47f280bc57..264179fc60 100644 --- a/crates/common_utils/src/request.rs +++ b/crates/common_utils/src/request.rs @@ -35,8 +35,8 @@ pub struct Request { pub url: String, pub headers: Headers, pub method: Method, - pub certificate: Option, - pub certificate_key: Option, + pub certificate: Option>, + pub certificate_key: Option>, pub body: Option, } @@ -96,11 +96,11 @@ impl Request { self.headers.insert((String::from(header), value)); } - pub fn add_certificate(&mut self, certificate: Option) { + pub fn add_certificate(&mut self, certificate: Option>) { self.certificate = certificate; } - pub fn add_certificate_key(&mut self, certificate_key: Option) { + pub fn add_certificate_key(&mut self, certificate_key: Option>) { self.certificate = certificate_key; } } @@ -110,8 +110,8 @@ pub struct RequestBuilder { pub url: String, pub headers: Headers, pub method: Method, - pub certificate: Option, - pub certificate_key: Option, + pub certificate: Option>, + pub certificate_key: Option>, pub body: Option, } @@ -157,12 +157,12 @@ impl RequestBuilder { self } - pub fn add_certificate(mut self, certificate: Option) -> Self { + pub fn add_certificate(mut self, certificate: Option>) -> Self { self.certificate = certificate; self } - pub fn add_certificate_key(mut self, certificate_key: Option) -> Self { + pub fn add_certificate_key(mut self, certificate_key: Option>) -> Self { self.certificate_key = certificate_key; self } diff --git a/crates/router/src/connector/netcetera.rs b/crates/router/src/connector/netcetera.rs index 40df0050f4..71072a046d 100644 --- a/crates/router/src/connector/netcetera.rs +++ b/crates/router/src/connector/netcetera.rs @@ -5,7 +5,6 @@ use std::fmt::Debug; use common_utils::{ext_traits::ByteSliceExt, request::RequestContent}; use error_stack::ResultExt; -use masking::ExposeInterface; use transformers as netcetera; use crate::{ @@ -297,8 +296,8 @@ impl self, req, connectors, )?, ) - .add_certificate(Some(netcetera_auth_type.certificate.expose())) - .add_certificate_key(Some(netcetera_auth_type.private_key.expose())) + .add_certificate(Some(netcetera_auth_type.certificate)) + .add_certificate_key(Some(netcetera_auth_type.private_key)) .build(), )) } @@ -407,8 +406,8 @@ impl self, req, connectors, )?, ) - .add_certificate(Some(netcetera_auth_type.certificate.expose())) - .add_certificate_key(Some(netcetera_auth_type.private_key.expose())) + .add_certificate(Some(netcetera_auth_type.certificate)) + .add_certificate_key(Some(netcetera_auth_type.private_key)) .build(), )) } diff --git a/crates/router/src/core/payments/flows/session_flow.rs b/crates/router/src/core/payments/flows/session_flow.rs index 3d21aa732d..66e0f14480 100644 --- a/crates/router/src/core/payments/flows/session_flow.rs +++ b/crates/router/src/core/payments/flows/session_flow.rs @@ -111,8 +111,8 @@ fn get_applepay_metadata( fn build_apple_pay_session_request( state: &routes::AppState, request: payment_types::ApplepaySessionRequest, - apple_pay_merchant_cert: String, - apple_pay_merchant_cert_key: String, + apple_pay_merchant_cert: masking::Secret, + apple_pay_merchant_cert_key: masking::Secret, ) -> RouterResult { let mut url = state.conf.connectors.applepay.base_url.to_owned(); url.push_str("paymentservices/paymentSession"); @@ -188,16 +188,14 @@ async fn create_applepay_session_token( .applepay_decrypt_keys .get_inner() .apple_pay_merchant_cert - .clone() - .expose(); + .clone(); let apple_pay_merchant_cert_key = state .conf .applepay_decrypt_keys .get_inner() .apple_pay_merchant_cert_key - .clone() - .expose(); + .clone(); ( payment_request_data, diff --git a/crates/router/src/core/payments/helpers.rs b/crates/router/src/core/payments/helpers.rs index ff69749405..45816b875c 100644 --- a/crates/router/src/core/payments/helpers.rs +++ b/crates/router/src/core/payments/helpers.rs @@ -66,15 +66,15 @@ use crate::{ }; pub fn create_identity_from_certificate_and_key( - encoded_certificate: String, - encoded_certificate_key: String, + encoded_certificate: masking::Secret, + encoded_certificate_key: masking::Secret, ) -> Result> { let decoded_certificate = BASE64_ENGINE - .decode(encoded_certificate) + .decode(encoded_certificate.expose()) .change_context(errors::ApiClientError::CertificateDecodeFailed)?; let decoded_certificate_key = BASE64_ENGINE - .decode(encoded_certificate_key) + .decode(encoded_certificate_key.expose()) .change_context(errors::ApiClientError::CertificateDecodeFailed)?; let certificate = String::from_utf8(decoded_certificate) diff --git a/crates/router/src/core/verification.rs b/crates/router/src/core/verification.rs index 3f738df592..8782126b0b 100644 --- a/crates/router/src/core/verification.rs +++ b/crates/router/src/core/verification.rs @@ -22,8 +22,8 @@ pub async fn verify_merchant_creds_for_applepay( .common_merchant_identifier .clone() .expose(); - let cert_data = applepay_merchant_configs.merchant_cert.clone().expose(); - let key_data = applepay_merchant_configs.merchant_cert_key.clone().expose(); + let cert_data = applepay_merchant_configs.merchant_cert.clone(); + let key_data = applepay_merchant_configs.merchant_cert_key.clone(); let applepay_endpoint = &applepay_merchant_configs.applepay_endpoint; let request_body = verifications::ApplepayMerchantVerificationConfigs { diff --git a/crates/router/src/services/api/client.rs b/crates/router/src/services/api/client.rs index 816269c086..09b4d25d0b 100644 --- a/crates/router/src/services/api/client.rs +++ b/crates/router/src/services/api/client.rs @@ -83,8 +83,8 @@ fn get_base_client( pub(super) fn create_client( proxy_config: &Proxy, should_bypass_proxy: bool, - client_certificate: Option, - client_certificate_key: Option, + client_certificate: Option>, + client_certificate_key: Option>, ) -> CustomResult { match (client_certificate, client_certificate_key) { (Some(encoded_certificate), Some(encoded_certificate_key)) => { @@ -154,8 +154,8 @@ where &self, method: Method, url: String, - certificate: Option, - certificate_key: Option, + certificate: Option>, + certificate_key: Option>, ) -> CustomResult, ApiClientError>; async fn send_request( @@ -223,8 +223,8 @@ impl ProxyClient { pub fn get_reqwest_client( &self, base_url: String, - client_certificate: Option, - client_certificate_key: Option, + client_certificate: Option>, + client_certificate_key: Option>, ) -> CustomResult { match (client_certificate, client_certificate_key) { (Some(certificate), Some(certificate_key)) => { @@ -323,8 +323,8 @@ impl ApiClient for ProxyClient { &self, method: Method, url: String, - certificate: Option, - certificate_key: Option, + certificate: Option>, + certificate_key: Option>, ) -> CustomResult, ApiClientError> { let client_builder = self .get_reqwest_client(url.clone(), certificate, certificate_key) @@ -378,8 +378,8 @@ impl ApiClient for MockApiClient { &self, _method: Method, _url: String, - _certificate: Option, - _certificate_key: Option, + _certificate: Option>, + _certificate_key: Option>, ) -> CustomResult, ApiClientError> { // [#2066]: Add Mock implementation for ApiClient Err(ApiClientError::UnexpectedState.into())