fix(router): move payment token/method mandatory check to get trackers for payment update and confirm (#315)

crates/api_models/src/payments.rs

@@ -126,6 +126,7 @@ impl From<PaymentsRequest> for VerifyRequest {
     }
 }
 
+#[derive(Clone)]
 pub enum MandateTxnType {
     NewMandateTxn,
     RecurringMandateTxn,

crates/router/src/core/payments/helpers.rs

@@ -1358,14 +1358,22 @@ pub(crate) fn authenticate_client_secret(
 }
 
 pub(crate) fn validate_pm_or_token_given(
+    payment_method: &Option<api_enums::PaymentMethodType>,
+    payment_method_data: &Option<api::PaymentMethod>,
+    mandate_type: &Option<api::MandateTxnType>,
     token: &Option<String>,
-    pm_data: &Option<api::PaymentMethod>,
 ) -> Result<(), errors::ApiErrorResponse> {
-    utils::when(token.is_none() && pm_data.is_none(), || {
-        Err(errors::ApiErrorResponse::InvalidRequestData {
-            message: "A payment token or payment method data is required".to_string(),
-        })
-    })
+    utils::when(
+        !matches!(payment_method, Some(api_enums::PaymentMethodType::Paypal))
+            && !matches!(mandate_type, Some(api::MandateTxnType::RecurringMandateTxn))
+            && token.is_none()
+            && payment_method_data.is_none(),
+        || {
+            Err(errors::ApiErrorResponse::InvalidRequestData {
+                message: "A payment token or payment method data is required".to_string(),
+            })
+        },
+    )
 }
 
 // A function to perform database lookup and then verify the client secret

crates/router/src/core/payments/operations/payment_confirm.rs

@@ -55,7 +55,7 @@ impl<F: Send + Clone> GetTracker<F, PaymentData<F>, api::PaymentsRequest> for Pa
             helpers::get_token_pm_type_mandate_details(
                 state,
                 request,
-                mandate_type,
+                mandate_type.clone(),
                 merchant_account,
             )
             .await?;
@@ -91,6 +91,16 @@ impl<F: Send + Clone> GetTracker<F, PaymentData<F>, api::PaymentsRequest> for Pa
             .map_err(|error| {
                 error.to_not_found_response(errors::ApiErrorResponse::PaymentNotFound)
             })?;
+
+        let token = token.or_else(|| payment_attempt.payment_token.clone());
+
+        helpers::validate_pm_or_token_given(
+            &request.payment_method,
+            &request.payment_method_data,
+            &mandate_type,
+            &token,
+        )?;
+
         payment_attempt.payment_method = payment_method_type.or(payment_attempt.payment_method);
         payment_attempt.browser_info = browser_info;
         currency = payment_attempt.currency.get_required_value("currency")?;
@@ -361,17 +371,6 @@ impl<F: Send + Clone> ValidateRequest<F, api::PaymentsRequest> for PaymentConfir
         let mandate_type = helpers::validate_mandate(request)?;
         let payment_id = core_utils::get_or_generate_id("payment_id", &given_payment_id, "pay")?;
 
-        if !matches!(
-            request.payment_method,
-            Some(api_models::enums::PaymentMethodType::Paypal)
-        ) && !matches!(mandate_type, Some(api::MandateTxnType::RecurringMandateTxn))
-        {
-            helpers::validate_pm_or_token_given(
-                &request.payment_token,
-                &request.payment_method_data,
-            )?;
-        }
-
         Ok((
             Box::new(self),
             operations::ValidateResult {

crates/router/src/core/payments/operations/payment_create.rs

@@ -414,16 +414,12 @@ impl<F: Send + Clone> ValidateRequest<F, api::PaymentsRequest> for PaymentCreate
 
         let mandate_type = helpers::validate_mandate(request)?;
 
-        if request.confirm.unwrap_or(false)
-            && !matches!(
-                request.payment_method,
-                Some(api_models::enums::PaymentMethodType::Paypal)
-            )
-            && !matches!(mandate_type, Some(api::MandateTxnType::RecurringMandateTxn))
-        {
+        if request.confirm.unwrap_or(false) {
             helpers::validate_pm_or_token_given(
-                &request.payment_token,
+                &request.payment_method,
                 &request.payment_method_data,
+                &mandate_type,
+                &request.payment_token,
             )?;
         }
 

crates/router/src/core/payments/operations/payment_update.rs

@@ -54,7 +54,7 @@ impl<F: Send + Clone> GetTracker<F, PaymentData<F>, api::PaymentsRequest> for Pa
             helpers::get_token_pm_type_mandate_details(
                 state,
                 request,
-                mandate_type,
+                mandate_type.clone(),
                 merchant_account,
             )
             .await?;
@@ -127,6 +127,17 @@ impl<F: Send + Clone> GetTracker<F, PaymentData<F>, api::PaymentsRequest> for Pa
             )?;
         }
 
+        let token = token.or_else(|| payment_attempt.payment_token.clone());
+
+        if request.confirm.unwrap_or(false) {
+            helpers::validate_pm_or_token_given(
+                &request.payment_method,
+                &request.payment_method_data,
+                &mandate_type,
+                &token,
+            )?;
+        }
+
         let connector_response = db
             .find_connector_response_by_payment_id_merchant_id_attempt_id(
                 &payment_intent.payment_id,
@@ -396,19 +407,6 @@ impl<F: Send + Clone> ValidateRequest<F, api::PaymentsRequest> for PaymentUpdate
         let mandate_type = helpers::validate_mandate(request)?;
         let payment_id = core_utils::get_or_generate_id("payment_id", &given_payment_id, "pay")?;
 
-        if request.confirm.unwrap_or(false)
-            && !matches!(
-                request.payment_method,
-                Some(api_enums::PaymentMethodType::Paypal)
-            )
-            && !matches!(mandate_type, Some(api::MandateTxnType::RecurringMandateTxn))
-        {
-            helpers::validate_pm_or_token_given(
-                &request.payment_token,
-                &request.payment_method_data,
-            )?;
-        }
-
         Ok((
             Box::new(self),
             operations::ValidateResult {