woocommerce-paypal-payments/modules/ppcp-button/src/Helper/ThreeDSecure.php

<?php
/**
 * Helper class to determine how to proceed with an order depending on the 3d secure feedback.
 *
 * @package WooCommerce\PayPalCommerce\Button\Helper
 */

declare(strict_types=1);

namespace WooCommerce\PayPalCommerce\Button\Helper;

use Psr\Log\LoggerInterface;
use WooCommerce\PayPalCommerce\ApiClient\Entity\CardAuthenticationResult as AuthResult;
use WooCommerce\PayPalCommerce\ApiClient\Entity\Order;
use WooCommerce\PayPalCommerce\ApiClient\Factory\CardAuthenticationResultFactory;

/**
 * Class ThreeDSecure
 */
class ThreeDSecure {

	const NO_DECISION = 0;
	const PROCEED    = 1;
	const REJECT      = 2;
	const RETRY       = 3;

	/**
	 * Card authentication result factory.
	 *
	 * @var CardAuthenticationResultFactory
	 */
	private $card_authentication_result_factory;

	/**
	 * The logger.
	 *
	 * @var LoggerInterface
	 */
	protected $logger;

	/**
	 * ThreeDSecure constructor.
	 *
	 * @param CardAuthenticationResultFactory $card_authentication_result_factory Card authentication result factory.
	 * @param LoggerInterface                 $logger The logger.
	 */
	public function __construct(
		CardAuthenticationResultFactory $card_authentication_result_factory,
		LoggerInterface $logger
	) {
		$this->logger                             = $logger;
		$this->card_authentication_result_factory = $card_authentication_result_factory;
	}

	/**
	 * Determine, how we proceed with a given order.
	 *
	 * @link https://developer.paypal.com/docs/business/checkout/add-capabilities/3d-secure/#authenticationresult
	 *
	 * @param Order $order The order for which the decision is needed.
	 *
	 * @return int
	 */
	public function proceed_with_order( Order $order ): int {

		do_action( 'woocommerce_paypal_payments_three_d_secure_before_check', $order );

		$payment_source = $order->payment_source();
		if ( ! $payment_source ) {
			return $this->return_decision( self::NO_DECISION, $order );
		}

		if ( ! ( $payment_source->properties()->brand ?? '' ) ) {
			return $this->return_decision( self::NO_DECISION, $order );
		}
		if ( ! ( $payment_source->properties()->authentication_result ?? '' ) ) {
			return $this->return_decision( self::NO_DECISION, $order );
		}

		$authentication_result = $payment_source->properties()->authentication_result ?? null;
		if ( $authentication_result ) {
			$result = $this->card_authentication_result_factory->from_paypal_response( $authentication_result );

			$this->logger->info( '3DS Authentication Result: ' . wc_print_r( $result->to_array(), true ) );

			if ( $result->liability_shift() === AuthResult::LIABILITY_SHIFT_POSSIBLE ) {
				return $this->return_decision( self::PROCEED, $order );
			}

			if ( $result->liability_shift() === AuthResult::LIABILITY_SHIFT_UNKNOWN ) {
				return $this->return_decision( self::RETRY, $order );
			}
			if ( $result->liability_shift() === AuthResult::LIABILITY_SHIFT_NO ) {
				return $this->return_decision( $this->no_liability_shift( $result ), $order );
			}
		}

		return $this->return_decision( self::NO_DECISION, $order );
	}

	/**
	 * Processes and returns a ThreeD secure decision.
	 *
	 * @param int   $decision The ThreeD secure decision.
	 * @param Order $order The PayPal Order object.
	 * @return int
	 */
	public function return_decision( int $decision, Order $order ) {
		$decision = apply_filters( 'woocommerce_paypal_payments_three_d_secure_decision', $decision, $order );
		do_action( 'woocommerce_paypal_payments_three_d_secure_after_check', $order, $decision );
		return $decision;
	}

	/**
	 * Determines how to proceed depending on the Liability Shift.
	 *
	 * @param AuthResult $result The AuthResult object based on which we make the decision.
	 *
	 * @return int
	 */
	private function no_liability_shift( AuthResult $result ): int {

		if (
			$result->enrollment_status() === AuthResult::ENROLLMENT_STATUS_BYPASS
			&& ! $result->authentication_result()
		) {
			return self::PROCEED;
		}
		if (
			$result->enrollment_status() === AuthResult::ENROLLMENT_STATUS_UNAVAILABLE
			&& ! $result->authentication_result()
		) {
			return self::PROCEED;
		}
		if (
			$result->enrollment_status() === AuthResult::ENROLLMENT_STATUS_NO
			&& ! $result->authentication_result()
		) {
			return self::PROCEED;
		}

		if ( $result->authentication_result() === AuthResult::AUTHENTICATION_RESULT_REJECTED ) {
			return self::REJECT;
		}

		if ( $result->authentication_result() === AuthResult::AUTHENTICATION_RESULT_NO ) {
			return self::REJECT;
		}

		if ( $result->authentication_result() === AuthResult::AUTHENTICATION_RESULT_UNABLE ) {
			return self::RETRY;
		}

		if ( ! $result->authentication_result() ) {
			return self::RETRY;
		}
		return self::NO_DECISION;
	}
}
handle 3d secure server side 2020-07-15 10:27:40 +03:00			`<?php`
coding standards for button module 2020-08-31 11:12:46 +03:00			`/**`
			`* Helper class to determine how to proceed with an order depending on the 3d secure feedback.`
			`*`
change namespace vendor to WooCommerce 2020-09-11 14:11:10 +03:00			`* @package WooCommerce\PayPalCommerce\Button\Helper`
coding standards for button module 2020-08-31 11:12:46 +03:00			`*/`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
			`declare(strict_types=1);`

change namespace vendor to WooCommerce 2020-09-11 14:11:10 +03:00			`namespace WooCommerce\PayPalCommerce\Button\Helper;`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
Log 3DS authentication result 2021-09-21 11:34:16 +02:00			`use Psr\Log\LoggerInterface;`
change namespace vendor to WooCommerce 2020-09-11 14:11:10 +03:00			`use WooCommerce\PayPalCommerce\ApiClient\Entity\CardAuthenticationResult as AuthResult;`
			`use WooCommerce\PayPalCommerce\ApiClient\Entity\Order;`
Fix phpunit 2023-11-23 14:53:47 +01:00			`use WooCommerce\PayPalCommerce\ApiClient\Factory\CardAuthenticationResultFactory;`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
coding standards for button module 2020-08-31 11:12:46 +03:00			`/**`
			`* Class ThreeDSecure`
			`*/`
phpcbf 2020-08-27 11:08:36 +03:00			`class ThreeDSecure {`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
downgrade plugin to php 7.0 2020-09-11 13:38:02 +03:00			`const NO_DECISION = 0;`
Fix first batch of typos 2025-03-24 14:09:19 +01:00			`const PROCEED = 1;`
downgrade plugin to php 7.0 2020-09-11 13:38:02 +03:00			`const REJECT = 2;`
			`const RETRY = 3;`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
Fix phpunit 2023-11-23 14:53:47 +01:00			`/**`
			`* Card authentication result factory.`
			`*`
			`* @var CardAuthenticationResultFactory`
			`*/`
			`private $card_authentication_result_factory;`

Log 3DS authentication result 2021-09-21 11:34:16 +02:00			`/**`
			`* The logger.`
			`*`
			`* @var LoggerInterface`
			`*/`
			`protected $logger;`

			`/**`
			`* ThreeDSecure constructor.`
			`*`
Fix phpunit 2023-11-23 14:53:47 +01:00			`* @param CardAuthenticationResultFactory $card_authentication_result_factory Card authentication result factory.`
			`* @param LoggerInterface $logger The logger.`
Log 3DS authentication result 2021-09-21 11:34:16 +02:00			`*/`
Fix phpunit 2023-11-23 14:53:47 +01:00			`public function __construct(`
			`CardAuthenticationResultFactory $card_authentication_result_factory,`
			`LoggerInterface $logger`
			`) {`
			`$this->logger = $logger;`
			`$this->card_authentication_result_factory = $card_authentication_result_factory;`
Log 3DS authentication result 2021-09-21 11:34:16 +02:00			`}`

phpcbf 2020-08-27 11:08:36 +03:00			`/**`
			`* Determine, how we proceed with a given order.`
			`*`
			`* @link https://developer.paypal.com/docs/business/checkout/add-capabilities/3d-secure/#authenticationresult`
coding standards for button module 2020-08-31 11:12:46 +03:00			`*`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`* @param Order $order The order for which the decision is needed.`
coding standards for button module 2020-08-31 11:12:46 +03:00			`*`
phpcbf 2020-08-27 11:08:36 +03:00			`* @return int`
			`*/`
coding standards for button module 2020-08-31 11:12:46 +03:00			`public function proceed_with_order( Order $order ): int {`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00
			`do_action( 'woocommerce_paypal_payments_three_d_secure_before_check', $order );`

Fix psalm 2023-10-27 15:28:01 +02:00			`$payment_source = $order->payment_source();`
			`if ( ! $payment_source ) {`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`return $this->return_decision( self::NO_DECISION, $order );`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
Fix psalm 2023-10-27 15:28:01 +02:00
Fix ThreeDSecure warning. 2024-02-22 17:59:43 +00:00			`if ( ! ( $payment_source->properties()->brand ?? '' ) ) {`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`return $this->return_decision( self::NO_DECISION, $order );`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
Fix ThreeDSecure warning. 2024-02-22 17:59:43 +00:00			`if ( ! ( $payment_source->properties()->authentication_result ?? '' ) ) {`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`return $this->return_decision( self::NO_DECISION, $order );`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
Log 3DS authentication result 2021-09-21 11:34:16 +02:00
Fix 3DS authentication result 2023-11-21 14:57:55 +01:00			`$authentication_result = $payment_source->properties()->authentication_result ?? null;`
			`if ( $authentication_result ) {`
Fix phpunit 2023-11-23 14:53:47 +01:00			`$result = $this->card_authentication_result_factory->from_paypal_response( $authentication_result );`
Log 3DS authentication result 2021-09-21 11:34:16 +02:00
Improve the capitalization of "3DS Authentication Result" text 2024-02-12 16:24:16 +04:00			`$this->logger->info( '3DS Authentication Result: ' . wc_print_r( $result->to_array(), true ) );`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
Fix 3DS authentication result 2023-11-21 14:57:55 +01:00			`if ( $result->liability_shift() === AuthResult::LIABILITY_SHIFT_POSSIBLE ) {`
Fix first batch of typos 2025-03-24 14:09:19 +01:00			`return $this->return_decision( self::PROCEED, $order );`
Fix 3DS authentication result 2023-11-21 14:57:55 +01:00			`}`

			`if ( $result->liability_shift() === AuthResult::LIABILITY_SHIFT_UNKNOWN ) {`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`return $this->return_decision( self::RETRY, $order );`
Fix 3DS authentication result 2023-11-21 14:57:55 +01:00			`}`
			`if ( $result->liability_shift() === AuthResult::LIABILITY_SHIFT_NO ) {`
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`return $this->return_decision( $this->no_liability_shift( $result ), $order );`
Fix 3DS authentication result 2023-11-21 14:57:55 +01:00			`}`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
Fix 3DS authentication result 2023-11-21 14:57:55 +01:00
Improve fraud prevention capabilities 2024-03-27 11:50:40 +00:00			`return $this->return_decision( self::NO_DECISION, $order );`
			`}`

			`/**`
			`* Processes and returns a ThreeD secure decision.`
			`*`
			`* @param int $decision The ThreeD secure decision.`
			`* @param Order $order The PayPal Order object.`
			`* @return int`
			`*/`
			`public function return_decision( int $decision, Order $order ) {`
			`$decision = apply_filters( 'woocommerce_paypal_payments_three_d_secure_decision', $decision, $order );`
			`do_action( 'woocommerce_paypal_payments_three_d_secure_after_check', $order, $decision );`
			`return $decision;`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
phpcbf 2020-08-27 11:08:36 +03:00			`/**`
coding standards for button module 2020-08-31 11:12:46 +03:00			`* Determines how to proceed depending on the Liability Shift.`
			`*`
			`* @param AuthResult $result The AuthResult object based on which we make the decision.`
			`*`
phpcbf 2020-08-27 11:08:36 +03:00			`* @return int`
			`*/`
coding standards for button module 2020-08-31 11:12:46 +03:00			`private function no_liability_shift( AuthResult $result ): int {`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
phpcbf 2020-08-27 11:08:36 +03:00			`if (`
coding standards for api client 2020-09-01 09:00:45 +03:00			`$result->enrollment_status() === AuthResult::ENROLLMENT_STATUS_BYPASS`
			`&& ! $result->authentication_result()`
phpcbf 2020-08-27 11:08:36 +03:00			`) {`
Fix first batch of typos 2025-03-24 14:09:19 +01:00			`return self::PROCEED;`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
			`if (`
coding standards for api client 2020-09-01 09:00:45 +03:00			`$result->enrollment_status() === AuthResult::ENROLLMENT_STATUS_UNAVAILABLE`
			`&& ! $result->authentication_result()`
phpcbf 2020-08-27 11:08:36 +03:00			`) {`
Fix first batch of typos 2025-03-24 14:09:19 +01:00			`return self::PROCEED;`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
			`if (`
coding standards for api client 2020-09-01 09:00:45 +03:00			`$result->enrollment_status() === AuthResult::ENROLLMENT_STATUS_NO`
			`&& ! $result->authentication_result()`
phpcbf 2020-08-27 11:08:36 +03:00			`) {`
Fix first batch of typos 2025-03-24 14:09:19 +01:00			`return self::PROCEED;`
phpcbf 2020-08-27 11:08:36 +03:00			`}`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
coding standards for api client 2020-09-01 09:00:45 +03:00			`if ( $result->authentication_result() === AuthResult::AUTHENTICATION_RESULT_REJECTED ) {`
phpcbf 2020-08-27 11:08:36 +03:00			`return self::REJECT;`
			`}`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
coding standards for api client 2020-09-01 09:00:45 +03:00			`if ( $result->authentication_result() === AuthResult::AUTHENTICATION_RESULT_NO ) {`
phpcbf 2020-08-27 11:08:36 +03:00			`return self::REJECT;`
			`}`
handle 3d secure server side 2020-07-15 10:27:40 +03:00
coding standards for api client 2020-09-01 09:00:45 +03:00			`if ( $result->authentication_result() === AuthResult::AUTHENTICATION_RESULT_UNABLE ) {`
phpcbf 2020-08-27 11:08:36 +03:00			`return self::RETRY;`
			`}`

coding standards for api client 2020-09-01 09:00:45 +03:00			`if ( ! $result->authentication_result() ) {`
phpcbf 2020-08-27 11:08:36 +03:00			`return self::RETRY;`
			`}`
			`return self::NO_DECISION;`
			`}`
handle 3d secure server side 2020-07-15 10:27:40 +03:00			`}`