Handle free trial for paypal

Vault account without payment
2025-08-30 05:00:51 +08:00 · 2022-04-12 14:59:07 +03:00 · 2022-04-12 14:59:07 +03:00 · 1c0df35f53
commit 1c0df35f53
parent cdda2963c8
18 changed files with 733 additions and 33 deletions
--- a/modules/ppcp-api-client/services.php
+++ b/modules/ppcp-api-client/services.php
@ -35,6 +35,7 @@ use WooCommerce\PayPalCommerce\ApiClient\Factory\PayeeFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PayerFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentsFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentSourceFactory;
+use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentTokenActionLinksFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentTokenFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PlatformFeeFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PurchaseUnitFactory;
@ -113,8 +114,10 @@ return array(
 			$container->get( 'api.host' ),
 			$container->get( 'api.bearer' ),
 			$container->get( 'api.factory.payment-token' ),
+			$container->get( 'api.factory.payment-token-action-links' ),
 			$container->get( 'woocommerce.logger.woocommerce' ),
-			$container->get( 'api.repository.customer' )
+			$container->get( 'api.repository.customer' ),
+			$container->get( 'api.repository.paypal-request-id' )
 		);
 	},
 	'api.endpoint.webhook'                      => static function ( ContainerInterface $container ) : WebhookEndpoint {
@ -240,6 +243,9 @@ return array(
 	'api.factory.payment-token'                 => static function ( ContainerInterface $container ) : PaymentTokenFactory {
 		return new PaymentTokenFactory();
 	},
+	'api.factory.payment-token-action-links'    => static function ( ContainerInterface $container ) : PaymentTokenActionLinksFactory {
+		return new PaymentTokenActionLinksFactory();
+	},
 	'api.factory.webhook'                       => static function ( ContainerInterface $container ): WebhookFactory {
 		return new WebhookFactory();
 	},
--- a/modules/ppcp-api-client/src/Endpoint/PaymentTokenEndpoint.php
+++ b/modules/ppcp-api-client/src/Endpoint/PaymentTokenEndpoint.php
@ -11,11 +11,14 @@ namespace WooCommerce\PayPalCommerce\ApiClient\Endpoint;

 use WooCommerce\PayPalCommerce\ApiClient\Authentication\Bearer;
 use WooCommerce\PayPalCommerce\ApiClient\Entity\PaymentToken;
+use WooCommerce\PayPalCommerce\ApiClient\Entity\PaymentTokenActionLinks;
 use WooCommerce\PayPalCommerce\ApiClient\Exception\PayPalApiException;
 use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
+use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentTokenActionLinksFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentTokenFactory;
 use Psr\Log\LoggerInterface;
 use WooCommerce\PayPalCommerce\ApiClient\Repository\CustomerRepository;
+use WooCommerce\PayPalCommerce\ApiClient\Repository\PayPalRequestIdRepository;

 /**
 * Class PaymentTokenEndpoint
@ -45,6 +48,13 @@ class PaymentTokenEndpoint {
 	 */
 	private $factory;

+	/**
+	 * The PaymentTokenActionLinks factory.
+	 *
+	 * @var PaymentTokenActionLinksFactory
+	 */
+	private $payment_token_action_links_factory;
+
 	/**
 	 * The logger.
 	 *
@ -59,28 +69,41 @@ class PaymentTokenEndpoint {
 	 */
 	protected $customer_repository;

+	/**
+	 * The request id repository.
+	 *
+	 * @var PayPalRequestIdRepository
+	 */
+	private $request_id_repository;
+
 	/**
 	 * PaymentTokenEndpoint constructor.
 	 *
-	 * @param string              $host The host.
-	 * @param Bearer              $bearer The bearer.
-	 * @param PaymentTokenFactory $factory The payment token factory.
-	 * @param LoggerInterface     $logger The logger.
-	 * @param CustomerRepository  $customer_repository The customer repository.
+	 * @param string                         $host The host.
+	 * @param Bearer                         $bearer The bearer.
+	 * @param PaymentTokenFactory            $factory The payment token factory.
+	 * @param PaymentTokenActionLinksFactory $payment_token_action_links_factory The PaymentTokenActionLinks factory.
+	 * @param LoggerInterface                $logger The logger.
+	 * @param CustomerRepository             $customer_repository The customer repository.
+	 * @param PayPalRequestIdRepository      $request_id_repository The request id repository.
 	 */
 	public function __construct(
 		string $host,
 		Bearer $bearer,
 		PaymentTokenFactory $factory,
+		PaymentTokenActionLinksFactory $payment_token_action_links_factory,
 		LoggerInterface $logger,
-		CustomerRepository $customer_repository
+		CustomerRepository $customer_repository,
+		PayPalRequestIdRepository $request_id_repository
 	) {

-		$this->host                = $host;
-		$this->bearer              = $bearer;
-		$this->factory             = $factory;
-		$this->logger              = $logger;
-		$this->customer_repository = $customer_repository;
+		$this->host                               = $host;
+		$this->bearer                             = $bearer;
+		$this->factory                            = $factory;
+		$this->payment_token_action_links_factory = $payment_token_action_links_factory;
+		$this->logger                             = $logger;
+		$this->customer_repository                = $customer_repository;
+		$this->request_id_repository              = $request_id_repository;
 	}

 	/**
@ -183,4 +206,120 @@ class PaymentTokenEndpoint {

 		return wp_remote_retrieve_response_code( $response ) === 204;
 	}
+
+	/**
+	 * Starts the process of PayPal account vaulting (without payment), returns the links for further actions.
+	 *
+	 * @param int    $user_id The WP user id.
+	 * @param string $return_url The URL to which the customer is redirected after finishing the approval.
+	 * @param string $cancel_url The URL to which the customer is redirected if cancelled the operation.
+	 *
+	 * @return PaymentTokenActionLinks
+	 * @throws RuntimeException If the request fails.
+	 * @throws PayPalApiException If the request fails.
+	 */
+	public function start_paypal_token_creation(
+		int $user_id,
+		string $return_url,
+		string $cancel_url
+	): PaymentTokenActionLinks {
+		$bearer = $this->bearer->bearer();
+
+		$url = trailingslashit( $this->host ) . 'v2/vault/payment-tokens';
+
+		$customer_id = $this->customer_repository->customer_id_for_user( ( $user_id ) );
+		$data        = array(
+			'customer_id'         => $customer_id,
+			'source'              => array(
+				'paypal' => array(
+					'usage_type' => 'MERCHANT',
+				),
+			),
+			'application_context' => array(
+				'return_url' => $return_url,
+				'cancel_url' => $cancel_url,
+				// TODO: can use vault_on_approval to avoid /confirm-payment-token, but currently it's not working.
+			),
+		);
+
+		$request_id = uniqid( 'ppcp-vault', true );
+
+		$args = array(
+			'method'  => 'POST',
+			'headers' => array(
+				'Authorization' => 'Bearer ' . $bearer->token(),
+				'Content-Type'  => 'application/json',
+				'Request-Id'    => $request_id,
+			),
+			'body'    => wp_json_encode( $data ),
+		);
+
+		$response = $this->request( $url, $args );
+
+		if ( is_wp_error( $response ) || ! is_array( $response ) ) {
+			throw new RuntimeException( 'Failed to create payment token.' );
+		}
+
+		$json        = json_decode( $response['body'] );
+		$status_code = (int) wp_remote_retrieve_response_code( $response );
+		if ( 200 !== $status_code ) {
+			throw new PayPalApiException(
+				$json,
+				$status_code
+			);
+		}
+
+		$status = $json->status;
+		if ( 'CUSTOMER_ACTION_REQUIRED' !== $status ) {
+			throw new RuntimeException( 'Unexpected payment token creation status. ' . $status );
+		}
+
+		$links = $this->payment_token_action_links_factory->from_paypal_response( $json );
+
+		$this->request_id_repository->set( "ppcp-vault-{$user_id}", $request_id );
+
+		return $links;
+	}
+
+	/**
+	 * Finishes the process of PayPal account vaulting.
+	 *
+	 * @param string $approval_token The id of the approval token approved by the customer.
+	 * @param int    $user_id The WP user id.
+	 *
+	 * @return string
+	 * @throws RuntimeException If the request fails.
+	 * @throws PayPalApiException If the request fails.
+	 */
+	public function create_from_approval_token( string $approval_token, int $user_id ): string {
+		$bearer = $this->bearer->bearer();
+
+		$url = trailingslashit( $this->host ) . 'v2/vault/approval-tokens/' . $approval_token . '/confirm-payment-token';
+
+		$args = array(
+			'method'  => 'POST',
+			'headers' => array(
+				'Authorization' => 'Bearer ' . $bearer->token(),
+				'Request-Id'    => $this->request_id_repository->get( "ppcp-vault-{$user_id}" ),
+				'Content-Type'  => 'application/json',
+			),
+		);
+
+		$response = $this->request( $url, $args );
+
+		if ( is_wp_error( $response ) || ! is_array( $response ) ) {
+			throw new RuntimeException( 'Failed to create payment token from approval token.' );
+		}
+
+		$json        = json_decode( $response['body'] );
+		$status_code = (int) wp_remote_retrieve_response_code( $response );
+		if ( ! in_array( $status_code, array( 200, 201 ), true ) ) {
+			throw new PayPalApiException(
+				$json,
+				$status_code
+			);
+		}
+
+		return $json->id;
+	}
 }
--- a/modules/ppcp-api-client/src/Entity/PaymentTokenActionLinks.php
+++ b/modules/ppcp-api-client/src/Entity/PaymentTokenActionLinks.php
@ -0,0 +1,78 @@
+<?php
+/**
+ * The links from CUSTOMER_ACTION_REQUIRED v2/vault/payment-tokens response.
+ *
+ * @package WooCommerce\PayPalCommerce\ApiClient\Entity
+ */
+
+declare(strict_types=1);
+
+namespace WooCommerce\PayPalCommerce\ApiClient\Entity;
+
+use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
+
+/**
+ * Class PaymentTokenActionLinks
+ */
+class PaymentTokenActionLinks {
+	/**
+	 * The URL for customer PayPal hosted contingency flow.
+	 *
+	 * @var string
+	 */
+	private $approve_link;
+
+	/**
+	 * The URL for a POST request to save an approved approval token and vault the underlying instrument.
+	 *
+	 * @var string
+	 */
+	private $confirm_link;
+
+	/**
+	 * The URL for a GET request to get the state of the approval token.
+	 *
+	 * @var string
+	 */
+	private $status_link;
+
+	/**
+	 * PaymentTokenActionLinks constructor.
+	 *
+	 * @param string $approve_link The URL for customer PayPal hosted contingency flow.
+	 * @param string $confirm_link The URL for a POST request to save an approved approval token and vault the underlying instrument.
+	 * @param string $status_link The URL for a GET request to get the state of the approval token.
+	 */
+	public function __construct( string $approve_link, string $confirm_link, string $status_link ) {
+		$this->approve_link = $approve_link;
+		$this->confirm_link = $confirm_link;
+		$this->status_link  = $status_link;
+	}
+
+	/**
+	 * Returns the URL for customer PayPal hosted contingency flow.
+	 *
+	 * @return string
+	 */
+	public function approve_link(): string {
+		return $this->approve_link;
+	}
+
+	/**
+	 * Returns the URL for a POST request to save an approved approval token and vault the underlying instrument.
+	 *
+	 * @return string
+	 */
+	public function confirm_link(): string {
+		return $this->confirm_link;
+	}
+
+	/**
+	 * Returns the URL for a GET request to get the state of the approval token.
+	 *
+	 * @return string
+	 */
+	public function status_link(): string {
+		return $this->status_link;
+	}
+}
--- a/modules/ppcp-api-client/src/Factory/PaymentTokenActionLinksFactory.php
+++ b/modules/ppcp-api-client/src/Factory/PaymentTokenActionLinksFactory.php
@ -0,0 +1,53 @@
+<?php
+/**
+ * The factory for links from CUSTOMER_ACTION_REQUIRED v2/vault/payment-tokens response.
+ *
+ * @package WooCommerce\PayPalCommerce\ApiClient\Factory
+ */
+
+declare(strict_types=1);
+
+namespace WooCommerce\PayPalCommerce\ApiClient\Factory;
+
+use stdClass;
+use WooCommerce\PayPalCommerce\ApiClient\Entity\PaymentTokenActionLinks;
+use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
+
+/**
+ * Class PaymentTokenActionLinksFactory
+ */
+class PaymentTokenActionLinksFactory {
+
+	/**
+	 * Returns a PaymentTokenActionLinks object based off a PayPal response.
+	 *
+	 * @param stdClass $data The JSON object.
+	 *
+	 * @return PaymentTokenActionLinks
+	 * @throws RuntimeException When JSON object is malformed.
+	 */
+	public function from_paypal_response( stdClass $data ): PaymentTokenActionLinks {
+		if ( ! isset( $data->links ) ) {
+			throw new RuntimeException( 'Links not found.' );
+		}
+
+		$links_map = array();
+		foreach ( $data->links as $link ) {
+			if ( ! isset( $link->rel ) || ! isset( $link->href ) ) {
+				throw new RuntimeException( 'Invalid link data.' );
+			}
+
+			$links_map[ $link->rel ] = $link->href;
+		}
+
+		if ( ! array_key_exists( 'approve', $links_map ) ) {
+			throw new RuntimeException( 'Payment token approve link not found.' );
+		}
+
+		return new PaymentTokenActionLinks(
+			$links_map['approve'],
+			$links_map['confirm'] ?? '',
+			$links_map['status'] ?? ''
+		);
+	}
+}
--- a/modules/ppcp-api-client/src/Repository/PayPalRequestIdRepository.php
+++ b/modules/ppcp-api-client/src/Repository/PayPalRequestIdRepository.php
@ -26,8 +26,7 @@ class PayPalRequestIdRepository {
 	 * @return string
 	 */
 	public function get_for_order_id( string $order_id ): string {
-		$all = $this->all();
-		return isset( $all[ $order_id ] ) ? (string) $all[ $order_id ]['id'] : '';
+		return $this->get( $order_id );
 	}

 	/**
@ -50,14 +49,36 @@ class PayPalRequestIdRepository {
 	 * @return bool
 	 */
 	public function set_for_order( Order $order, string $request_id ): bool {
-		$all                 = $this->all();
-		$all[ $order->id() ] = array(
+		$this->set( $order->id(), $request_id );
+		return true;
+	}
+
+	/**
+	 * Sets a request ID for the given key.
+	 *
+	 * @param string $key The key in the request ID storage.
+	 * @param string $request_id The ID.
+	 */
+	public function set( string $key, string $request_id ): void {
+		$all         = $this->all();
+		$all[ $key ] = array(
 			'id'         => $request_id,
 			'expiration' => time() + 10 * DAY_IN_SECONDS,
 		);
-		$all                 = $this->cleanup( $all );
+		$all         = $this->cleanup( $all );
 		update_option( self::KEY, $all );
-		return true;
+	}
+
+	/**
+	 * Returns a request ID.
+	 *
+	 * @param string $key The key in the request ID storage.
+	 *
+	 * @return string
+	 */
+	public function get( string $key ): string {
+		$all = $this->all();
+		return isset( $all[ $key ] ) ? (string) $all[ $key ]['id'] : '';
 	}

 	/**
--- a/modules/ppcp-button/resources/js/button.js
+++ b/modules/ppcp-button/resources/js/button.js
@ -16,6 +16,7 @@ import {
 } from "./modules/Helper/CheckoutMethodState";
 import {hide, setVisible} from "./modules/Helper/Hiding";
 import {isChangePaymentPage} from "./modules/Helper/Subscriptions";
+import FreeTrialHandler from "./modules/ActionHandler/FreeTrialHandler";

 const buttonsSpinner = new Spinner('.ppc-button-wrapper');

@ -23,8 +24,17 @@ const bootstrap = () => {
    const errorHandler = new ErrorHandler(PayPalCommerceGateway.labels.error.generic);
    const spinner = new Spinner();
    const creditCardRenderer = new CreditCardRenderer(PayPalCommerceGateway, errorHandler, spinner);
-    const onSmartButtonClick = data => {
+
+    const freeTrialHandler = new FreeTrialHandler(PayPalCommerceGateway, spinner, errorHandler);
+
+    const onSmartButtonClick = (data, actions) => {
        window.ppcpFundingSource = data.fundingSource;
+
+        const isFreeTrial = PayPalCommerceGateway.is_free_trial_cart;
+        if (isFreeTrial) {
+            freeTrialHandler.handle();
+            return actions.reject();
+        }
    };
    const onSmartButtonsInit = () => {
        buttonsSpinner.unblock();
@ -112,6 +122,7 @@ document.addEventListener(
            if (
                !['checkout', 'pay-now'].includes(PayPalCommerceGateway.context)
                || isChangePaymentPage()
+                || (PayPalCommerceGateway.is_free_trial_cart && vaulted_paypal_email !== '')
            ) {
                return;
            }
--- a/modules/ppcp-button/resources/js/modules/ActionHandler/FreeTrialHandler.js
+++ b/modules/ppcp-button/resources/js/modules/ActionHandler/FreeTrialHandler.js
@ -0,0 +1,39 @@
+import {PaymentMethods} from "../Helper/CheckoutMethodState";
+import errorHandler from "../ErrorHandler";
+
+class FreeTrialHandler {
+    constructor(
+        config,
+        spinner,
+        errorHandler
+    ) {
+        this.config = config;
+        this.spinner = spinner;
+        this.errorHandler = errorHandler;
+    }
+
+    handle()
+    {
+        this.spinner.block();
+
+        fetch(this.config.ajax.vault_paypal.endpoint, {
+            method: 'POST',
+            body: JSON.stringify({
+                nonce: this.config.ajax.vault_paypal.nonce,
+                return_url: location.href
+            }),
+        }).then(res => {
+            this.spinner.unblock()
+            return res.json();
+        }).then(data => {
+            if (!data.success) {
+                console.error(data);
+                this.errorHandler.message(data.data.message);
+                throw Error(data.data.message);
+            }
+
+            location.href = data.data.approve_link;
+        });
+    }
+}
+export default FreeTrialHandler;
--- a/modules/ppcp-button/resources/js/modules/ContextBootstrap/CheckoutBootstap.js
+++ b/modules/ppcp-button/resources/js/modules/ContextBootstrap/CheckoutBootstap.js
@ -86,13 +86,16 @@ class CheckoutBootstap {
        const isCard = currentPaymentMethod === PaymentMethods.CARDS;
        const isSavedCard = isCard && isSavedCardSelected();
        const isNotOurGateway = !isPaypal && !isCard;
+        const isFreeTrial = PayPalCommerceGateway.is_free_trial_cart;
+        const hasVaultedPaypal = PayPalCommerceGateway.vaulted_paypal_email !== '';

-        setVisible(this.standardOrderButtonSelector, isNotOurGateway || isSavedCard, true);
-        setVisible(this.gateway.button.wrapper, isPaypal);
-        setVisible(this.gateway.messages.wrapper, isPaypal);
+        setVisible(this.standardOrderButtonSelector,  (isPaypal && isFreeTrial && hasVaultedPaypal) || isNotOurGateway || isSavedCard, true);
+        setVisible('.ppcp-vaulted-paypal-details', isPaypal);
+        setVisible(this.gateway.button.wrapper, isPaypal && !(isFreeTrial && hasVaultedPaypal));
+        setVisible(this.gateway.messages.wrapper, isPaypal && !isFreeTrial);
        setVisible(this.gateway.hosted_fields.wrapper, isCard && !isSavedCard);

-        if (isPaypal) {
+        if (isPaypal && !isFreeTrial) {
            this.messages.render();
        }

--- a/modules/ppcp-button/services.php
+++ b/modules/ppcp-button/services.php
@ -18,6 +18,7 @@ use WooCommerce\PayPalCommerce\Button\Endpoint\ChangeCartEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\CreateOrderEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\DataClientIdEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\RequestData;
+use WooCommerce\PayPalCommerce\Button\Endpoint\StartPayPalVaultingEndpoint;
 use WooCommerce\PayPalCommerce\Button\Exception\RuntimeException;
 use WooCommerce\PayPalCommerce\Button\Helper\EarlyOrderHandler;
 use WooCommerce\PayPalCommerce\Button\Helper\MessagesApply;
@ -85,7 +86,8 @@ return array(
 			$environment,
 			$payment_token_repository,
 			$settings_status,
-			$currency
+			$currency,
+			$container->get( 'woocommerce.logger.woocommerce' )
 		);
 	},
 	'button.url'                        => static function ( ContainerInterface $container ): string {
@ -169,6 +171,13 @@ return array(
 			$logger
 		);
 	},
+	'button.endpoint.vault-paypal'      => static function( ContainerInterface $container ) : StartPayPalVaultingEndpoint {
+		return new StartPayPalVaultingEndpoint(
+			$container->get( 'button.request-data' ),
+			$container->get( 'api.endpoint.payment-token' ),
+			$container->get( 'woocommerce.logger.woocommerce' )
+		);
+	},
 	'button.helper.three-d-secure'      => static function ( ContainerInterface $container ): ThreeDSecure {
 		$logger = $container->get( 'woocommerce.logger.woocommerce' );
 		return new ThreeDSecure( $logger );
--- a/modules/ppcp-button/src/Assets/SmartButton.php
+++ b/modules/ppcp-button/src/Assets/SmartButton.php
@ -9,6 +9,9 @@ declare(strict_types=1);

 namespace WooCommerce\PayPalCommerce\Button\Assets;

+use Exception;
+use Psr\Log\LoggerInterface;
+use WooCommerce\PayPalCommerce\ApiClient\Entity\PaymentToken;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PayerFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Helper\DccApplies;
 use WooCommerce\PayPalCommerce\Button\Endpoint\ApproveOrderEndpoint;
@ -16,9 +19,11 @@ use WooCommerce\PayPalCommerce\Button\Endpoint\ChangeCartEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\CreateOrderEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\DataClientIdEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\RequestData;
+use WooCommerce\PayPalCommerce\Button\Endpoint\StartPayPalVaultingEndpoint;
 use WooCommerce\PayPalCommerce\Button\Helper\MessagesApply;
 use WooCommerce\PayPalCommerce\Onboarding\Environment;
 use WooCommerce\PayPalCommerce\Session\SessionHandler;
+use WooCommerce\PayPalCommerce\Subscription\FreeTrialHandlerTrait;
 use WooCommerce\PayPalCommerce\Subscription\Helper\SubscriptionHelper;
 use WooCommerce\PayPalCommerce\Vaulting\PaymentTokenRepository;
 use WooCommerce\PayPalCommerce\WcGateway\Gateway\CreditCardGateway;
@ -30,6 +35,8 @@ use WooCommerce\PayPalCommerce\WcGateway\Settings\Settings;
 */
 class SmartButton implements SmartButtonInterface {

+	use FreeTrialHandlerTrait;
+
 	/**
 	 * The Settings status helper.
 	 *
@ -128,6 +135,20 @@ class SmartButton implements SmartButtonInterface {
 	 */
 	private $currency;

+	/**
+	 * The logger.
+	 *
+	 * @var LoggerInterface
+	 */
+	private $logger;
+
+	/**
+	 * Cached payment tokens.
+	 *
+	 * @var PaymentToken[]|null
+	 */
+	private $payment_tokens = null;
+
 	/**
 	 * SmartButton constructor.
 	 *
@ -145,6 +166,7 @@ class SmartButton implements SmartButtonInterface {
 	 * @param PaymentTokenRepository $payment_token_repository The payment token repository.
 	 * @param SettingsStatus         $settings_status The Settings status helper.
 	 * @param string                 $currency 3-letter currency code of the shop.
+	 * @param LoggerInterface        $logger The logger.
 	 */
 	public function __construct(
 		string $module_url,
@ -160,7 +182,8 @@ class SmartButton implements SmartButtonInterface {
 		Environment $environment,
 		PaymentTokenRepository $payment_token_repository,
 		SettingsStatus $settings_status,
-		string $currency
+		string $currency,
+		LoggerInterface $logger
 	) {

 		$this->module_url               = $module_url;
@ -177,6 +200,7 @@ class SmartButton implements SmartButtonInterface {
 		$this->payment_token_repository = $payment_token_repository;
 		$this->settings_status          = $settings_status;
 		$this->currency                 = $currency;
+		$this->logger                   = $logger;
 	}

 	/**
@ -262,6 +286,38 @@ class SmartButton implements SmartButtonInterface {
 				2
 			);
 		}
+
+		if ( $this->is_free_trial_cart() ) {
+			add_action(
+				'woocommerce_review_order_after_submit',
+				function () {
+					$vaulted_email = $this->get_vaulted_paypal_email();
+					if ( ! $vaulted_email ) {
+						return;
+					}
+
+					?>
+					<div class="ppcp-vaulted-paypal-details">
+						<?php
+						echo wp_kses_post(
+							sprintf(
+							// translators: %1$s - email, %2$s, %3$s - HTML tags for a link.
+								esc_html__(
+									'Using %2$s%1$s%3$s PayPal.',
+									'woocommerce-paypal-payments'
+								),
+								$vaulted_email,
+								'<b>',
+								'</b>'
+							)
+						);
+						?>
+					</div>
+					<?php
+				}
+			);
+		}
+
 		return true;
 	}

@ -671,6 +727,8 @@ class SmartButton implements SmartButtonInterface {
 	private function localize_script(): array {
 		global $wp;

+		$is_free_trial_cart = $this->is_free_trial_cart();
+
 		$this->request_data->enqueue_nonce_fix();
 		$localize = array(
 			'script_attributes'              => $this->attributes(),
@ -696,9 +754,15 @@ class SmartButton implements SmartButtonInterface {
 					'endpoint' => \WC_AJAX::get_endpoint( ApproveOrderEndpoint::ENDPOINT ),
 					'nonce'    => wp_create_nonce( ApproveOrderEndpoint::nonce() ),
 				),
+				'vault_paypal'  => array(
+					'endpoint' => \WC_AJAX::get_endpoint( StartPayPalVaultingEndpoint::ENDPOINT ),
+					'nonce'    => wp_create_nonce( StartPayPalVaultingEndpoint::nonce() ),
+				),
 			),
 			'enforce_vault'                  => $this->has_subscriptions(),
 			'can_save_vault_token'           => $this->can_save_vault_token(),
+			'is_free_trial_cart'             => $is_free_trial_cart,
+			'vaulted_paypal_email'           => ( is_checkout() && $is_free_trial_cart ) ? $this->get_vaulted_paypal_email() : '',
 			'bn_codes'                       => $this->bn_codes(),
 			'payer'                          => $this->payerData(),
 			'button'                         => array(
@ -1126,4 +1190,37 @@ class SmartButton implements SmartButtonInterface {
        // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison
 		return WC()->cart->get_cart_contents_total() == 0;
 	}
+
+	/**
+	 * Retrieves all payment tokens for the user, via API or cached if already queried.
+	 *
+	 * @return PaymentToken[]
+	 */
+	private function get_payment_tokens(): array {
+		if ( null === $this->payment_tokens ) {
+			$this->payment_tokens = $this->payment_token_repository->all_for_user_id( get_current_user_id() );
+		}
+
+		return $this->payment_tokens;
+	}
+
+	/**
+	 * Returns the vaulted PayPal email or empty string.
+	 *
+	 * @return string
+	 */
+	private function get_vaulted_paypal_email(): string {
+		try {
+			$tokens = $this->get_payment_tokens();
+
+			foreach ( $tokens as $token ) {
+				if ( isset( $token->source()->paypal ) ) {
+					return $token->source()->paypal->payer->email_address;
+				}
+			}
+		} catch ( Exception $exception ) {
+			$this->logger->error( 'Failed to get PayPal vaulted email. ' . $exception->getMessage() );
+		}
+		return '';
+	}
 }
--- a/modules/ppcp-button/src/ButtonModule.php
+++ b/modules/ppcp-button/src/ButtonModule.php
@ -16,6 +16,7 @@ use WooCommerce\PayPalCommerce\Button\Endpoint\ApproveOrderEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\ChangeCartEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\CreateOrderEndpoint;
 use WooCommerce\PayPalCommerce\Button\Endpoint\DataClientIdEndpoint;
+use WooCommerce\PayPalCommerce\Button\Endpoint\StartPayPalVaultingEndpoint;
 use WooCommerce\PayPalCommerce\Button\Helper\EarlyOrderHandler;
 use Interop\Container\ServiceProviderInterface;
 use Psr\Container\ContainerInterface;
@ -107,6 +108,15 @@ class ButtonModule implements ModuleInterface {
 				$endpoint->handle_request();
 			}
 		);
+		add_action(
+			'wc_ajax_' . StartPayPalVaultingEndpoint::ENDPOINT,
+			static function () use ( $container ) {
+				$endpoint = $container->get( 'button.endpoint.vault-paypal' );
+				assert( $endpoint instanceof StartPayPalVaultingEndpoint );
+
+				$endpoint->handle_request();
+			}
+		);

 		add_action(
 			'wc_ajax_' . ChangeCartEndpoint::ENDPOINT,
--- a/modules/ppcp-button/src/Endpoint/StartPayPalVaultingEndpoint.php
+++ b/modules/ppcp-button/src/Endpoint/StartPayPalVaultingEndpoint.php
@ -0,0 +1,110 @@
+<?php
+/**
+ * The endpoint for starting vaulting of PayPal account (for free trial).
+ *
+ * @package WooCommerce\PayPalCommerce\Button\Endpoint
+ */
+
+declare(strict_types=1);
+
+namespace WooCommerce\PayPalCommerce\Button\Endpoint;
+
+use Exception;
+use Psr\Log\LoggerInterface;
+use WooCommerce\PayPalCommerce\ApiClient\Endpoint\PaymentTokenEndpoint;
+use WooCommerce\PayPalCommerce\ApiClient\Exception\PayPalApiException;
+
+/**
+ * Class StartPayPalVaultingEndpoint.
+ */
+class StartPayPalVaultingEndpoint implements EndpointInterface {
+
+
+	const ENDPOINT = 'ppc-vault-paypal';
+
+	/**
+	 * The Request Data Helper.
+	 *
+	 * @var RequestData
+	 */
+	private $request_data;
+
+	/**
+	 * The PaymentTokenEndpoint.
+	 *
+	 * @var PaymentTokenEndpoint
+	 */
+	private $payment_token_endpoint;
+
+	/**
+	 * The logger.
+	 *
+	 * @var LoggerInterface
+	 */
+	private $logger;
+
+	/**
+	 * StartPayPalVaultingEndpoint constructor.
+	 *
+	 * @param RequestData          $request_data The Request Data Helper.
+	 * @param PaymentTokenEndpoint $payment_token_endpoint The PaymentTokenEndpoint.
+	 * @param LoggerInterface      $logger The logger.
+	 */
+	public function __construct(
+		RequestData $request_data,
+		PaymentTokenEndpoint $payment_token_endpoint,
+		LoggerInterface $logger
+	) {
+		$this->request_data           = $request_data;
+		$this->payment_token_endpoint = $payment_token_endpoint;
+		$this->logger                 = $logger;
+	}
+
+	/**
+	 * Returns the nonce.
+	 *
+	 * @return string
+	 */
+	public static function nonce(): string {
+		return self::ENDPOINT;
+	}
+
+	/**
+	 * Handles the request.
+	 *
+	 * @return bool
+	 */
+	public function handle_request(): bool {
+		try {
+			$data = $this->request_data->read_request( $this->nonce() );
+
+			$user_id = get_current_user_id();
+
+			$return_url = $data['return_url'];
+
+			$links = $this->payment_token_endpoint->start_paypal_token_creation(
+				$user_id,
+				$return_url,
+				$return_url
+			);
+
+			wp_send_json_success(
+				array(
+					'approve_link' => $links->approve_link(),
+				)
+			);
+
+			return true;
+		} catch ( Exception $error ) {
+			$this->logger->error( 'Failed to start PayPal vaulting: ' . $error->getMessage() );
+
+			wp_send_json_error(
+				array(
+					'name'    => is_a( $error, PayPalApiException::class ) ? $error->name() : '',
+					'message' => $error->getMessage(),
+				)
+			);
+			return false;
+		}
+	}
+}
--- a/modules/ppcp-subscription/src/FreeTrialHandlerTrait.php
+++ b/modules/ppcp-subscription/src/FreeTrialHandlerTrait.php
@ -48,6 +48,23 @@ trait FreeTrialHandlerTrait {
 		return false;
 	}

+	/**
+	 * Checks if the current product contains free trial.
+	 *
+	 * @return bool
+	 */
+	protected function is_free_trial_product(): bool {
+		if ( ! $this->is_wcs_plugin_active() ) {
+			return false;
+		}
+
+		$product = wc_get_product();
+
+		return $product
+			&& WC_Subscriptions_Product::is_subscription( $product )
+			&& WC_Subscriptions_Product::get_trial_length( $product ) > 0;
+	}
+
 	/**
 	 * Checks if the given order contains only free trial.
 	 *
--- a/modules/ppcp-vaulting/services.php
+++ b/modules/ppcp-vaulting/services.php
@ -14,34 +14,34 @@ use WooCommerce\PayPalCommerce\Vaulting\Assets\MyAccountPaymentsAssets;
 use WooCommerce\PayPalCommerce\Vaulting\Endpoint\DeletePaymentTokenEndpoint;

 return array(
-	'vaulting.module-url'                => static function ( ContainerInterface $container ): string {
+	'vaulting.module-url'                 => static function ( ContainerInterface $container ): string {
 		return plugins_url(
 			'/modules/ppcp-vaulting/',
 			dirname( realpath( __FILE__ ), 3 ) . '/woocommerce-paypal-payments.php'
 		);
 	},
-	'vaulting.assets.myaccount-payments' => function( ContainerInterface $container ) : MyAccountPaymentsAssets {
+	'vaulting.assets.myaccount-payments'  => function( ContainerInterface $container ) : MyAccountPaymentsAssets {
 		return new MyAccountPaymentsAssets(
 			$container->get( 'vaulting.module-url' ),
 			$container->get( 'ppcp.asset-version' )
 		);
 	},
-	'vaulting.payment-tokens-renderer'   => static function (): PaymentTokensRenderer {
+	'vaulting.payment-tokens-renderer'    => static function (): PaymentTokensRenderer {
 		return new PaymentTokensRenderer();
 	},
-	'vaulting.repository.payment-token'  => static function ( ContainerInterface $container ): PaymentTokenRepository {
+	'vaulting.repository.payment-token'   => static function ( ContainerInterface $container ): PaymentTokenRepository {
 		$factory  = $container->get( 'api.factory.payment-token' );
 		$endpoint = $container->get( 'api.endpoint.payment-token' );
 		return new PaymentTokenRepository( $factory, $endpoint );
 	},
-	'vaulting.endpoint.delete'           => function( ContainerInterface $container ) : DeletePaymentTokenEndpoint {
+	'vaulting.endpoint.delete'            => function( ContainerInterface $container ) : DeletePaymentTokenEndpoint {
 		return new DeletePaymentTokenEndpoint(
 			$container->get( 'vaulting.repository.payment-token' ),
 			$container->get( 'button.request-data' ),
 			$container->get( 'woocommerce.logger.woocommerce' )
 		);
 	},
-	'vaulting.payment-token-checker'     => function( ContainerInterface $container ) : PaymentTokenChecker {
+	'vaulting.payment-token-checker'      => function( ContainerInterface $container ) : PaymentTokenChecker {
 		return new PaymentTokenChecker(
 			$container->get( 'vaulting.repository.payment-token' ),
 			$container->get( 'api.repository.order' ),
@ -51,4 +51,10 @@ return array(
 			$container->get( 'woocommerce.logger.woocommerce' )
 		);
 	},
+	'vaulting.customer-approval-listener' => function( ContainerInterface $container ) : CustomerApprovalListener {
+		return new CustomerApprovalListener(
+			$container->get( 'api.endpoint.payment-token' ),
+			$container->get( 'woocommerce.logger.woocommerce' )
+		);
+	},
 );
--- a/modules/ppcp-vaulting/src/CustomerApprovalListener.php
+++ b/modules/ppcp-vaulting/src/CustomerApprovalListener.php
@ -0,0 +1,66 @@
+<?php
+/**
+ * Confirm approval token after the PayPal vaulting approval by customer (v2/vault/payment-tokens with CUSTOMER_ACTION_REQUIRED response).
+ *
+ * @package WooCommerce\PayPalCommerce\Vaulting
+ */
+
+declare(strict_types=1);
+
+namespace WooCommerce\PayPalCommerce\Vaulting;
+
+use Exception;
+use Psr\Log\LoggerInterface;
+use WooCommerce\PayPalCommerce\ApiClient\Endpoint\PaymentTokenEndpoint;
+use WooCommerce\PayPalCommerce\Subscription\FreeTrialHandlerTrait;
+
+/**
+ * Class CustomerApprovalListener
+ */
+class CustomerApprovalListener {
+
+	use FreeTrialHandlerTrait;
+
+	/**
+	 * The PaymentTokenEndpoint.
+	 *
+	 * @var PaymentTokenEndpoint
+	 */
+	private $payment_token_endpoint;
+
+	/**
+	 * The logger.
+	 *
+	 * @var LoggerInterface
+	 */
+	private $logger;
+
+	/**
+	 * CustomerApprovalListener constructor.
+	 *
+	 * @param PaymentTokenEndpoint $payment_token_endpoint The PaymentTokenEndpoint.
+	 * @param LoggerInterface      $logger The logger.
+	 */
+	public function __construct( PaymentTokenEndpoint $payment_token_endpoint, LoggerInterface $logger ) {
+		$this->payment_token_endpoint = $payment_token_endpoint;
+		$this->logger                 = $logger;
+	}
+
+	/**
+	 * Listens for redirects after the PayPal vaulting approval by customer.
+	 *
+	 * @return void
+	 */
+	public function listen(): void {
+		$token = filter_input( INPUT_GET, 'approval_token_id', FILTER_SANITIZE_STRING );
+		if ( ! is_string( $token ) ) {
+			return;
+		}
+
+		try {
+			$this->payment_token_endpoint->create_from_approval_token( $token, get_current_user_id() );
+		} catch ( Exception $exception ) {
+			$this->logger->error( 'Failed to create payment token. ' . $exception->getMessage() );
+		}
+	}
+}
--- a/modules/ppcp-vaulting/src/VaultingModule.php
+++ b/modules/ppcp-vaulting/src/VaultingModule.php
@ -43,6 +43,11 @@ class VaultingModule implements ModuleInterface {
 			return;
 		}

+		$listener = $container->get( 'vaulting.customer-approval-listener' );
+		assert( $listener instanceof CustomerApprovalListener );
+
+		$listener->listen();
+
 		add_filter(
 			'woocommerce_account_menu_items',
 			function( $menu_links ) {
--- a/modules/ppcp-wc-gateway/src/Gateway/ProcessPaymentTrait.php
+++ b/modules/ppcp-wc-gateway/src/Gateway/ProcessPaymentTrait.php
@ -11,6 +11,7 @@ namespace WooCommerce\PayPalCommerce\WcGateway\Gateway;

 use Exception;
 use WooCommerce\PayPalCommerce\ApiClient\Entity\OrderStatus;
+use WooCommerce\PayPalCommerce\ApiClient\Entity\PaymentToken;
 use WooCommerce\PayPalCommerce\ApiClient\Exception\PayPalApiException;
 use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
 use WooCommerce\PayPalCommerce\Onboarding\Environment;
@ -134,6 +135,28 @@ trait ProcessPaymentTrait {
 			}
 		}

+		if ( PayPalGateway::ID === $payment_method && $this->is_free_trial_order( $wc_order ) ) {
+			$user_id = (int) $wc_order->get_customer_id();
+			$tokens  = $this->payment_token_repository->all_for_user_id( $user_id );
+			if ( ! array_filter(
+				$tokens,
+				function ( PaymentToken $token ): bool {
+					return isset( $token->source()->paypal );
+				}
+			) ) {
+				$this->handle_failure( $wc_order, new Exception( 'No saved PayPal account.' ) );
+				return null;
+			}
+
+			$wc_order->payment_complete();
+
+			$this->session_handler->destroy_session_data();
+			return array(
+				'result'   => 'success',
+				'redirect' => $this->get_return_url( $wc_order ),
+			);
+		}
+
 		/**
 		 * If customer has chosen change Subscription payment.
 		 */
--- a/tests/PHPUnit/ApiClient/Endpoint/PaymentTokenEndpointTest.php
+++ b/tests/PHPUnit/ApiClient/Endpoint/PaymentTokenEndpointTest.php
@ -10,10 +10,12 @@ use WooCommerce\PayPalCommerce\ApiClient\Entity\PaymentToken;
 use WooCommerce\PayPalCommerce\ApiClient\Entity\Token;
 use WooCommerce\PayPalCommerce\ApiClient\Exception\PayPalApiException;
 use WooCommerce\PayPalCommerce\ApiClient\Exception\RuntimeException;
+use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentTokenActionLinksFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Factory\PaymentTokenFactory;
 use WooCommerce\PayPalCommerce\ApiClient\Repository\CustomerRepository;
 use Mockery;
 use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration;
+use WooCommerce\PayPalCommerce\ApiClient\Repository\PayPalRequestIdRepository;
 use WooCommerce\PayPalCommerce\TestCase;
 use function Brain\Monkey\Functions\expect;

@ -24,8 +26,9 @@ class PaymentTokenEndpointTest extends TestCase
    private $host;
    private $bearer;
    private $factory;
-    private $logger;
+	private $payment_token_action_links_factory;
    private $customer_repository;
+	private $request_id_repository;
    private $sut;

    public function setUp(): void
@ -35,14 +38,18 @@ class PaymentTokenEndpointTest extends TestCase
        $this->host = 'https://example.com/';
        $this->bearer = Mockery::mock(Bearer::class);
        $this->factory = Mockery::mock(PaymentTokenFactory::class);
+        $this->payment_token_action_links_factory = Mockery::mock(PaymentTokenActionLinksFactory::class);
        $this->logger = Mockery::mock(LoggerInterface::class);
        $this->customer_repository = Mockery::mock(CustomerRepository::class);
+        $this->request_id_repository = Mockery::mock(PayPalRequestIdRepository::class);
        $this->sut = new PaymentTokenEndpoint(
            $this->host,
            $this->bearer,
            $this->factory,
+			$this->payment_token_action_links_factory,
            $this->logger,
-			$this->customer_repository
+			$this->customer_repository,
+			$this->request_id_repository
        );
    }