Skip to content

Added functionality to validate Paysera Delivery API credentials (project_id and password) for use during initial setup or configuration changes#4

Closed
alexleopnet wants to merge 1 commit into
paysera:mainfrom
alexleopnet:project_credentials_validation
Closed

Added functionality to validate Paysera Delivery API credentials (project_id and password) for use during initial setup or configuration changes#4
alexleopnet wants to merge 1 commit into
paysera:mainfrom
alexleopnet:project_credentials_validation

Conversation

@alexleopnet

Copy link
Copy Markdown
Contributor

What's Changed

New Features

  • validateCredentials() method in DeliveryFacade for credential validation
  • ✅ Public getPublicMerchantClient() method for unauthenticated requests
  • ✅ New CredentialsValidationException exception class for error handling
  • ✅ Rate limiting support (HTTP 429) with proper error handling

Documentation

  • 📚 Comprehensive documentation in docs/VALIDATING_CREDENTIALS.md:
    • Usage examples in configuration forms
    • Setup wizard examples
    • Handling different response types (valid/invalid/rate limit)
    • Architectural flow description
    • Best practices and security notes

Technical Implementation

Code Changes:

  • DeliveryFacade.php - added entry point validateCredentials() method
  • DeliveryOrderService.php - business logic with logging
  • DeliveryApiClient.php - error handling
  • DeliveryOrderApiClient.php - API communication
  • MerchantClientProvider.php - new public client without MAC authentication
  • CredentialsValidationException.php - new exception class
  • BaseException.php - added E_CREDENTIALS_VALIDATION_FAILED constant

Tests:

  • DeliveryFacadeTest.php - tests for facade layer
  • DeliveryOrderServiceTest.php - tests for service layer
  • DeliveryApiClientTest.php - tests for api client
  • DeliveryOrderApiClientTest.php - tests for order api client
  • MerchantClientProviderTest.php - tests for public client

Dependencies:

  • Updated paysera/lib-delivery-api-merchant-client to dev-master with validateProjectCredentials() support

How It Works

The validation uses a public (unauthenticated) API endpoint /rest/v1/projects/validate-credentials:

  • HTTP 204 - credentials are valid
  • HTTP 401 - credentials are invalid
  • HTTP 429 - rate limit exceeded

Usage Example

try {
    $isValid = $deliveryFacade->validateCredentials($projectId, $password);

    if ($isValid) {
        // Save credentials and continue
    } else {
        // Show error: invalid credentials
    }
} catch (CredentialsValidationException $exception) {
    // Handle rate limit or connection errors
}

Important Notes

⚠️ Purpose: This method is intended only for one-time validation during setup. DO NOT use before regular operations (creating orders, etc.)

🔒 Security: Validation is performed server-side, without MAC authentication for the public endpoint

📝 Logging: All validation attempts (successful and failed) are logged via DeliveryLoggerInterface

Comment thread composer.json Outdated
"require": {
"php": ">=7.4",
"paysera/lib-delivery-api-merchant-client": "^1.2",
"paysera/lib-delivery-api-merchant-client": "dev-master",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not good, it should be a stable version

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change is temporary and for testing purposes only. I will revert it back after the pull request has been tested.

Comment thread composer.json Outdated
"repositories": [
{
"type": "vcs",
"url": "https://github.com/alexleopnet/lib-delivery-api-merchant-client.git"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is also not okay when an official package has a dependency on the employee's own repos

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change is temporary and for testing purposes only. I will revert it back after the pull request has been tested.

Comment thread composer.json Outdated
},
"prefer-stable": true,
"minimum-stability": "stable"
"minimum-stability": "dev"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change is temporary and for testing purposes only. I will revert it back after the pull request has been tested.

);

throw $exception;
} catch (ClientException $exception) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Too many responsibilities for one method. Move the whole block to a private method

* @throws RateLimitExceededException
* @throws MerchantClientNotFoundException
*/
public function validateCredentials(ProjectCredentials $credentials): bool

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's refactor this method: move each logger call into its own private method. It'll look much comprehensive

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants