LYNX-598: Modify guest order token generation to use lastname instead of postcode

Author: deepak-soni1

app/code/Magento/OrderCancellationGraphQl/Model/Resolver/RequestGuestOrderCancel.php

@@ -56,10 +56,10 @@ public function resolve(
         ?array $args = null
     ) {
         $this->validateRequest->validateInput($args['input'] ?? []);
-        list($number, $email, $postcode) = $this->getNumberEmailPostcode($args['input']['token']);
+        list($number, $email, $lastname) = $this->getNumberEmailLastname($args['input']['token']);
 
         $order = $this->getOrder($number);
-        $this->validateRequest->validateOrderDetails($order, $postcode, $email);
+        $this->validateRequest->validateOrderDetails($order, $lastname, $email);
 
         $errors = $this->validateOrder->execute($order);
         if ($errors) {
@@ -93,13 +93,13 @@ private function getOrder(string $number): OrderInterface
     }
 
     /**
-     * Retrieve number, email and postcode from token
+     * Retrieve number, email and lastname from token
      *
      * @param string $token
      * @return array
      * @throws GraphQlNoSuchEntityException
      */
-    private function getNumberEmailPostcode(string $token): array
+    private function getNumberEmailLastname(string $token): array
     {
         $data = $this->token->decrypt($token);
         if (count($data) !== 3) {

app/code/Magento/OrderCancellationGraphQl/Model/Validator/ValidateGuestRequest.php

@@ -59,17 +59,17 @@ public function validateInput(mixed $input): void
      * Ensure the order matches the provided criteria
      *
      * @param OrderInterface $order
-     * @param string $postcode
+     * @param string $lastname
      * @param string $email
      * @return void
      * @throws GraphQlAuthorizationException
      * @throws GraphQlNoSuchEntityException
      */
-    public function validateOrderDetails(OrderInterface $order, string $postcode, string $email): void
+    public function validateOrderDetails(OrderInterface $order, string $lastname, string $email): void
     {
         $billingAddress = $order->getBillingAddress();
 
-        if ($billingAddress->getPostcode() !== $postcode || $billingAddress->getEmail() !== $email) {
+        if ($billingAddress->getLastname() !== $lastname || $billingAddress->getEmail() !== $email) {
             $this->cannotLocateOrder();
         }
 

app/code/Magento/SalesGraphQl/Model/Resolver/GuestOrder.php

@@ -20,7 +20,7 @@
 use Magento\Store\Model\StoreManagerInterface;
 
 /**
- * Retrieve guest order based
+ * Retrieve guest order details
  */
 class GuestOrder implements ResolverInterface
 {
@@ -50,9 +50,9 @@ public function resolve(
         ?array $value = null,
         ?array $args = null
     ) {
-        list($number, $email, $postcode) = $this->getNumberEmailPostcode($args['input'] ?? []);
+        list($number, $email, $lastname) = $this->getNumberEmailLastname($args['input'] ?? []);
         $order = $this->getOrder($number);
-        $this->validateOrder($order, $postcode, $email);
+        $this->validateOrder($order, $lastname, $email);
         return $this->orderFormatter->format($order);
     }
 
@@ -82,35 +82,32 @@ private function getOrder(string $number): OrderInterface
      * Ensure the order matches the provided criteria
      *
      * @param OrderInterface $order
-     * @param string $postcode
+     * @param string $lastname
      * @param string $email
      * @return void
      * @throws GraphQlAuthorizationException
      * @throws GraphQlNoSuchEntityException
      */
-    private function validateOrder(OrderInterface $order, string $postcode, string $email): void
+    private function validateOrder(OrderInterface $order, string $lastname, string $email): void
     {
-        if ($order->getBillingAddress()->getPostcode() !== $postcode) {
-            $this->cannotLocateOrder();
-        }
-
-        if ($order->getBillingAddress()->getEmail() !== $email) {
+        $billingAddress = $order->getBillingAddress();
+        if ($billingAddress->getLastname() !== $lastname || $billingAddress->getEmail() !== $email) {
             $this->cannotLocateOrder();
         }
 
         if ($order->getCustomerId()) {
-            $this->customerHasToLogin();
+            throw new GraphQlAuthorizationException(__('Please login to view the order.'));
         }
     }
 
     /**
-     * Retrieve number, email and postcode from input
+     * Retrieve order number, email, and lastname from input
      *
      * @param array $input
      * @return array
      * @throws GraphQlNoSuchEntityException
      */
-    private function getNumberEmailPostcode(array $input): array
+    private function getNumberEmailLastname(array $input): array
     {
         if (isset($input['token'])) {
             $data = $this->token->decrypt($input['token']);
@@ -119,10 +116,10 @@ private function getNumberEmailPostcode(array $input): array
             }
             return $data;
         }
-        if (!isset($input['number']) || !isset($input['email']) || !isset($input['postcode'])) {
+        if (!isset($input['number']) || !isset($input['email']) || !isset($input['lastname'])) {
             $this->cannotLocateOrder();
         }
-        return [$input['number'], $input['email'], $input['postcode']];
+        return [$input['number'], $input['email'], $input['lastname']];
     }
 
     /**
@@ -135,15 +132,4 @@ private function cannotLocateOrder(): void
     {
         throw new GraphQlNoSuchEntityException(__('We couldn\'t locate an order with the information provided.'));
     }
-
-    /**
-     * Throw exception when the guest checkout is not enabled or order is customer order
-     *
-     * @return void
-     * @throws GraphQlAuthorizationException
-     */
-    private function customerHasToLogin(): void
-    {
-        throw new GraphQlAuthorizationException(__('Please login to view the order.'));
-    }
 }

app/code/Magento/SalesGraphQl/Model/Resolver/Token.php

@@ -12,6 +12,7 @@
 use Magento\Framework\GraphQl\Query\ResolverInterface;
 use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
 use Magento\Sales\Api\Data\OrderInterface;
+use Magento\SalesGraphQl\Model\Order\Token as OrderToken;
 
 /**
  * Retrieve order token
@@ -22,7 +23,7 @@ class Token implements ResolverInterface
      * @param Token $token
      */
     public function __construct(
-        private readonly \Magento\SalesGraphQl\Model\Order\Token $token
+        private readonly OrderToken $token
     ) {
     }
 
@@ -44,7 +45,7 @@ public function resolve(
         return $this->token->encrypt(
             $order->getIncrementId(),
             $order->getBillingAddress()->getEmail(),
-            $order->getBillingAddress()->getPostcode()
+            $order->getBillingAddress()->getLastname()
         );
     }
 }

app/code/Magento/SalesGraphQl/etc/schema.graphqls

@@ -3,7 +3,7 @@
 
 type Query {
     customerOrders: CustomerOrders @resolver(class: "Magento\\SalesGraphQl\\Model\\Resolver\\Orders") @deprecated(reason: "Use the `customer` query instead.") @cache(cacheable: false)
-    guestOrder(input: OrderInformationInput!): CustomerOrder! @doc(description:"Retrieve guest order details based on number, email and postcode.") @resolver(class: "Magento\\SalesGraphQl\\Model\\Resolver\\GuestOrder") @cache(cacheable: false)
+    guestOrder(input: OrderInformationInput!): CustomerOrder! @doc(description:"Retrieve guest order details based on number, email and billing last name.") @resolver(class: "Magento\\SalesGraphQl\\Model\\Resolver\\GuestOrder") @cache(cacheable: false)
     guestOrderByToken(input: OrderTokenInput!): CustomerOrder! @doc(description:"Retrieve guest order details based on token.") @resolver(class: "Magento\\SalesGraphQl\\Model\\Resolver\\GuestOrder") @cache(cacheable: false)
 }
 
@@ -310,7 +310,7 @@ input OrderTokenInput @doc(description: "Input to retrieve an order based on tok
 input OrderInformationInput @doc(description: "Input to retrieve an order based on details.") {
     number: String! @doc(description: "Order number.")
     email: String! @doc(description: "Order billing address email.")
-    postcode: String! @doc(description: "Order billing address postcode.")
+    lastname: String! @doc(description: "Order billing address lastname.")
 }
 
 enum OrderActionType @doc(description: "The list of available order actions.") {

dev/tests/api-functional/testsuite/Magento/GraphQl/OrderCancellation/CancelGuestOrderTest.php

@@ -467,14 +467,14 @@ private function getOrderToken(OrderInterface $order): string
         return Bootstrap::getObjectManager()->create(Token::class)->encrypt(
             $order->getIncrementId(),
             $order->getBillingAddress()->getEmail(),
-            $order->getBillingAddress()->getPostcode()
+            $order->getBillingAddress()->getLastname()
         );
     }
 
     /**
      * @return array[]
      */
-    public function orderStatusProvider(): array
+    public static function orderStatusProvider(): array
     {
         return [
             'On Hold status' => [

dev/tests/api-functional/testsuite/Magento/GraphQl/Sales/GuestOrderByTokenTest.php

@@ -137,7 +137,7 @@ public function testCustomerOrder(): void
                 '%token' => Bootstrap::getObjectManager()->get(Token::class)->encrypt(
                     $order->getIncrementId(),
                     $order->getBillingAddress()->getEmail(),
-                    $order->getBillingAddress()->getPostcode()
+                    $order->getBillingAddress()->getLastname()
                 )
             ]
         );

dev/tests/api-functional/testsuite/Magento/GraphQl/Sales/GuestOrderTest.php

@@ -33,7 +33,7 @@ class GuestOrderTest extends GraphQlAbstract
   guestOrder(input: {
       number: "%number",
       email: "%email",
-      postcode: "%postcode"
+      lastname: "%lastname"
   }) {
     number
     email
@@ -65,7 +65,7 @@ public function testGuestOrder(): void
             [
                 '%number' => $order->getIncrementId(),
                 '%email' => $order->getBillingAddress()->getEmail(),
-                '%postcode' => $order->getBillingAddress()->getPostcode(),
+                '%lastname' => $order->getBillingAddress()->getLastname(),
             ]
         );
         $response = $this->graphQlQuery($query);
@@ -106,7 +106,7 @@ public function testCustomerOrder(): void
             [
                 '%number' => $order->getIncrementId(),
                 '%email' => $order->getBillingAddress()->getEmail(),
-                '%postcode' => $order->getBillingAddress()->getPostcode(),
+                '%lastname' => $order->getBillingAddress()->getLastname(),
             ]
         );
         $this->graphQlQuery($query);
@@ -133,7 +133,7 @@ public function testGuestOrderIncorrectEmail(): void
             [
                 '%number' => $order->getIncrementId(),
                 '%email' => 'incorrect' . $order->getBillingAddress()->getEmail(),
-                '%postcode' => $order->getBillingAddress()->getPostcode(),
+                '%lastname' => $order->getBillingAddress()->getLastname(),
             ]
         );
         $this->graphQlQuery($query);

dev/tests/api-functional/testsuite/Magento/GraphQl/Sales/OrderItemPricesTest.php

@@ -112,7 +112,7 @@ public function testOrderItemPricesWithSpecialPriceAndTax(): void
             $this->getQuery(
                 $order->getIncrementId(),
                 $order->getBillingAddress()->getEmail(),
-                $order->getBillingAddress()->getPostcode()
+                $order->getBillingAddress()->getLastname()
             )
         );
 
@@ -170,7 +170,7 @@ public function testOrderItemPricesWithoutSpecialPriceAndTax(): void
             $this->getQuery(
                 $order->getIncrementId(),
                 $order->getBillingAddress()->getEmail(),
-                $order->getBillingAddress()->getPostcode()
+                $order->getBillingAddress()->getLastname()
             )
         );
 
@@ -192,17 +192,17 @@ public function testOrderItemPricesWithoutSpecialPriceAndTax(): void
      *
      * @param string $number
      * @param string $email
-     * @param string $postcode
+     * @param string $lastname
      * @return string
      */
-    private function getQuery(string $number, string $email, string $postcode): string
+    private function getQuery(string $number, string $email, string $lastname): string
     {
         return <<<QUERY
 {
   guestOrder(input: {
       number: "{$number}",
       email: "{$email}",
-      postcode: "{$postcode}"
+      lastname: "{$lastname}"
   }) {
     items {
       prices {

dev/tests/api-functional/testsuite/Magento/GraphQl/Sales/OrderStatusChangeDateTest.php

@@ -83,7 +83,7 @@ private function assertOrderStatusChangeDate(OrderInterface $order, string $stat
         $updatedGuestOrder = $this->graphQlMutation($this->getQuery(
             $order->getIncrementId(),
             $order->getBillingAddress()->getEmail(),
-            $order->getBillingAddress()->getPostcode()
+            $order->getBillingAddress()->getLastname()
         ));
         self::assertEquals(
             self::STATUS_MAPPER[$status],
@@ -100,17 +100,17 @@ private function assertOrderStatusChangeDate(OrderInterface $order, string $stat
      *
      * @param string $number
      * @param string $email
-     * @param string $postcode
+     * @param string $lastname
      * @return string
      */
-    private function getQuery(string $number, string $email, string $postcode): string
+    private function getQuery(string $number, string $email, string $lastname): string
     {
         return <<<QUERY
 {
   guestOrder(input: {
     number: "{$number}",
     email: "{$email}",
-    postcode: "{$postcode}"
+    lastname: "{$lastname}"
   }) {
     created_at
     status