magento
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml
Lines changed: 5 additions & 0 deletions b/‎app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml
Lines changed: 5 additions & 0 deletions
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/etc/di.xml
Lines changed: 2 additions & 0 deletions b/‎app/code/Magento/AuthorizenetAcceptjs/etc/di.xml
Lines changed: 2 additions & 0 deletions
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/view/frontend/web/template/payment/authorizenet-acceptjs.html
Lines changed: 1 addition & 0 deletions b/‎app/code/Magento/AuthorizenetAcceptjs/view/frontend/web/template/payment/authorizenet-acceptjs.html
Lines changed: 1 addition & 0 deletions
diff --git a/‎app/code/Magento/AuthorizenetCardinal/Gateway/Request/Authorize3DSecureBuilder.php
Lines changed: 4 additions & 4 deletions b/‎app/code/Magento/AuthorizenetCardinal/Gateway/Request/Authorize3DSecureBuilder.php
Lines changed: 4 additions & 4 deletions
diff --git a/‎app/code/Magento/AuthorizenetCardinal/Gateway/Validator/CavvResponseValidator.php
Lines changed: 83 additions & 0 deletions b/‎app/code/Magento/AuthorizenetCardinal/Gateway/Validator/CavvResponseValidator.php
Lines changed: 83 additions & 0 deletions
diff --git a/‎app/code/Magento/AuthorizenetCardinal/etc/di.xml
Lines changed: 16 additions & 0 deletions b/‎app/code/Magento/AuthorizenetCardinal/etc/di.xml
Lines changed: 16 additions & 0 deletions
diff --git a/‎app/code/Magento/AuthorizenetCardinal/view/frontend/web/js/authorizenet-accept-mixin.js
Lines changed: 2 additions & 0 deletions b/‎app/code/Magento/AuthorizenetCardinal/view/frontend/web/js/authorizenet-accept-mixin.js
Lines changed: 2 additions & 0 deletions
diff --git a/‎app/code/Magento/Braintree/view/frontend/requirejs-config.js
Lines changed: 5 additions & 5 deletions b/‎app/code/Magento/Braintree/view/frontend/requirejs-config.js
Lines changed: 5 additions & 5 deletions
diff --git a/‎app/code/Magento/Braintree/view/frontend/web/js/view/payment/3d-secure.js
Lines changed: 42 additions & 49 deletions b/‎app/code/Magento/Braintree/view/frontend/web/js/view/payment/3d-secure.js
Lines changed: 42 additions & 49 deletions
diff --git a/‎app/code/Magento/CardinalCommerce/Model/Response/JwtParser.php
Lines changed: 2 additions & 2 deletions b/‎app/code/Magento/CardinalCommerce/Model/Response/JwtParser.php
Lines changed: 2 additions & 2 deletions
@@ -31,4 +31,9 @@
             </argument>
         </arguments>
     </virtualType>
+    <virtualType name="AuthorizenetAcceptjsAuthorizeCommand" type="Magento\Payment\Gateway\Command\GatewayCommand">
+        <arguments>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
+        </arguments>
+    </virtualType>
 </config>
@@ -134,6 +134,7 @@
         <arguments>
             <argument name="requestBuilder" xsi:type="object">AuthorizenetAcceptjsRefundRequest</argument>
             <argument name="handler" xsi:type="object">AuthorizenetAcceptjsRefundSettledHandler</argument>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
         </arguments>
     </virtualType>
     <virtualType name="AuthorizenetAcceptjsCaptureCommand" type="Magento\AuthorizenetAcceptjs\Gateway\Command\CaptureStrategyCommand">
@@ -145,6 +146,7 @@
         <arguments>
             <argument name="requestBuilder" xsi:type="object">AuthorizenetAcceptjsCaptureRequest</argument>
             <argument name="handler" xsi:type="object">AuthorizenetAcceptjsCaptureTransactionHandler</argument>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
         </arguments>
     </virtualType>
     <virtualType name="AuthorizenetAcceptjsVoidCommand" type="Magento\Payment\Gateway\Command\GatewayCommand">
 
@@ -35,6 +35,7 @@
                 <button class="action primary checkout"
                         type="submit"
                         click="beforePlaceOrder"
+                        css="disabled: !isPlaceOrderActionAllowed()"
                         attr="title: $t('Place Order')"
                 >
                     <span translate="'Place Order'"></span>
 
@@ -10,7 +10,7 @@
 
 use Magento\AuthorizenetAcceptjs\Gateway\SubjectReader;
 use Magento\AuthorizenetCardinal\Model\Config;
-use Magento\CardinalCommerce\Model\Response\JwtParser;
+use Magento\CardinalCommerce\Model\Response\JwtParserInterface;
 use Magento\Payment\Gateway\Request\BuilderInterface;
 use Magento\Sales\Model\Order\Payment;
 
@@ -30,19 +30,19 @@ class Authorize3DSecureBuilder implements BuilderInterface
     private $config;
 
     /**
-     * @var JwtParser
+     * @var JwtParserInterface
      */
     private $jwtParser;
 
     /**
      * @param SubjectReader $subjectReader
      * @param Config $config
-     * @param JwtParser $jwtParser
+     * @param JwtParserInterface $jwtParser
      */
     public function __construct(
         SubjectReader $subjectReader,
         Config $config,
-        JwtParser $jwtParser
+        JwtParserInterface $jwtParser
     ) {
         $this->subjectReader = $subjectReader;
         $this->config = $config;
 
@@ -0,0 +1,83 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\AuthorizenetCardinal\Gateway\Validator;
+
+use Magento\AuthorizenetAcceptjs\Gateway\SubjectReader;
+use Magento\AuthorizenetCardinal\Model\Config;
+use Magento\Payment\Gateway\Validator\AbstractValidator;
+use Magento\Payment\Gateway\Validator\ResultInterface;
+use Magento\Payment\Gateway\Validator\ResultInterfaceFactory;
+
+/**
+ * Validates cardholder authentication verification response code.
+ */
+class CavvResponseValidator extends AbstractValidator
+{
+    /**
+     * The result code that authorize.net returns if CAVV passed validation.
+     */
+    private const RESULT_CODE_SUCCESS = '2';
+
+    /**
+     * @var SubjectReader
+     */
+    private $subjectReader;
+
+    /**
+     * @var ResultInterfaceFactory
+     */
+    private $resultFactory;
+
+    /**
+     * @var Config
+     */
+    private $config;
+
+    /**
+     * @param ResultInterfaceFactory $resultFactory
+     * @param SubjectReader $subjectReader
+     * @param Config $config
+     */
+    public function __construct(
+        ResultInterfaceFactory $resultFactory,
+        SubjectReader $subjectReader,
+        Config $config
+    ) {
+        parent::__construct($resultFactory);
+
+        $this->resultFactory = $resultFactory;
+        $this->subjectReader = $subjectReader;
+        $this->config = $config;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function validate(array $validationSubject): ResultInterface
+    {
+        if ($this->config->isActive() === false) {
+            return $this->createResult(true);
+        }
+
+        $response = $this->subjectReader->readResponse($validationSubject);
+        $transactionResponse = $response['transactionResponse'];
+
+        $cavvResultCode = $transactionResponse['cavvResultCode'] ?? '';
+        $isValid = $cavvResultCode === self::RESULT_CODE_SUCCESS;
+        $errorCodes = [];
+        $errorMessages = [];
+
+        if (!$isValid) {
+            $errorCodes[] = $transactionResponse['cavvResultCode'];
+            $errorMessages[] = 'CAVV failed validation';
+        }
+
+        return $this->createResult($isValid, $errorMessages, $errorCodes);
+    }
+}
@@ -13,4 +13,20 @@
             </argument>
         </arguments>
     </virtualType>
+    <virtualType name="Magento\AuthorizenetCardinal\Gateway\Validator\VirtualTransactionValidator" type="Magento\Payment\Gateway\Validator\ValidatorComposite">
+        <arguments>
+            <argument name="chainBreakingValidators" xsi:type="array">
+                <item name="general" xsi:type="boolean">true</item>
+            </argument>
+            <argument name="validators" xsi:type="array">
+                <item name="general" xsi:type="string">AuthorizenetAcceptjsTransactionValidator</item>
+                <item name="cavv_response" xsi:type="string">Magento\AuthorizenetCardinal\Gateway\Validator\CavvResponseValidator</item>
+            </argument>
+        </arguments>
+    </virtualType>
+    <virtualType name="AuthorizenetAcceptjsAuthorizeCommand">
+        <arguments>
+            <argument name="validator" xsi:type="object">Magento\AuthorizenetCardinal\Gateway\Validator\VirtualTransactionValidator</argument>
+        </arguments>
+    </virtualType>
 </config>
@@ -56,6 +56,8 @@ define([
             },
 
             /**
+             * Adds cardinal response JWT to payment additional data.
+             *
              * @returns {Object}
              */
             getData: function () {
 
@@ -6,11 +6,11 @@
 var config = {
     map: {
         '*': {
-            braintreeClient: 'https://js.braintreegateway.com/web/3.44.1/js/client.min.js',
-            braintreeHostedFields: 'https://js.braintreegateway.com/web/3.44.1/js/hosted-fields.min.js',
-            braintreePayPal: 'https://js.braintreegateway.com/web/3.44.1/js/paypal-checkout.min.js',
-            braintree3DSecure: 'https://js.braintreegateway.com/web/3.44.1/js/three-d-secure.min.js',
-            braintreeDataCollector: 'https://js.braintreegateway.com/web/3.44.1/js/data-collector.min.js'
+            braintreeClient: 'https://js.braintreegateway.com/web/3.46.0-beta-3ds.8/js/client.min.js',
+            braintreeHostedFields: 'https://js.braintreegateway.com/web/3.46.0-beta-3ds.8/js/hosted-fields.min.js',
+            braintreePayPal: 'https://js.braintreegateway.com/web/3.46.0-beta-3ds.8/js/paypal-checkout.min.js',
+            braintree3DSecure: 'https://js.braintreegateway.com/web/3.46.0-beta-3ds.8/js/three-d-secure.min.js',
+            braintreeDataCollector: 'https://js.braintreegateway.com/web/3.46.0-beta-3ds.8/js/data-collector.min.js'
         }
     },
     paths: {
 
@@ -41,6 +41,7 @@ define([
             braintreeAdapter.getApiClient()
                 .then(function (clientInstance) {
                     return braintree3DSecure.create({
+                        version: 2, // Will use 3DS 2 whenever possible
                         client: clientInstance
                     });
                 })
@@ -49,6 +50,7 @@ define([
                     promise.resolve(self.threeDSecureInstance);
                 })
                 .catch(function (err) {
+                    fullScreenLoader.stopLoader();
                     promise.reject(err);
                 });
 
@@ -84,30 +86,55 @@ define([
             var self = this,
                 totalAmount = quote.totals()['base_grand_total'],
                 billingAddress = quote.billingAddress(),
+                shippingAddress = quote.shippingAddress(),
                 options = {
                     amount: totalAmount,
                     nonce: context.paymentPayload.nonce,
-
-                    /**
-                     * Adds iframe to page
-                     * @param {Object} err
-                     * @param {Object} iframe
-                     */
-                    addFrame: function (err, iframe) {
-                        self.createModal($(iframe));
-                        fullScreenLoader.stopLoader();
-                        self.modal.openModal();
+                    billingAddress: {
+                        givenName: billingAddress.firstname,
+                        surname: billingAddress.lastname,
+                        phoneNumber: billingAddress.telephone,
+                        streetAddress: billingAddress.street[0],
+                        extendedAddress: billingAddress.street[1],
+                        locality: billingAddress.city,
+                        region: billingAddress.regionCode,
+                        postalCode: billingAddress.postcode,
+                        countryCodeAlpha2: billingAddress.countryId
                     },
 
                     /**
-                     * Removes iframe from page
+                     * Will be called after receiving ThreeDSecure response, before completing the flow.
+                     *
+                     * @param {Object} data - ThreeDSecure data to consume before continuing
+                     * @param {Function} next - callback to continue flow
                      */
-                    removeFrame: function () {
-                        self.modal.closeModal();
+                    onLookupComplete: function (data, next) {
+                        next();
+                    }
+                };
+
+            if (context.paymentPayload.details) {
+                options.bin = context.paymentPayload.details.bin;
+            }
+
+            if (shippingAddress) {
+                options.additionalInformation = {
+                    shippingGivenName: shippingAddress.firstname,
+                    shippingSurname: shippingAddress.lastname,
+                    shippingPhone: shippingAddress.telephone,
+                    shippingAddress: {
+                        streetAddress: shippingAddress.street[0],
+                        extendedAddress: shippingAddress.street[1],
+                        locality: shippingAddress.city,
+                        region: shippingAddress.regionCode,
+                        postalCode: shippingAddress.postcode,
+                        countryCodeAlpha2: shippingAddress.countryId
                     }
                 };
+            }
 
             if (!this.isAmountAvailable(totalAmount) || !this.isCountryAvailable(billingAddress.countryId)) {
+                self.state = $.Deferred();
                 self.state.resolve();
 
                 return self.state.promise();
@@ -118,6 +145,7 @@ define([
                 .then(function () {
                     self.threeDSecureInstance.verifyCard(options, function (err, payload) {
                         if (err) {
+                            fullScreenLoader.stopLoader();
                             self.state.reject(err.message);
 
                             return;
@@ -129,6 +157,7 @@ define([
                             context.paymentPayload.nonce = payload.nonce;
                             self.state.resolve();
                         } else {
+                            fullScreenLoader.stopLoader();
                             self.state.reject($t('Please try again with another form of payment.'));
                         }
                     });
@@ -141,42 +170,6 @@ define([
             return self.state.promise();
         },
 
-        /**
-         * Creates modal window
-         *
-         * @param {Object} $context
-         * @private
-         */
-        createModal: function ($context) {
-            var self = this,
-                options = {
-                    clickableOverlay: false,
-                    buttons: [],
-                    modalCloseBtnHandler: self.cancelFlow.bind(self),
-                    keyEventHandlers: {
-                        escapeKey: self.cancelFlow.bind(self)
-                    }
-                };
-
-            // adjust iframe styles
-            $context.attr('width', '100%');
-            self.modal = Modal(options, $context);
-        },
-
-        /**
-         * Cancels 3D Secure flow
-         *
-         * @private
-         */
-        cancelFlow: function () {
-            var self = this;
-
-            self.threeDSecureInstance.cancelVerifyCard(function () {
-                self.modal.closeModal();
-                self.state.reject();
-            });
-        },
-
         /**
          * Checks minimal amount for 3D Secure activation
          *
 
@@ -14,9 +14,9 @@
 use Magento\Payment\Model\Method\Logger as PaymentLogger;
 
 /**
- * Parse content of CardinalCommerce response JWT.
+ * Parses content of CardinalCommerce response JWT.
  */
-class JwtParser
+class JwtParser implements JwtParserInterface
 {
     /**
      * @var JwtManagement
Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,7 @@`
`35`	`35`	`<button class="action primary checkout"`
`36`	`36`	`type="submit"`
`37`	`37`	`click="beforePlaceOrder"`
	`38`	`+ css="disabled: !isPlaceOrderActionAllowed()"`
`38`	`39`	`attr="title: $t('Place Order')"`
`39`	`40`	`>`
`40`	`41`	`<span translate="'Place Order'"></span>`