"use strict";
var wrapPromise = require("@braintree/wrap-promise");
var methods = require("../../lib/methods");
var convertMethodsToError = require("../../lib/convert-methods-to-error");
var EventEmitter = require("@braintree/event-emitter");
var FRAMEWORKS = require("./frameworks");
/**
* @deprecated
* @callback ThreeDSecure~addFrameCallback
* @param {?BraintreeError} [err] `null` or `undefined` if there was no error.
* @param {HTMLIFrameElement} iframe An iframe element containing the bank's authentication page that you must put on your page.
* @description **Deprecated** The callback used for options.addFrame in 3DS 1.0's {@link ThreeDSecure#verifyCard|verifyCard}.
* @returns {void}
*/
/**
* @deprecated
* @callback ThreeDSecure~removeFrameCallback
* @description **Deprecated** The callback used for options.removeFrame in 3DS 1.0's {@link ThreeDSecure#verifyCard|verifyCard}.
* @returns {void}
*/
/**
* @deprecated
* @typedef {object} ThreeDSecure~verifyCardCustomerObject
* @property {string} [customer.mobilePhoneNumber] The mobile phone number used for verification. Only numbers; remove dashes, parenthesis and other characters.
* @property {string} [customer.email] The email used for verification.
* @property {string} [customer.shippingMethod] The 2-digit string indicating the shipping method chosen for the transaction.
* @property {string} [customer.billingAddress.firstName] The first name associated with the address.
* @property {string} [customer.billingAddress.lastName] The last name associated with the address.
* @property {string} [customer.billingAddress.streetAddress] Line 1 of the Address (eg. number, street, etc).
* @property {string} [customer.billingAddress.extendedAddress] Line 2 of the Address (eg. suite, apt #, etc.).
* @property {string} [customer.billingAddress.locality] The locality (city) name associated with the address.
* @property {string} [customer.billingAddress.region] The 2 letter code for US states or an ISO-3166-2 country subdivision code of up to three letters.
* @property {string} [customer.billingAddress.postalCode] The zip code or equivalent for countries that have them.
* @property {string} [customer.billingAddress.countryCodeAlpha2] The 2 character country code.
* @property {string} [customer.billingAddress.phoneNumber] The phone number associated with the address. Only numbers; remove dashes, parenthesis and other characters.
* @description **Deprecated** Optional customer information to be passed to 3DS 1.0 for verification.
*/
/**
* @typedef {object} ThreeDSecure~verifyPayload
* @property {string} nonce The new payment method nonce produced by the 3D Secure lookup. The original nonce passed into {@link ThreeDSecure#verifyCard|verifyCard} was consumed. This new nonce should be used to transact on your server.
* @property {string} type The payment method type.
* @property {object} details Additional account details.
* @property {string} details.cardType Type of card, ex: Visa, MasterCard.
* @property {string} details.lastFour Last four digits of card number.
* @property {string} details.lastTwo Last two digits of card number.
* @property {string} description A human-readable description.
* @property {object} binData Information about the card based on the bin.
* @property {string} binData.commercial Possible values: 'Yes', 'No', 'Unknown'.
* @property {string} binData.countryOfIssuance The country of issuance.
* @property {string} binData.debit Possible values: 'Yes', 'No', 'Unknown'.
* @property {string} binData.durbinRegulated Possible values: 'Yes', 'No', 'Unknown'.
* @property {string} binData.healthcare Possible values: 'Yes', 'No', 'Unknown'.
* @property {string} binData.issuingBank The issuing bank.
* @property {string} binData.payroll Possible values: 'Yes', 'No', 'Unknown'.
* @property {string} binData.prepaid Possible values: 'Yes', 'No', 'Unknown'.
* @property {string} binData.productId The product id.
* @property {boolean} liabilityShiftPossible *Deprecated:* Use `threeDSecureInfo.liabilityShiftPossible` instead.
* @property {boolean} liabilityShifted *Deprecated:* Use `threeDSecureInfo.liabilityShifted` instead.
* @property {object} threeDSecureInfo 3DS information about the card. Note: This information should be verified on the server by using the [payment method nonce find method](https://developer.paypal.com/braintree/docs/reference/request/payment-method-nonce/find). The values provided here are merely for convenience. Only values looked up on the server should determine the logic about how to process a transaction.
* @property {string} threeDSecureInfo.acsTransactionId The transaction identifier from the issuing bank.
* @property {string} threeDSecureInfo.cavv Cardholder authentication verification value or CAVV. The main encrypted message issuers and card networks use to verify authentication has occurred. Mastercard uses an AVV message and American Express uses an AEVV message, each of which should also be passed in the cavv parameter.
* @property {string} threeDSecureInfo.dsTransactionId Transaction identifier resulting from 3D Secure 2 authentication.
* @property {string} threeDSecureInfo.eciFlag The value of the electronic commerce indicator (ECI) flag, which indicates the outcome of the 3DS authentication. This will be a two-digit value.
* @property {boolean} threeDSecureInfo.enrolled Indicates the status of 3D Secure authentication eligibility with the card issuer.
* @property {boolean} threeDSecureInfo.liabilityShifted Indicates whether the liability for fraud has been shifted away from the merchant.
* @property {boolean} threeDSecureInfo.liabilityShiftPossible Indicates whether liability shift is still possible on a retry.
* @property {string} threeDSecureInfo.paresStatus Transaction status result identifier.
* @property {string} threeDSecureInfo.status Indicates the outcome of the 3D Secure event.
* @property {string} threeDSecureInfo.threeDSecureAuthenticationId ID of the 3D Secure authentication performed for this transaction. Do not provide this field as a transaction sale parameter if you are using the returned payment method nonce from the payload.
* @property {string} threeDSecureInfo.threeDSecureServerTransactionId Transaction identifier provided by the issuing bank who recieved the 3D Secure event.
* @property {string} threeDSecureInfo.threeDSecureVersion The version of 3D Secure authentication used for the transaction.
* @property {string} threeDSecureInfo.xid Transaction identifier resulting from 3D Secure authentication. Uniquely identifies the transaction and sometimes required in the authorization message. This is a base64-encoded value. This field will no longer be used in 3D Secure 2 authentications for Visa and Mastercard, however it will be supported by American Express.
* @property {string} threeDSecureInfo.lookup.transStatus Error code returned from the 3D Secure MPI provider.
* @property {string} threeDSecureInfo.lookup.transStatusReason Description correlating to the transStatus error code.
* @property {string} threeDSecureInfo.authentication.transStatus Error code returned from the 3D Secure MPI provider.
* @property {string} threeDSecureInfo.authentication.transStatusReason Description correlating to the transStatus error code.
* @property {object} rawCardinalSDKVerificationData The response back from the Cardinal SDK after verification has completed. See [Cardinal's Documentation](https://cardinaldocs.atlassian.net/wiki/spaces/CC/pages/98315/Response+Objects) for more information. If the customer was not required to do a 3D Secure challenge, this object will not be available.
*/
/**
* @typedef {string} ThreeDSecure~prepareLookupPayload The client data to pass on when doing a server side lookup call.
*/
/**
* @typedef {object} ThreeDSecure~verificationData
* @property {boolean} requiresUserAuthentication When `true`, the user will be presented with a 3D Secure challenge when calling `next` in the {@link ThreeDSecure#event:lookup-complete|`lookup-complete` event}.
* @property {object} threeDSecureInfo Contains liability shift details.
* @property {boolean} threeDSecureInfo.liabilityShiftPossible Indicates whether the card was eligible for 3D Secure.
* @property {boolean} threeDSecureInfo.liabilityShifted Indicates whether the liability for fraud has been shifted away from the merchant.
* @property {object} paymentMethod A {@link ThreeDSecure~verifyPayload|verifyPayload} object.
* @property {object} lookup Details about the 3D Secure lookup.
* @property {string} lookup.threeDSecureVersion The version of 3D Secure that will be used for the 3D Secure challenge.
*/
/**
* @typedef {object} ThreeDSecure~billingAddress
* @property {string} [givenName] The first name associated with the billing address. (maximum length 50)
* @property {string} [surname] The last name associated with the billing address. (maximum length 50)
* @property {string} [phoneNumber] The phone number associated with the billing address. Only numbers; remove dashes, parenthesis and other characters.
* @property {string} [streetAddress] Line 1 of the billing address (eg. number, street, etc). (maximum length 50)
* @property {string} [extendedAddress] Line 2 of the billing address (eg. suite, apt #, etc.). (maximum length 50)
* @property {string} [line3] Line 3 of the billing address if needed (eg. suite, apt #, etc). (maximum length 50)
* @property {string} [locality] The locality (city) name associated with the billing address.
* @property {string} [region] This field expects an ISO3166-2 subdivision code. The subdivision code is what follows the hyphen separator in the full ISO 3166-2 code. For example, the state of Ohio in the United States we expect "OH" as opposed to the full ISO 3166-2 code "US-OH".
* @property {string} [postalCode] The zip code or equivalent for countries that have them.
* @property {string} [countryCodeAlpha2] The 2 character country code.
*/
/**
* @typedef {object} ThreeDSecure~additionalInformation
* @property {string} [workPhoneNumber] The work phone number used for verification. Only numbers; remove dashes, parenthesis and other characters. (maximum length 25)
* @property {string} [shippingGivenName] The first name associated with the shipping address. (maximum length 50)
* @property {string} [shippingSurname] The last name associated with the shipping address. (maximum length 50)
* @property {object} [shippingAddress]
* @property {string} [shippingAddress.streetAddress] Line 1 of the shipping address (eg. number, street, etc). (maximum length 50)
* @property {string} [shippingAddress.extendedAddress] Line 2 of the shipping address (eg. suite, apt #, etc.). (maximum length 50)
* @property {string} [shippingAddress.line3] Line 3 of the shipping address if needed (eg. suite, apt #, etc). (maximum length 50)
* @property {string} [shippingAddress.locality] The locality (city) name associated with the shipping address. (maximum length 50)
* @property {string} [shippingAddress.region] This field expects an ISO3166-2 subdivision code. The subdivision code is what follows the hyphen separator in the full ISO 3166-2 code. For example, the state of Ohio in the United States we expect "OH" as opposed to the full ISO 3166-2 code "US-OH".
* @property {string} [shippingAddress.postalCode] The zip code or equivalent for countries that have them. (maximum length 10)
* @property {string} [shippingAddress.countryCodeAlpha2] The 2 character country code. (maximum length 2)
* @property {string} [shippingPhone] The phone number associated with the shipping address. Only numbers; remove dashes, parenthesis and other characters. (maximum length 20)
* @property {string} [shippingMethod] The 2-digit string indicating the name of the shipping method chosen for the transaction. (maximum length 50) Possible values:
* - `01` Same Day
* - `02` Overnight / Expedited
* - `03` Priority (2-3 Days)
* - `04` Ground
* - `05` Electronic Delivery
* - `06` Ship to Store
* @property {string} [shippingMethodIndicator] The 2-digit string indicating the shipping method chosen for the transaction Possible values.
* - `01` Ship to cardholder billing address
* - `02` Ship to another verified address on file with merchant
* - `03` Ship to address that is different from billing address
* - `04` Ship to store (store address should be populated on request)
* - `05` Digital goods
* - `06` Travel and event tickets, not shipped
* - `07` Other
* @property {string} [productCode] The 3-letter string representing the merchant product code. Possible values:
* - `AIR` Airline
* - `GEN` General Retail
* - `DIG` Digital Goods
* - `SVC` Services
* - `RES` Restaurant
* - `TRA` Travel
* - `DSP` Cash Dispensing
* - `REN` Car Rental
* - `GAS` Fuel
* - `LUX` Luxury Retail
* - `ACC` Accommodation Retail
* - `TBD` Other
* @property {string} [deliveryTimeframe] The 2-digit number indicating the delivery time frame. Possible values:
* - `01` Electronic delivery
* - `02` Same day shipping
* - `03` Overnight shipping
* - `04` Two or more day shipping
* @property {string} [deliveryEmail] For electronic delivery, email address to which the merchandise was delivered. (maximum length 254)
* @property {string} [reorderindicator] The 2-digit number indicating whether the cardholder is reordering previously purchased merchandise. possible values:
* - `01` First time ordered
* - `02` Reordered
* @property {string} [preorderIndicator] The 2-digit number indicating whether cardholder is placing an order with a future availability or release date. possible values:
* - `01` Merchandise available
* - `02` Future availability
* @property {string} [preorderDate] The 8-digit number (format: YYYYMMDD) indicating expected date that a pre-ordered purchase will be available.
* @property {string} [giftCardAmount] The purchase amount total for prepaid gift cards in major units. (maximum length 15)
* @property {string} [giftCardCurrencyCode] ISO 4217 currency code for the gift card purchased. (maximum length 3)
* @property {string} [giftCardCount] Total count of individual prepaid gift cards purchased. (maximum length 2)
* @property {string} [accountAgeIndicator] The 2-digit value representing the length of time cardholder has had account. Possible values:
* - `01` No Account
* - `02` Created during transaction
* - `03` Less than 30 days
* - `04` 30-60 days
* - `05` More than 60 days
* @property {string} [accountCreateDate] The 8-digit number (format: YYYYMMDD) indicating the date the cardholder opened the account.
* @property {string} [accountChangeIndicator] The 2-digit value representing the length of time since the last change to the cardholder account. This includes shipping address, new payment account or new user added. Possible values:
* - `01` Changed during transaction
* - `02` Less than 30 days
* - `03` 30-60 days
* - `04` More than 60 days
* @property {string} [accountChangeDate] The 8-digit number (format: YYYYMMDD) indicating the date the cardholder's account was last changed. This includes changes to the billing or shipping address, new payment accounts or new users added.
* @property {string} [accountPwdChangeIndicator] The 2-digit value representing the length of time since the cardholder changed or reset the password on the account. Possible values:
* - `01` No change
* - `02` Changed during transaction
* - `03` Less than 30 days
* - `04` 30-60 days
* - `05` More than 60 days
* @property {string} [accountPwdChangeDate] The 8-digit number (format: YYYYMMDD) indicating the date the cardholder last changed or reset password on account.
* @property {string} [shippingAddressUsageIndicator] The 2-digit value indicating when the shipping address used for transaction was first used. Possible values:
* - `01` This transaction
* - `02` Less than 30 days
* - `03` 30-60 days
* - `04` More than 60 days
* @property {string} [shippingAddressUsageDate] The 8-digit number (format: YYYYMMDD) indicating the date when the shipping address used for this transaction was first used.
* @property {string} [transactionCountDay] Number of transactions (successful or abandoned) for this cardholder account within the last 24 hours. (maximum length 3)
* @property {string} [transactionCountYear] Number of transactions (successful or abandoned) for this cardholder account within the last year. (maximum length 3)
* @property {string} [addCardAttempts] Number of add card attempts in the last 24 hours. (maximum length 3)
* @property {string} [accountPurchases] Number of purchases with this cardholder account during the previous six months.
* @property {string} [fraudActivity] The 2-digit value indicating whether the merchant experienced suspicious activity (including previous fraud) on the account. Possible values:
* - `01` No suspicious activity
* - `02` Suspicious activity observed
* @property {string} [shippingNameIndicator] The 2-digit value indicating if the cardholder name on the account is identical to the shipping name used for the transaction. Possible values:
* - `01` Account and shipping name identical
* - `02` Account and shipping name differ
* @property {string} [paymentAccountIndicator] The 2-digit value indicating the length of time that the payment account was enrolled in the merchant account. Possible values:
* - `01` No account (guest checkout)
* - `02` During the transaction
* - `03` Less than 30 days
* - `04` 30-60 days
* - `05` More than 60 days
* @property {string} [paymentAccountAge] The 8-digit number (format: YYYYMMDD) indicating the date the payment account was added to the cardholder account.
* @property {string} [acsWindowSize] The 2-digit number to set the challenge window size to display to the end cardholder. The ACS will reply with content that is formatted appropriately to this window size to allow for the best user experience. The sizes are width x height in pixels of the window displayed in the cardholder browser window. Possible values:
* - `01` 250x400
* - `02` 390x400
* - `03` 500x600
* - `04` 600x400
* - `05` Full page
* @property {string} [sdkMaxTimeout] The 2-digit number of minutes (minimum 05) to set the maximum amount of time for all 3DS 2.0 messages to be communicated between all components.
* @property {string} [addressMatch] The 1-character value (Y/N) indicating whether cardholder billing and shipping addresses match.
* @property {string} [accountId] Additional cardholder account information. (maximum length 64)
* @property {string} [ipAddress] The IP address of the consumer. IPv4 and IPv6 are supported.
* @property {string} [orderDescription] Brief description of items purchased. (maximum length 256)
* @property {string} [taxAmount] Unformatted tax amount without any decimalization (ie. $123.67 = 12367). (maximum length 20)
* @property {string} [userAgent] The exact content of the HTTP user agent header. (maximum length 500)
* @property {string} [authenticationIndicator] The 2-digit number indicating the type of authentication request. Possible values:
* - `01` Payment
* - `02` Recurring transaction
* - `03` Installment
* - `04` Add card
* - `05` Maintain card
* - `06` Cardholder verification as part of EMV token ID&V
* @property {string} [installment] An integer value greater than 1 indicating the maximum number of permitted authorizations for installment payments. (maximum length 3)
* @property {string} [purchaseDate] The 14-digit number (format: YYYYMMDDHHMMSS) indicating the date in UTC of original purchase.
* @property {string} [recurringEnd] The 8-digit number (format: YYYYMMDD) indicating the date after which no further recurring authorizations should be performed.
* @property {string} [recurringFrequency] Integer value indicating the minimum number of days between recurring authorizations. A frequency of monthly is indicated by the value 28. Multiple of 28 days will be used to indicate months (ex. 6 months = 168). (maximum length 3)
*/
/**
* @name ThreeDSecure#on
* @function
* @param {string} event The name of the event to which you are subscribing.
* @param {function} handler A callback to handle the event.
* @description Subscribes a handler function to a named event. The following events are available:
* * {@link ThreeDSecure#event:lookup-complete|lookup-complete}
* * {@link ThreeDSecure#event:customer-canceled|customer-canceled}
* * {@link ThreeDSecure#event:authentication-iframe-available|authentication-iframe-available}
* * {@link ThreeDSecure#event:authentication-modal-render|authentication-modal-render}
* * {@link ThreeDSecure#event:authentication-modal-close|authentication-modal-close}
* @example
* <caption>Listening to a 3D Secure event</caption>
* braintree.threeDSecure.create({ ... }, function (createErr, threeDSecureInstance) {
* threeDSecureInstance.on('lookup-complete', function (data, next) {
* console.log('data from the lookup', data);
* next();
* });
* threeDSecureInstance.on('customer-canceled', function () {
* console.log('log that the customer canceled');
* });
* });
* @returns {void}
*/
/**
* @name ThreeDSecure#off
* @function
* @param {string} event The name of the event to which you are unsubscribing.
* @param {function} handler The callback for the event you are unsubscribing from.
* @description Unsubscribes the handler function to a named event.
* @example
* <caption>Subscribing and then unsubscribing from a 3D Secure eld event</caption>
* braintree.threeDSecure.create({ ... }, function (createErr, threeDSecureInstance) {
* var lookupCallback = function (data, next) {
* console.log(data);
* next();
* };
* var cancelCallback = function () {
* // log the cancelation
* // or update UI
* };
*
* threeDSecureInstance.on('lookup-complete', lookupCallback);
* threeDSecureInstance.on('customer-canceled', cancelCallback);
*
* // later on
* threeDSecureInstance.off('lookup-complete', lookupCallback);
* threeDSecureInstance.off('customer-canceled', cancelCallback);
* });
* @returns {void}
*/
/**
* This event is emitted when the `2-inline-iframe` version is specified when creating the 3D Secure instance and the authentication iframe becomes available.
* @event ThreeDSecure#authentication-iframe-available
* @example
* <caption>Listening for the authentication iframe to be available</caption>
* threeDSecureInstance.on('authentication-iframe-available', function (event, next) {
* document.body.appendChild(event.element); // add iframe element to page
*
* next(); // let the SDK know the iframe is ready
* });
* });
*/
/**
* This event is emitted when using the 3D Secure 2.0 flow and the initial lookup request completes. If this is not used, a `onLookupComplete` callback must be passed into the `verifyCard` method.
* @event ThreeDSecure#lookup-complete
* @example
* <caption>Listening for when the lookup request is complete</caption>
* braintree.threeDSecure.create({
* client: clientInstance,
* version: '2'
* }, function (createErr, threeDSecureInstance) {
* threeDSecureInstance.on('lookup-complete', function (data, next) {
* // inspect the data
*
* // call next when ready to proceed with the challenge
* next();
* });
* });
*/
/**
* This event is emitted when using the 3D Secure 2.0 flow and the customer cancels the 3D Secure challenge.
* @event ThreeDSecure#customer-canceled
* @example
* <caption>Listening for when the customer cancels the 3D Secure challenge</caption>
* braintree.threeDSecure.create({
* client: clientInstance,
* version: '2'
* }, function (createErr, threeDSecureInstance) {
* threeDSecureInstance.on('customer-canceled', function () {
* // the customer canceled the 3D Secure challenge
* });
* });
*/
/**
* This event is emitted when using the 3D Secure 2.0 flow and the authentication modal closes, either because the authentication was completed or because the customer canceled the process.
* @event ThreeDSecure#authentication-modal-close
* @example
* braintree.threeDSecure.create({
* client: clientInstance,
* version: '2'
* }, function (createErr, threeDSecureInstance) {
* threeDSecureInstance.on('authentication-modal-close', function () {
* // the modal was closed
* });
* });
*/
/**
* This event is emitted when using the 3D Secure 2.0 flow and the authentication modal is rendered.
* @event ThreeDSecure#authentication-modal-render
* @example
* braintree.threeDSecure.create({
* client: clientInstance,
* version: '2'
* }, function (createErr, threeDSecureInstance) {
* threeDSecureInstance.on('authentication-modal-render', function () {
* // the modal was rendered, presenting the authentication form to the customer
* });
* });
*/
/**
* @class
* @param {object} options 3D Secure {@link module:braintree-web/three-d-secure.create create} options
* @description <strong>Do not use this constructor directly. Use {@link module:braintree-web/three-d-secure.create|braintree.threeDSecure.create} instead.</strong>
* @classdesc This class represents a ThreeDSecure component produced by {@link module:braintree-web/three-d-secure.create|braintree.threeDSecure.create}. Instances of this class have a method for launching a 3D Secure authentication flow.
*
* If you use the Braintree SDK from within an iframe, you must not use the `sandbox` attribute on your iframe or the 3D Secure modal will not function correctly.
*
* **Note**: 3D Secure 2.0 is documented below and will become the default integration method in a future version of Braintree-web. Until then, version 1.0 will continue to be supported. To view 3D Secure 1.0 documentation, look at Braintree-web documentation from version [3.40.0](https://braintree.github.io/braintree-web/3.40.0/ThreeDSecure.html) and earlier, or upgrade your integration by referring to the [3D Secure 2.0 adoption guide](https://developer.paypal.com/braintree/docs/guides/3d-secure/migration/javascript/v3).
*/
function ThreeDSecure(options) {
var self = this;
var Framework = FRAMEWORKS[options.framework];
EventEmitter.call(this);
this._framework = new Framework(options);
this._framework.setUpEventListeners(function () {
self._emit.apply(self, arguments);
});
}
EventEmitter.createChild(ThreeDSecure);
// NEXT_MAJOR_VERSION remove exemptionRequested entirely in favor of `requestedExemptionType`
/**
* Launch the 3D Secure login flow, returning a nonce payload.
*
* @public
* @param {object} options Options for card verification.
* @param {string} options.nonce The nonce representing the card from a tokenization payload. For example, this can be a {@link HostedFields~tokenizePayload|tokenizePayload} returned by Hosted Fields under `payload.nonce`.
* @param {string} options.bin The numeric Bank Identification Number (bin) of the card from a tokenization payload. For example, this can be a {@link HostedFields~tokenizePayload|tokenizePayload} returned by Hosted Fields under `payload.details.bin`.
* @param {string} options.amount The amount of the transaction in the current merchant account's currency. This must be expressed in numbers with an optional decimal (using `.`) and precision up to the hundredths place. For example, if you're processing a transaction for 1.234,56 € then `amount` should be `1234.56`.
* @param {string} [options.accountType] The account type for the card (if known). Accepted values: `credit` or `debit`.
* @param {boolean} [options.cardAddChallengeRequested] If set to `true`, a card-add challenge will be requested from the issuer. If set to `false`, a card-add challenge will not be requested. If the param is missing, a card-add challenge will only be requested for $0 amount. An authentication created using this flag should only be used for vaulting operations (creation of customers' credit cards or payment methods) and not for creating transactions.
* @param {boolean} [options.cardAdd] *Deprecated:* Use `cardAddChallengeRequested` instead.
* @param {boolean} [options.challengeRequested] If set to true, an authentication challenge will be forced if possible.
* @param {boolean} [options.dataOnlyRequested] Indicates whether to use the data only flow. In this flow, frictionless 3DS is ensured for Mastercard cardholders as the card scheme provides a risk score for the issuer to determine whether to approve. If data only is not supported by the processor, a validation error will be raised. Non-Mastercard cardholders will fallback to a normal 3DS flow.
* @param {boolean} [options.exemptionRequested] *Deprecated:* Use `requestedExemptionType` instead.
* @param {string} [options.requestedExemptionType] If an exemption is requested and the exemption's conditions are satisfied, then it will be applied. The following supported exemptions are defined as per PSD2 regulation: `low_value`, `transaction_risk_analysis`
* @param {function} [options.onLookupComplete] *Deprecated:* Use {@link ThreeDSecure#event:lookup-complete|`threeDSecureInstance.on('lookup-complete')`} instead. Function to execute when lookup completes. The first argument, `data`, is a {@link ThreeDSecure~verificationData|verificationData} object, and the second argument, `next`, is a callback. `next` must be called to continue.
* @param {string} [options.email] The email used for verification. (maximum length 255)
* @param {string} [options.mobilePhoneNumber] The mobile phone number used for verification. Only numbers; remove dashes, parenthesis and other characters. (maximum length 25)
* @param {object} [options.billingAddress] An {@link ThreeDSecure~billingAddress|billingAddress} object for verification.
* @param {object} [options.additionalInformation] An {@link ThreeDSecure~additionalInformation|additionalInformation} object for verification.
* @param {object} [options.customer] **Deprecated** Customer information for use in 3DS 1.0 verifications. Can contain any subset of a {@link ThreeDSecure~verifyCardCustomerObject|verifyCardCustomerObject}. Only to be used for 3DS 1.0 integrations.
* @param {callback} options.addFrame **Deprecated** This {@link ThreeDSecure~addFrameCallback|addFrameCallback} will be called when the bank frame needs to be added to your page. Only to be used for 3DS 1.0 integrations.
* @param {callback} options.removeFrame **Deprecated** For use in 3DS 1.0 Flows. This {@link ThreeDSecure~removeFrameCallback|removeFrameCallback} will be called when the bank frame needs to be removed from your page. Only to be used in 3DS 1.0 integrations.
* @param {callback} [callback] The second argument, <code>data</code>, is a {@link ThreeDSecure~verifyPayload|verifyPayload}. If no callback is provided, it will return a promise that resolves {@link ThreeDSecure~verifyPayload|verifyPayload}.
* @returns {(Promise|void)} Returns a promise if no callback is provided.
* @example
* <caption>Verifying a payment method nonce with 3DS 2.0</caption>
* var my3DSContainer;
*
* // set up listener after initialization
* threeDSecure.on(('lookup-complete', function (data, next) {
* // use `data` here, then call `next()`
* next();
* });
*
* // call verifyCard after tokenizing a card
* threeDSecure.verifyCard({
* amount: '123.45',
* nonce: hostedFieldsTokenizationPayload.nonce,
* bin: hostedFieldsTokenizationPayload.details.bin,
* email: 'test@example.com'
* billingAddress: {
* givenName: 'Jill',
* surname: 'Doe',
* phoneNumber: '8101234567',
* streetAddress: '555 Smith St.',
* extendedAddress: '#5',
* locality: 'Oakland',
* region: 'CA',
* postalCode: '12345',
* countryCodeAlpha2: 'US'
* },
* additionalInformation: {
* workPhoneNumber: '5555555555',
* shippingGivenName: 'Jill',
* shippingSurname: 'Doe',
* shippingAddress: {
* streetAddress: '555 Smith st',
* extendedAddress: '#5',
* locality: 'Oakland',
* region: 'CA',
* postalCode: '12345',
* countryCodeAlpha2: 'US'
* }
* shippingPhone: '8101234567'
* }
* }, function (err, payload) {
* if (err) {
* console.error(err);
* return;
* }
*
* if (payload.liabilityShifted) {
* // Liability has shifted
* submitNonceToServer(payload.nonce);
* } else if (payload.liabilityShiftPossible) {
* // Liability may still be shifted
* // Decide if you want to submit the nonce
* } else {
* // Liability has not shifted and will not shift
* // Decide if you want to submit the nonce
* }
* });
* <caption>Verifying a payment method nonce with 3DS 2.0 with onLookupComplete callback</caption>
* var my3DSContainer;
*
* threeDSecure.verifyCard({
* amount: '123.45',
* nonce: hostedFieldsTokenizationPayload.nonce,
* bin: hostedFieldsTokenizationPayload.details.bin,
* email: 'test@example.com'
* billingAddress: {
* givenName: 'Jill',
* surname: 'Doe',
* phoneNumber: '8101234567',
* streetAddress: '555 Smith St.',
* extendedAddress: '#5',
* locality: 'Oakland',
* region: 'CA',
* postalCode: '12345',
* countryCodeAlpha2: 'US'
* },
* additionalInformation: {
* workPhoneNumber: '5555555555',
* shippingGivenName: 'Jill',
* shippingSurname: 'Doe',
* shippingAddress: {
* streetAddress: '555 Smith st',
* extendedAddress: '#5',
* locality: 'Oakland',
* region: 'CA',
* postalCode: '12345',
* countryCodeAlpha2: 'US'
* }
* shippingPhone: '8101234567'
* },
* onLookupComplete: function (data, next) {
* // use `data` here, then call `next()`
* next();
* }
* }, function (err, payload) {
* if (err) {
* console.error(err);
* return;
* }
*
* if (payload.liabilityShifted) {
* // Liability has shifted
* submitNonceToServer(payload.nonce);
* } else if (payload.liabilityShiftPossible) {
* // Liability may still be shifted
* // Decide if you want to submit the nonce
* } else {
* // Liability has not shifted and will not shift
* // Decide if you want to submit the nonce
* }
* });
* @example
* <caption>Handling 3DS lookup errors</caption>
* var my3DSContainer;
*
* // set up listener after initialization
* threeDSecure.on(('lookup-complete', function (data, next) {
* // use `data` here, then call `next()`
* next();
* });
*
* // call verifyCard after tokenizing a card
* threeDSecure.verifyCard({
* amount: '123.45',
* nonce: hostedFieldsTokenizationPayload.nonce,
* bin: hostedFieldsTokenizationPayload.details.bin,
* email: 'test@example.com',
* billingAddress: billingAddressFromCustomer,
* additionalInformation: additionalInfoFromCustomer
* }, function (err, payload) {
* if (err) {
* if (err.code.indexOf('THREEDS_LOOKUP') === 0) {
* // an error occurred during the initial lookup request
*
* if (err.code === 'THREEDS_LOOKUP_TOKENIZED_CARD_NOT_FOUND_ERROR') {
* // either the passed payment method nonce does not exist
* // or it was already consumed before the lookup call was made
* } else if (err.code.indexOf('THREEDS_LOOKUP_VALIDATION') === 0) {
* // a validation error occurred
* // likely some non-ascii characters were included in the billing
* // address given name or surname fields, or the cardholdername field
*
* // Instruct your user to check their data and try again
* } else {
* // an unknown lookup error occurred
* }
* } else {
* // some other kind of error
* }
* return;
* }
*
* // handle success
* });
* @example
* <caption>Deprecated: Verifying an existing nonce with 3DS 1.0</caption>
* var my3DSContainer;
*
* threeDSecure.verifyCard({
* nonce: existingNonce,
* amount: 123.45,
* addFrame: function (err, iframe) {
* // Set up your UI and add the iframe.
* my3DSContainer = document.createElement('div');
* my3DSContainer.appendChild(iframe);
* document.body.appendChild(my3DSContainer);
* },
* removeFrame: function () {
* // Remove UI that you added in addFrame.
* document.body.removeChild(my3DSContainer);
* }
* }, function (err, payload) {
* if (err) {
* console.error(err);
* return;
* }
*
* if (payload.liabilityShifted) {
* // Liability has shifted
* submitNonceToServer(payload.nonce);
* } else if (payload.liabilityShiftPossible) {
* // Liability may still be shifted
* // Decide if you want to submit the nonce
* } else {
* // Liability has not shifted and will not shift
* // Decide if you want to submit the nonce
* }
* });
*/
ThreeDSecure.prototype.verifyCard = function (options) {
var privateOptions;
if (this.hasListener("lookup-complete")) {
privateOptions = {
ignoreOnLookupCompleteRequirement: true,
};
}
return this._framework.verifyCard(options, privateOptions);
};
/* eslint-disable-next-line valid-jsdoc */
/**
* Launch the iframe challenge using a 3D Secure lookup response from a server side lookup.
*
* @public
* @param {(object|string)} lookupResponse The lookup response from the server side call to lookup the 3D Secure information. The raw string or a parsed object can be passed.
* @returns {Promise} Returns a promise.
* @example
* var my3DSContainer;
*
* threeDSecure.initializeChallengeWithLookupResponse(lookupResponseFromServer).then(function (payload) {
* if (payload.liabilityShifted) {
* // Liability has shifted
* submitNonceToServer(payload.nonce);
* } else if (payload.liabilityShiftPossible) {
* // Liability may still be shifted
* // Decide if you want to submit the nonce
* } else {
* // Liability has not shifted and will not shift
* // Decide if you want to submit the nonce
* }
* });
*/
ThreeDSecure.prototype.initializeChallengeWithLookupResponse = function (
lookupResponse
) {
if (typeof lookupResponse === "string") {
lookupResponse = JSON.parse(lookupResponse);
}
return this._framework.initializeChallengeWithLookupResponse(lookupResponse);
};
/**
* Gather the data needed for a 3D Secure lookup call.
*
* @public
* @param {object} options Options for 3D Secure lookup.
* @param {string} options.nonce The nonce representing the card from a tokenization payload. For example, this can be a {@link HostedFields~tokenizePayload|tokenizePayload} returned by Hosted Fields under `payload.nonce`.
* @param {string} options.bin The numeric Bank Identification Number (bin) of the card from a tokenization payload. For example, this can be a {@link HostedFields~tokenizePayload|tokenizePayload} returned by Hosted Fields under `payload.details.bin`.
* @param {callback} [callback] The second argument, <code>data</code>, is a {@link ThreeDSecure~prepareLookupPayload|prepareLookupPayload}. If no callback is provided, it will return a promise that resolves {@link ThreeDSecure~prepareLookupPayload|prepareLookupPayload}.
* @returns {(Promise|void)} Returns a promise if no callback is provided.
* @example
* <caption>Preparing data for a 3D Secure lookup</caption>
* threeDSecure.prepareLookup({
* nonce: hostedFieldsTokenizationPayload.nonce,
* bin: hostedFieldsTokenizationPayload.details.bin
* }, function (err, payload) {
* if (err) {
* console.error(err);
* return;
* }
*
* // send payload to server to do server side lookup
* });
*/
ThreeDSecure.prototype.prepareLookup = function (options) {
return this._framework.prepareLookup(options).then(function (data) {
return JSON.stringify(data);
});
};
/**
* Cancel the 3DS flow and return the verification payload if available. If using 3D Secure version 2, this will not close the UI of the authentication modal. It is recommended that this method only be used in the {@link ThreeDSecure#event:lookup-complete|`lookup-complete`} event or the `onLookupComplete` callback.
* @public
* @param {callback} [callback] The second argument is a {@link ThreeDSecure~verifyPayload|verifyPayload}. If there is no verifyPayload (the initial lookup did not complete), an error will be returned. If no callback is passed, `cancelVerifyCard` will return a promise.
* @returns {(Promise|void)} Returns a promise if no callback is provided.
* @example <caption>Cancel the verification in `lookup-complete` event</caption>
* // set up listener after instantiation
* threeDSecure.on('lookup-complete', function (data, next) {
* // determine if you want to call next to start the challenge,
* // if not, call cancelVerifyCard
* threeDSecure.cancelVerifyCard(function (err, verifyPayload) {
* if (err) {
* // Handle error
* console.log(err.message); // No verification payload available
* return;
* }
*
* verifyPayload.nonce; // The nonce returned from the 3ds lookup call
* verifyPayload.liabilityShifted; // boolean
* verifyPayload.liabilityShiftPossible; // boolean
* });
* });
*
* // after tokenizing a credit card
* threeDSecure.verifyCard({
* amount: '100.00',
* nonce: nonceFromTokenizationPayload,
* bin: binFromTokenizationPayload
* // other fields such as billing address
* }, function (verifyError, payload) {
* if (verifyError) {
* if (verifyError.code === 'THREEDS_VERIFY_CARD_CANCELED_BY_MERCHANT ') {
* // flow was canceled by merchant, 3ds info can be found in the payload
* // for cancelVerifyCard
* }
* }
* });
* @example <caption>Cancel the verification in onLookupComplete callback</caption>
* threeDSecure.verifyCard({
* amount: '100.00',
* nonce: nonceFromTokenizationPayload,
* bin: binFromTokenizationPayload,
* // other fields such as billing address
* onLookupComplete: function (data, next) {
* // determine if you want to call next to start the challenge,
* // if not, call cancelVerifyCard
* threeDSecure.cancelVerifyCard(function (err, verifyPayload) {
* if (err) {
* // Handle error
* console.log(err.message); // No verification payload available
* return;
* }
*
* verifyPayload.nonce; // The nonce returned from the 3ds lookup call
* verifyPayload.liabilityShifted; // boolean
* verifyPayload.liabilityShiftPossible; // boolean
* });
* }
* }, function (verifyError, payload) {
* if (verifyError) {
* if (verifyError.code === 'THREEDS_VERIFY_CARD_CANCELED_BY_MERCHANT ') {
* // flow was canceled by merchant, 3ds info can be found in the payload
* // for cancelVerifyCard
* }
* }
* });
* @example <caption>Cancel the verification in 3D Secure version 1</caption>
* // unlike with v2, this will not cause `verifyCard` to error, it will simply
* // never call the callback
* threeDSecure.cancelVerifyCard(function (err, verifyPayload) {
* if (err) {
* // Handle error
* console.log(err.message); // No verification payload available
* return;
* }
*
* verifyPayload.nonce; // The nonce returned from the 3ds lookup call
* verifyPayload.liabilityShifted; // boolean
* verifyPayload.liabilityShiftPossible; // boolean
* });
*/
ThreeDSecure.prototype.cancelVerifyCard = function () {
return this._framework.cancelVerifyCard();
};
/**
* Cleanly remove anything set up by {@link module:braintree-web/three-d-secure.create|create}, with the exception that the Cardinal SDK, on window.Cardinal, will remain.
* @public
* @param {callback} [callback] Called on completion. If no callback is passed, `teardown` will return a promise.
* @example
* threeDSecure.teardown();
* @example <caption>With callback</caption>
* threeDSecure.teardown(function () {
* // teardown is complete
* });
* @returns {(Promise|void)} Returns a promise if no callback is provided.
*/
ThreeDSecure.prototype.teardown = function () {
var methodNames = methods(ThreeDSecure.prototype).concat(
methods(EventEmitter.prototype)
);
convertMethodsToError(this, methodNames);
return this._framework.teardown();
};
module.exports = wrapPromise.wrapPrototype(ThreeDSecure);