Merge pull request #1 from magento/2.3-develop

merge magento:2.3-develop

Author: mmularski

.github/CONTRIBUTING.md

@@ -11,7 +11,7 @@ The Magento 2 development team or community maintainers will review all issues a
 During the review we might require clarifications from the contributor.
 If there is no response from the contributor within two weeks, the pull request will be closed.
 
-For more detialed information on contribution please read our [beginners guide](https://github.com/magento/magento2/wiki/Getting-Started).
+For more detailed information on contribution please read our [beginners guide](https://github.com/magento/magento2/wiki/Getting-Started).
 
 ## Contribution requirements
 

app/code/Magento/AdminNotification/Model/Feed.php

@@ -5,6 +5,8 @@
  */
 namespace Magento\AdminNotification\Model;
 
+use Magento\Framework\Escaper;
+use Magento\Framework\App\ObjectManager;
 use Magento\Framework\Config\ConfigOptionsListConstants;
 
 /**
@@ -25,6 +27,11 @@ class Feed extends \Magento\Framework\Model\AbstractModel
 
     const XML_LAST_UPDATE_PATH = 'system/adminnotification/last_update';
 
+    /**
+     * @var Escaper
+     */
+    private $escaper;
+
     /**
      * Feed url
      *
@@ -77,6 +84,7 @@ class Feed extends \Magento\Framework\Model\AbstractModel
      * @param \Magento\Framework\Model\ResourceModel\AbstractResource $resource
      * @param \Magento\Framework\Data\Collection\AbstractDb $resourceCollection
      * @param array $data
+     * @param Escaper|null $escaper
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
     public function __construct(
@@ -90,21 +98,26 @@ public function __construct(
         \Magento\Framework\UrlInterface $urlBuilder,
         \Magento\Framework\Model\ResourceModel\AbstractResource $resource = null,
         \Magento\Framework\Data\Collection\AbstractDb $resourceCollection = null,
-        array $data = []
+        array $data = [],
+        Escaper $escaper = null
     ) {
         parent::__construct($context, $registry, $resource, $resourceCollection, $data);
-        $this->_backendConfig    = $backendConfig;
-        $this->_inboxFactory     = $inboxFactory;
-        $this->curlFactory       = $curlFactory;
+        $this->_backendConfig = $backendConfig;
+        $this->_inboxFactory = $inboxFactory;
+        $this->curlFactory = $curlFactory;
         $this->_deploymentConfig = $deploymentConfig;
-        $this->productMetadata   = $productMetadata;
-        $this->urlBuilder        = $urlBuilder;
+        $this->productMetadata = $productMetadata;
+        $this->urlBuilder = $urlBuilder;
+        $this->escaper = $escaper ?? ObjectManager::getInstance()->get(
+            Escaper::class
+        );
     }
 
     /**
      * Init model
      *
      * @return void
+     * phpcs:disable Magento2.CodeAnalysis.EmptyBlock
      */
     protected function _construct()
     {
@@ -252,6 +265,6 @@ public function getFeedXml()
      */
     private function escapeString(\SimpleXMLElement $data)
     {
-        return htmlspecialchars((string)$data);
+        return $this->escaper->escapeHtml((string)$data);
     }
 }

app/code/Magento/AdminNotification/composer.json

@@ -11,7 +11,8 @@
         "magento/module-backend": "*",
         "magento/module-media-storage": "*",
         "magento/module-store": "*",
-        "magento/module-ui": "*"
+        "magento/module-ui": "*",
+        "magento/module-config": "*"
     },
     "type": "magento2-module",
     "license": [

app/code/Magento/AdvancedSearch/view/adminhtml/templates/system/config/testconnection.phtml

@@ -11,5 +11,5 @@
     "successText": "<?= $block->escapeHtmlAttr(__('Successful! Test again?')) ?>",
     "failedText": "<?= $block->escapeHtmlAttr(__('Connection failed! Test again?')) ?>",
     "fieldMapping": "<?= /* @noEscape */ $block->getFieldMapping() ?>"}, "validation": {}}'>
-    <span><span><span id="<?= $block->getHtmlId() ?>_result"><?= $block->escapeHtml($block->getButtonLabel()) ?></span></span></span>
+    <span id="<?= $block->getHtmlId() ?>_result"><?= $block->escapeHtml($block->getButtonLabel()) ?></span>
 </button>

app/code/Magento/Analytics/Test/Mftf/Section/AdminConfigAdvancedReportingSection.xml

@@ -14,8 +14,8 @@
         <element name="advancedReportingIndustry" type="select" selector="#analytics_general_vertical"/>
         <element name="advancedReportingIndustryLabel" type="text" selector=".config-vertical-label>label>span"/>
         <element name="advancedReportingHour" type="select" selector="#row_analytics_general_collection_time>td:nth-child(2)>select:nth-child(2)"/>
-        <element name="advancedReportingMinute" type="select" selector="#row_analytics_general_collection_time>td:nth-child(2)>select:nth-child(3)"/>
-        <element name="advancedReportingSeconds" type="select" selector="#row_analytics_general_collection_time>td:nth-child(2)>select:nth-child(4)"/>
+        <element name="advancedReportingMinute" type="select" selector="#row_analytics_general_collection_time>td:nth-child(2)>select:nth-child(4)"/>
+        <element name="advancedReportingSeconds" type="select" selector="#row_analytics_general_collection_time>td:nth-child(2)>select:nth-child(6)"/>
         <element name="advancedReportingBlankIndustryError" type="text" selector=".message-error>div"/>
     </section>
 </sections>

app/code/Magento/AuthorizenetAcceptjs/Gateway/Request/StubDataBuilder.php

@@ -0,0 +1,28 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\AuthorizenetAcceptjs\Gateway\Request;
+
+use Magento\Payment\Gateway\Request\BuilderInterface;
+
+/**
+ * Stub data builder.
+ *
+ * Since the order of params is matters for Authorize.net request,
+ * this builder is used to reserve a place in builders sequence.
+ */
+class StubDataBuilder implements BuilderInterface
+{
+    /**
+     * @inheritdoc
+     */
+    public function build(array $buildSubject): array
+    {
+        return [];
+    }
+}

app/code/Magento/AuthorizenetAcceptjs/Test/Unit/Observer/DataAssignObserverTest.php

@@ -17,6 +17,9 @@
 use Magento\Quote\Api\Data\PaymentInterface;
 use PHPUnit\Framework\TestCase;
 
+/**
+ * Tests DataAssignObserver
+ */
 class DataAssignObserverTest extends TestCase
 {
     public function testExecuteSetsProperData()
@@ -30,9 +33,7 @@ public function testExecuteSetsProperData()
         $observerContainer = $this->createMock(Observer::class);
         $event = $this->createMock(Event::class);
         $paymentInfoModel = $this->createMock(InfoInterface::class);
-        $dataObject = new DataObject([
-            PaymentInterface::KEY_ADDITIONAL_DATA => $additionalInfo
-        ]);
+        $dataObject = new DataObject([PaymentInterface::KEY_ADDITIONAL_DATA => $additionalInfo]);
         $observerContainer->method('getEvent')
             ->willReturn($event);
         $event->method('getDataByKey')

app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml

@@ -11,4 +11,24 @@
             <argument name="config" xsi:type="object">Magento\AuthorizenetAcceptjs\Model\Ui\ConfigProvider</argument>
         </arguments>
     </type>
+    <virtualType name="AuthorizenetAcceptjsAuthorizeRequest" type="Magento\Payment\Gateway\Request\BuilderComposite">
+        <arguments>
+            <argument name="builders" xsi:type="array">
+                <item name="request_type" xsi:type="string">AuthorizenetAcceptjsTransactionRequestTypeBuilder</item>
+                <item name="store" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\StoreConfigBuilder</item>
+                <item name="merchant_account" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\AuthenticationDataBuilder</item>
+                <item name="transaction_type" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\AuthorizeDataBuilder</item>
+                <item name="amount" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\AmountDataBuilder</item>
+                <item name="payment" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\PaymentDataBuilder</item>
+                <item name="shipping" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\ShippingDataBuilder</item>
+                <item name="solution" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\SolutionDataBuilder</item>
+                <item name="order" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\OrderDataBuilder</item>
+                <item name="po" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\PoDataBuilder</item>
+                <item name="customer" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\CustomerDataBuilder</item>
+                <item name="address" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\AddressDataBuilder</item>
+                <item name="custom_settings" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\CustomSettingsBuilder</item>
+                <item name="passthrough_data" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\PassthroughDataBuilder</item>
+            </argument>
+        </arguments>
+    </virtualType>
 </config>

app/code/Magento/AuthorizenetAcceptjs/etc/di.xml

@@ -258,6 +258,7 @@
                 <item name="po" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\PoDataBuilder</item>
                 <item name="customer" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\CustomerDataBuilder</item>
                 <item name="address" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\AddressDataBuilder</item>
+                <item name="3d_secure" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\StubDataBuilder</item>
                 <item name="custom_settings" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\CustomSettingsBuilder</item>
                 <item name="passthrough_data" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Request\PassthroughDataBuilder</item>
             </argument>

app/code/Magento/AuthorizenetCardinal/Gateway/Request/Authorize3DSecureBuilder.php

@@ -0,0 +1,82 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\AuthorizenetCardinal\Gateway\Request;
+
+use Magento\AuthorizenetAcceptjs\Gateway\SubjectReader;
+use Magento\AuthorizenetCardinal\Model\Config;
+use Magento\CardinalCommerce\Model\Response\JwtParser;
+use Magento\Payment\Gateway\Request\BuilderInterface;
+use Magento\Sales\Model\Order\Payment;
+
+/**
+ * Adds the cardholder authentication information to the request
+ */
+class Authorize3DSecureBuilder implements BuilderInterface
+{
+    /**
+     * @var SubjectReader
+     */
+    private $subjectReader;
+
+    /**
+     * @var Config
+     */
+    private $config;
+
+    /**
+     * @var JwtParser
+     */
+    private $jwtParser;
+
+    /**
+     * @param SubjectReader $subjectReader
+     * @param Config $config
+     * @param JwtParser $jwtParser
+     */
+    public function __construct(
+        SubjectReader $subjectReader,
+        Config $config,
+        JwtParser $jwtParser
+    ) {
+        $this->subjectReader = $subjectReader;
+        $this->config = $config;
+        $this->jwtParser = $jwtParser;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function build(array $buildSubject): array
+    {
+        if ($this->config->isActive() === false) {
+            return [];
+        }
+
+        $paymentDO = $this->subjectReader->readPayment($buildSubject);
+        $payment = $paymentDO->getPayment();
+        $data = [];
+
+        if ($payment instanceof Payment) {
+            $cardinalJwt = (string)$payment->getAdditionalInformation('cardinalJWT');
+            $jwtPayload = $this->jwtParser->execute($cardinalJwt);
+            $eciFlag = $jwtPayload['Payload']['Payment']['ExtendedData']['ECIFlag'] ?? '';
+            $cavv = $jwtPayload['Payload']['Payment']['ExtendedData']['CAVV'] ?? '';
+            $data = [
+                'transactionRequest' => [
+                    'cardholderAuthentication' => [
+                        'authenticationIndicator' => $eciFlag,
+                        'cardholderAuthenticationValue' => $cavv
+                    ],
+                ]
+            ];
+        }
+
+        return $data;
+    }
+}