feat: add support for sdkData API field #3511
Conversation
m1aw
requested review from
sponglord,
ribeiroguilherme and
longyulongyu
as code owners
🦋 Changeset detectedLatest commit: 9e987e7 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
✅ Deploy Preview for adyen-web ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @m1aw, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request implements support for a new sdkData API field, designed to centralize and transmit crucial analytics and risk-related information within payment requests. The sdkData is generated as a base64-encoded JSON blob, containing a schema version, checkout attempt ID, and client risk data. This ensures a standardized and secure way to pass this information for both session-based and advanced payment flows.
Highlights
- New API Field
sdkData: Introduces support for a newsdkDataAPI field, which will be an encrypted blob containing analytics and risk information. - Data Encapsulation: The
sdkDatafield consolidatesanalytics(specificallycheckoutAttemptId) andriskData(specificallyclientData) into a single, base64-encoded JSON object. - Integration into Payment Flows: This new field is integrated into the
.data()method ofBaseElement, ensuring its inclusion in payment requests for both sessions and advanced flows when relevant data is available. - Utility Function: A new utility
createSdkDatais added to handle the construction and encoding of thesdkDataobject.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request introduces support for a new sdkData API field, which encapsulates analytics and risk data into a single base64-encoded JSON string. The changes look good overall. I've added a couple of comments: one to prevent sending a 'failed' state value in the sdkData payload, and another to improve maintainability by using a constant for the schema version.
| // Create sdkData when both analytics and risk data are available | ||
| const sdkData = checkoutAttemptId && clientData ? createSdkData(checkoutAttemptId, clientData) : undefined; |
There was a problem hiding this comment.
The current logic for creating sdkData could result in sending an invalid checkoutAttemptId. The checkoutAttemptId variable can hold the value of NO_CHECKOUT_ATTEMPT_ID (which is 'fetch-checkoutAttemptId-failed'), a truthy string. This means sdkData would be created with this 'failed' value if clientData is present.
The comment on line 108 indicates that sdkData should only be created when both analytics and risk data are available. To ensure a valid checkoutAttemptId is used, you should add a check to exclude NO_CHECKOUT_ATTEMPT_ID.
| // Create sdkData when both analytics and risk data are available | |
| const sdkData = checkoutAttemptId && clientData ? createSdkData(checkoutAttemptId, clientData) : undefined; | |
| // Create sdkData when both a valid checkoutAttemptId and risk data are available | |
| const sdkData = checkoutAttemptId && checkoutAttemptId !== NO_CHECKOUT_ATTEMPT_ID && clientData ? createSdkData(checkoutAttemptId, clientData) : undefined; |
| export function createSdkData(checkoutAttemptId: string, clientData: string): string { | ||
| const sdkDataObject: SdkDataObject = { | ||
| schemaVersion: '1.0', | ||
| analytics: { | ||
| checkoutAttemptId | ||
| }, | ||
| riskData: { | ||
| clientData | ||
| } | ||
| }; | ||
|
|
||
| return base64.encode(JSON.stringify(sdkDataObject)); | ||
| } |
There was a problem hiding this comment.
To improve maintainability and avoid using a magic string for the schema version, it's a good practice to define it as a constant.
| export function createSdkData(checkoutAttemptId: string, clientData: string): string { | |
| const sdkDataObject: SdkDataObject = { | |
| schemaVersion: '1.0', | |
| analytics: { | |
| checkoutAttemptId | |
| }, | |
| riskData: { | |
| clientData | |
| } | |
| }; | |
| return base64.encode(JSON.stringify(sdkDataObject)); | |
| } | |
| const SDK_DATA_SCHEMA_VERSION = '1.0'; | |
| export function createSdkData(checkoutAttemptId: string, clientData: string): string { | |
| const sdkDataObject: SdkDataObject = { | |
| schemaVersion: SDK_DATA_SCHEMA_VERSION, | |
| analytics: { | |
| checkoutAttemptId | |
| }, | |
| riskData: { | |
| clientData | |
| } | |
| }; | |
| return base64.encode(JSON.stringify(sdkDataObject)); | |
| } |
size-limit report 📦
|
m1aw
force-pushed
the
feature/add-sdkdata-support
branch
from
c2aa44b to
9e987e7
Compare
|
Summary
Add support for a new API field sdkData. Please check internal ticket for the full details. This PR adds sdkData as an encrypted blob in the
.data(), this is used both on sessions and advanced flow payment requests.Tested scenarios
Fixed issue:
COSDK-514