Google Git
Sign in
chromium / chromium / src / 2b544cbc99edf9ca0c569de1a434e45b43bd93be / . / components / payments / content / payment_request.cc
blob: c13eba8222439a9d8a627aa33b10c4ae7f91665d [file] [log] [blame]
// Copyright 2016 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/payments/content/payment_request.h"
#include <string>
#include <utility>
#include "base/containers/contains.h"
#include "base/feature_list.h"
#include "base/functional/bind.h"
#include "base/logging.h"
#include "base/ranges/algorithm.h"
#include "base/strings/string_util.h"
#include "components/payments/content/can_make_payment_query_factory.h"
#include "components/payments/content/content_payment_request_delegate.h"
#include "components/payments/content/payment_app.h"
#include "components/payments/content/payment_details_converter.h"
#include "components/payments/content/payment_request_converter.h"
#include "components/payments/content/payment_request_web_contents_manager.h"
#include "components/payments/content/secure_payment_confirmation_no_creds.h"
#include "components/payments/core/can_make_payment_query.h"
#include "components/payments/core/error_message_util.h"
#include "components/payments/core/error_strings.h"
#include "components/payments/core/features.h"
#include "components/payments/core/method_strings.h"
#include "components/payments/core/native_error_strings.h"
#include "components/payments/core/payment_details.h"
#include "components/payments/core/payment_details_validation.h"
#include "components/payments/core/payment_prefs.h"
#include "components/payments/core/payment_request_delegate.h"
#include "components/payments/core/payments_experimental_features.h"
#include "components/payments/core/payments_validators.h"
#include "components/payments/core/url_util.h"
#include "components/prefs/pref_service.h"
#include "components/url_formatter/elide_url.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/navigation_handle.h"
#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/web_contents.h"
#include "content/public/common/content_features.h"
#include "services/metrics/public/cpp/ukm_source_id.h"
#include "services/network/public/cpp/is_potentially_trustworthy.h"
namespace payments {
namespace {
using ::payments::mojom::CanMakePaymentQueryResult;
using ::payments::mojom::HasEnrolledInstrumentQueryResult;
// Redact shipping address before exposing it in ShippingAddressChangeEvent.
// https://w3c.github.io/payment-request/#shipping-address-changed-algorithm
mojom::PaymentAddressPtr RedactShippingAddress(
mojom::PaymentAddressPtr address) {
DCHECK(address);
if (!PaymentsExperimentalFeatures::IsEnabled(
features::kWebPaymentsRedactShippingAddress)) {
return address;
}
address->organization.clear();
address->phone.clear();
address->recipient.clear();
address->address_line.clear();
return address;
}
} // namespace
PaymentRequest::PaymentRequest(
std::unique_ptr<ContentPaymentRequestDelegate> delegate,
mojo::PendingReceiver<mojom::PaymentRequest> receiver)
: DocumentService(*delegate->GetRenderFrameHost(), std::move(receiver)),
WebContentsObserver(content::WebContents::FromRenderFrameHost(
delegate->GetRenderFrameHost())),
log_(web_contents()),
delegate_(std::move(delegate)),
display_manager_(delegate_->GetDisplayManager()->GetWeakPtr()),
display_handle_(nullptr),
top_level_origin_(url_formatter::FormatUrlForSecurityDisplay(
web_contents()->GetLastCommittedURL())),
frame_origin_(url_formatter::FormatUrlForSecurityDisplay(
delegate_->GetRenderFrameHost()->GetLastCommittedURL())),
frame_security_origin_(
delegate_->GetRenderFrameHost()->GetLastCommittedOrigin()),
spc_transaction_mode_(
PaymentRequestWebContentsManager::GetOrCreateForWebContents(
*web_contents())
->transaction_mode()),
journey_logger_(delegate_->IsOffTheRecord(),
delegate_->GetRenderFrameHost()->GetPageUkmSourceId()) {
payment_handler_host_ = std::make_unique<PaymentHandlerHost>(
web_contents(), weak_ptr_factory_.GetWeakPtr());
}
PaymentRequest::~PaymentRequest() {
client_.reset();
payment_handler_host_->Disconnect();
delegate_->CloseDialog();
display_handle_.reset();
if (observer_for_testing_)
observer_for_testing_->OnConnectionTerminated();
// If another reason wasn't recorded, we were self-deleted, along with closing
// the mojo connection. We just self-delete immediately instead of waiting
// for the round trip of reporting an error to the renderer, but we report it
// as if we did wait for the round trip.
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_MOJO_CONNECTION_ERROR);
}
void PaymentRequest::Init(
mojo::PendingRemote<mojom::PaymentRequestClient> client,
std::vector<mojom::PaymentMethodDataPtr> method_data,
mojom::PaymentDetailsPtr details,
mojom::PaymentOptionsPtr options) {
DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
if (is_initialized_) {
log_.Error(errors::kAttemptedInitializationTwice);
ResetAndDeleteThis();
return;
}
journey_logger_.RecordCheckoutStep(
JourneyLogger::CheckoutFunnelStep::kInitiated);
is_initialized_ = true;
client_.Bind(std::move(client));
const GURL last_committed_url = delegate_->GetLastCommittedURL();
if (!network::IsUrlPotentiallyTrustworthy(last_committed_url)) {
log_.Error(errors::kNotInASecureOrigin);
ResetAndDeleteThis();
return;
}
bool allowed_origin =
UrlUtil::IsOriginAllowedToUseWebPaymentApis(last_committed_url);
if (!allowed_origin) {
reject_show_error_message_ = errors::kProhibitedOrigin;
}
bool invalid_ssl = false;
if (last_committed_url.SchemeIsCryptographic()) {
DCHECK(reject_show_error_message_.empty());
reject_show_error_message_ =
delegate_->GetInvalidSslCertificateErrorMessage();
invalid_ssl = !reject_show_error_message_.empty();
}
if (!allowed_origin || invalid_ssl) {
// Intentionally don't set |spec_| and |state_|, so the UI is never shown.
log_.Error(reject_show_error_message_);
log_.Error(errors::kProhibitedOriginOrInvalidSslExplanation);
client_->OnError(
mojom::PaymentErrorReason::NOT_SUPPORTED_FOR_INVALID_ORIGIN_OR_SSL,
reject_show_error_message_);
ResetAndDeleteThis();
return;
}
if (method_data.empty()) {
log_.Error(errors::kMethodDataRequired);
ResetAndDeleteThis();
return;
}
if (base::ranges::any_of(method_data, [](const auto& datum) {
return !datum || datum->supported_method.empty();
})) {
log_.Error(errors::kMethodNameRequired);
ResetAndDeleteThis();
return;
}
if (!details || !details->id || !details->total) {
log_.Error(errors::kInvalidPaymentDetails);
ResetAndDeleteThis();
return;
}
if (!options) {
log_.Error(errors::kInvalidPaymentOptions);
ResetAndDeleteThis();
return;
}
std::string error;
if (!ValidatePaymentDetails(ConvertPaymentDetails(details), &error)) {
log_.Error(error);
ResetAndDeleteThis();
return;
}
spec_ = std::make_unique<PaymentRequestSpec>(
std::move(options), std::move(details), std::move(method_data),
/*observer=*/weak_ptr_factory_.GetWeakPtr(),
delegate_->GetApplicationLocale());
state_ = std::make_unique<PaymentRequestState>(
std::make_unique<PaymentAppService>(
render_frame_host().GetBrowserContext()),
&render_frame_host(), top_level_origin_, frame_origin_,
frame_security_origin_, spec(),
/*delegate=*/weak_ptr_factory_.GetWeakPtr(),
delegate_->GetApplicationLocale(), delegate_->GetPersonalDataManager(),
delegate_->GetContentWeakPtr(), journey_logger_.GetWeakPtr(),
/*csp_checker=*/weak_ptr_factory_.GetWeakPtr());
journey_logger_.SetRequestedInformation(
spec_->request_shipping(), spec_->request_payer_email(),
spec_->request_payer_phone(), spec_->request_payer_name());
// Log metrics around which payment methods are requested by the merchant.
GURL google_pay_url(methods::kGooglePay);
GURL android_pay_url(methods::kAndroidPay);
GURL google_play_billing_url(methods::kGooglePlayBilling);
std::vector<JourneyLogger::PaymentMethodCategory> method_categories;
if (base::Contains(spec_->url_payment_method_identifiers(), google_pay_url) ||
base::Contains(spec_->url_payment_method_identifiers(),
android_pay_url)) {
method_categories.push_back(JourneyLogger::PaymentMethodCategory::kGoogle);
}
if (base::Contains(spec_->url_payment_method_identifiers(),
google_play_billing_url)) {
method_categories.push_back(
JourneyLogger::PaymentMethodCategory::kPlayBilling);
}
if (spec_->IsSecurePaymentConfirmationRequested()) {
method_categories.push_back(
JourneyLogger::PaymentMethodCategory::kSecurePaymentConfirmation);
}
if (base::ranges::any_of(
spec_->url_payment_method_identifiers(), [&](const GURL& url) {
return url != google_pay_url && url != android_pay_url &&
url != google_play_billing_url;
})) {
method_categories.push_back(JourneyLogger::PaymentMethodCategory::kOther);
}
journey_logger_.SetRequestedPaymentMethods(method_categories);
payment_handler_host_->set_payment_request_id_for_logs(*spec_->details().id);
if (spec_->IsSecurePaymentConfirmationRequested()) {
delegate_->set_dialog_type(
PaymentRequestDelegate::DialogType::SECURE_PAYMENT_CONFIRMATION);
}
if (VLOG_IS_ON(2)) {
std::vector<std::string> payment_method_identifiers(
spec_->payment_method_identifiers_set().begin(),
spec_->payment_method_identifiers_set().end());
std::string total = spec_->details().total
? (spec_->details().total->amount->currency +
spec_->details().total->amount->value)
: "N/A";
VLOG(2) << "Initialized PaymentRequest (" << *spec_->details().id << ")"
<< "\n Top origin: " << top_level_origin_.spec()
<< "\n Frame origin: " << frame_origin_.spec()
<< "\n Requested methods: "
<< base::JoinString(payment_method_identifiers, ", ")
<< "\n Total: " << total
<< "\n Options: shipping = " << spec_->request_shipping()
<< ", name = " << spec_->request_payer_name()
<< ", phone = " << spec_->request_payer_phone()
<< ", email = " << spec_->request_payer_email();
}
}
void PaymentRequest::Show(bool wait_for_updated_details) {
if (!IsInitialized()) {
log_.Error(errors::kCannotShowWithoutInit);
ResetAndDeleteThis();
return;
}
if (is_show_called_) {
log_.Error(errors::kCannotShowTwice);
ResetAndDeleteThis();
return;
}
journey_logger_.RecordCheckoutStep(
JourneyLogger::CheckoutFunnelStep::kShowCalled);
is_show_called_ = true;
// A tab can display only one PaymentRequest UI at a time.
if (display_manager_)
display_handle_ = display_manager_->TryShow(delegate_->GetContentWeakPtr());
if (!display_handle_) {
log_.Error(errors::kAnotherUiShowing);
DCHECK(!has_recorded_completion_);
has_recorded_completion_ = true;
journey_logger_.SetNotShown(
JourneyLogger::NOT_SHOWN_REASON_CONCURRENT_REQUESTS);
client_->OnError(mojom::PaymentErrorReason::ALREADY_SHOWING,
errors::kAnotherUiShowing);
ResetAndDeleteThis();
return;
}
if (!delegate_->IsBrowserWindowActive()) {
log_.Error(errors::kCannotShowInBackgroundTab);
DCHECK(!has_recorded_completion_);
has_recorded_completion_ = true;
journey_logger_.SetNotShown(JourneyLogger::NOT_SHOWN_REASON_OTHER);
client_->OnError(mojom::PaymentErrorReason::USER_CANCEL,
errors::kCannotShowInBackgroundTab);
ResetAndDeleteThis();
return;
}
if (wait_for_updated_details) {
// Put |spec_| into uninitialized state, so the UI knows to show a spinner.
// This method does not block.
spec_->StartWaitingForUpdateWith(
PaymentRequestSpec::UpdateReason::INITIAL_PAYMENT_DETAILS);
spec_->AddInitializationObserver(this);
} else {
DCHECK(spec_->details().total);
}
// If an app store billing payment method is one of the payment methods being
// requested, then don't show any user interface until its known whether it's
// possible to skip UI directly into an app store billing payment app.
if (!spec_->IsAppStoreBillingAlsoRequested())
display_handle_->Show(weak_ptr_factory_.GetWeakPtr());
state_->AreRequestedMethodsSupported(
base::BindOnce(&PaymentRequest::AreRequestedMethodsSupportedCallback,
weak_ptr_factory_.GetWeakPtr()));
}
void PaymentRequest::Retry(mojom::PaymentValidationErrorsPtr errors) {
if (!IsInitialized()) {
log_.Error(errors::kCannotRetryWithoutInit);
ResetAndDeleteThis();
return;
}
if (!IsThisPaymentRequestShowing()) {
log_.Error(errors::kCannotRetryWithoutShow);
ResetAndDeleteThis();
return;
}
std::string error;
if (!PaymentsValidators::IsValidPaymentValidationErrorsFormat(errors,
&error)) {
log_.Error(error);
client_->OnError(mojom::PaymentErrorReason::USER_CANCEL, error);
ResetAndDeleteThis();
return;
}
VLOG(2) << "PaymentRequest (" << *spec_->details().id
<< ") retry with error: " << error;
state()->SetAvailablePaymentAppForRetry();
spec()->Retry(std::move(errors));
display_handle_->Retry();
}
void PaymentRequest::UpdateWith(mojom::PaymentDetailsPtr details) {
if (!IsInitialized()) {
log_.Error(errors::kCannotUpdateWithoutInit);
ResetAndDeleteThis();
return;
}
if (!IsThisPaymentRequestShowing()) {
log_.Error(errors::kCannotUpdateWithoutShow);
ResetAndDeleteThis();
return;
}
// ID cannot be updated. Updating the total is optional.
if (!details || details->id) {
log_.Error(errors::kInvalidPaymentDetails);
ResetAndDeleteThis();
return;
}
std::string error;
if (!ValidatePaymentDetails(ConvertPaymentDetails(details), &error)) {
log_.Error(error);
ResetAndDeleteThis();
return;
}
if (details->shipping_address_errors &&
!PaymentsValidators::IsValidAddressErrorsFormat(
details->shipping_address_errors, &error)) {
log_.Error(error);
ResetAndDeleteThis();
return;
}
if (state()->selected_app() && state()->IsPaymentAppInvoked() &&
state()->selected_app()->IsWaitingForPaymentDetailsUpdate()) {
state()->selected_app()->UpdateWith(
PaymentDetailsConverter::ConvertToPaymentRequestDetailsUpdate(
details, state()->selected_app()->HandlesShippingAddress(),
base::BindRepeating(&PaymentApp::IsValidForPaymentMethodIdentifier,
state()->selected_app()->AsWeakPtr())));
}
bool is_resolving_promise_passed_into_show_method = !spec_->IsInitialized();
spec_->UpdateWith(std::move(details));
if (is_resolving_promise_passed_into_show_method) {
DCHECK(spec_->details().total);
if (is_requested_methods_supported_invoked_) {
if (SatisfiesSkipUIConstraints()) {
Pay();
} else {
// If not skipping UI, then make sure that the browser payment sheet is
// being displayed.
if (!display_handle_->was_shown())
display_handle_->Show(weak_ptr_factory_.GetWeakPtr());
if (spec_->request_shipping())
state_->SelectDefaultShippingAddressAndNotifyObservers();
}
}
}
}
void PaymentRequest::OnPaymentDetailsNotUpdated() {
// This Mojo call is triggered by the user of the API doing nothing in
// response to a shipping address update event, so the error messages cannot
// be more verbose.
if (!IsInitialized()) {
log_.Error(errors::kNotInitialized);
ResetAndDeleteThis();
return;
}
if (!IsThisPaymentRequestShowing()) {
log_.Error(errors::kNotShown);
ResetAndDeleteThis();
return;
}
spec_->RecomputeSpecForDetails();
if (state()->IsPaymentAppInvoked() && state()->selected_app() &&
state()->selected_app()->IsWaitingForPaymentDetailsUpdate()) {
state()->selected_app()->OnPaymentDetailsNotUpdated();
}
}
void PaymentRequest::Abort() {
if (!IsInitialized()) {
log_.Error(errors::kCannotAbortWithoutInit);
ResetAndDeleteThis();
return;
}
if (!IsThisPaymentRequestShowing()) {
log_.Error(errors::kCannotAbortWithoutShow);
ResetAndDeleteThis();
return;
}
// The API user has decided to abort. If a successful abort message is
// returned to the renderer, the Mojo message pipe is closed, which triggers
// the destruction of this object.
// Otherwise, the abort promise is rejected and the pipe is not closed.
// The abort is only successful if the payment app wasn't yet invoked.
// TODO(crbug.com/716546): Add a merchant abort metric
if (observer_for_testing_)
observer_for_testing_->OnAbortCalled();
if (!state_->IsPaymentAppInvoked() || !state_->selected_app()) {
OnAbortResult(/*aborted=*/true);
return;
}
state_->selected_app()->AbortPaymentApp(base::BindOnce(
&PaymentRequest::OnAbortResult, weak_ptr_factory_.GetWeakPtr()));
}
void PaymentRequest::Complete(mojom::PaymentComplete result) {
if (!IsInitialized()) {
log_.Error(errors::kCannotCompleteWithoutInit);
ResetAndDeleteThis();
return;
}
if (!IsThisPaymentRequestShowing()) {
log_.Error(errors::kCannotAbortWithoutShow);
ResetAndDeleteThis();
return;
}
if (observer_for_testing_) {
observer_for_testing_->OnCompleteCalled();
}
// Failed transactions show an error. Successful and unknown-state
// transactions don't show an error.
if (result == mojom::PaymentComplete::FAIL) {
ShowErrorMessageAndAbortPayment();
} else {
DCHECK(!has_recorded_completion_);
journey_logger_.SetCompleted();
has_recorded_completion_ = true;
DCHECK(spec_->details().total);
delegate_->GetPrefService()->SetBoolean(kPaymentsFirstTransactionCompleted,
true);
// When the renderer closes the connection this object will be destroyed.
client_->OnComplete();
state_->RecordUseStats();
}
}
void PaymentRequest::CanMakePayment() {
if (!IsInitialized()) {
log_.Error(errors::kCannotCallCanMakePaymentWithoutInit);
ResetAndDeleteThis();
return;
}
// It's valid to call canMakePayment() without calling show() first.
if (observer_for_testing_)
observer_for_testing_->OnCanMakePaymentCalled();
if (!delegate_->GetPrefService()->GetBoolean(kCanMakePaymentEnabled)) {
CanMakePaymentCallback(/*can_make_payment=*/false);
} else {
state_->CanMakePayment(
base::BindOnce(&PaymentRequest::CanMakePaymentCallback,
weak_ptr_factory_.GetWeakPtr()));
}
}
void PaymentRequest::HasEnrolledInstrument() {
if (!IsInitialized()) {
log_.Error(errors::kCannotCallHasEnrolledInstrumentWithoutInit);
ResetAndDeleteThis();
return;
}
// It's valid to call hasEnrolledInstrument() without calling show() first.
if (observer_for_testing_)
observer_for_testing_->OnHasEnrolledInstrumentCalled();
if (!delegate_->GetPrefService()->GetBoolean(kCanMakePaymentEnabled)) {
HasEnrolledInstrumentCallback(/*has_enrolled_instrument=*/false);
} else {
state_->HasEnrolledInstrument(
base::BindOnce(&PaymentRequest::HasEnrolledInstrumentCallback,
weak_ptr_factory_.GetWeakPtr()));
}
}
bool PaymentRequest::ChangePaymentMethod(const std::string& method_name,
const std::string& stringified_data) {
DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
DCHECK(!method_name.empty());
if (!state_ || !state_->IsPaymentAppInvoked() || !client_)
return false;
client_->OnPaymentMethodChange(method_name, stringified_data);
return true;
}
bool PaymentRequest::ChangeShippingOption(
const std::string& shipping_option_id) {
DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
DCHECK(!shipping_option_id.empty());
bool is_valid_id = false;
if (spec_ && spec_->details().shipping_options) {
for (const auto& option : spec_->GetShippingOptions()) {
if (option->id == shipping_option_id) {
is_valid_id = true;
break;
}
}
}
if (!state_ || !state_->IsPaymentAppInvoked() || !client_ || !spec_ ||
!spec_->request_shipping() || !is_valid_id) {
return false;
}
client_->OnShippingOptionChange(shipping_option_id);
return true;
}
bool PaymentRequest::ChangeShippingAddress(
mojom::PaymentAddressPtr shipping_address) {
DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
DCHECK(shipping_address);
if (!state_ || !state_->IsPaymentAppInvoked() || !client_ || !spec_ ||
!spec_->request_shipping()) {
return false;
}
client_->OnShippingAddressChange(
RedactShippingAddress(std::move(shipping_address)));
return true;
}
void PaymentRequest::AreRequestedMethodsSupportedCallback(
bool methods_supported,
const std::string& error_message,
AppCreationFailureReason error_reason) {
is_requested_methods_supported_invoked_ = true;
if (is_show_called_ && spec_ && spec_->IsInitialized() &&
observer_for_testing_) {
observer_for_testing_->OnAppListReady(weak_ptr_factory_.GetWeakPtr());
}
if (render_frame_host().IsActive() &&
spec_->IsSecurePaymentConfirmationRequested() &&
state()->available_apps().empty() &&
base::FeatureList::IsEnabled(::features::kSecurePaymentConfirmation) &&
// In most cases, we show the 'No Matching Payment Credential' dialog in
// order to preserve user privacy. An exception is failure to download the
// card art icon - because we download it in all cases, revealing a
// failure doesn't leak any information about the user to the site.
error_reason != AppCreationFailureReason::ICON_DOWNLOAD_FAILED) {
journey_logger_.SetNoMatchingCredentialsShown();
auto opt_out_callback =
spec_->method_data().front()->secure_payment_confirmation->show_opt_out
? base::BindOnce(&PaymentRequest::OnUserOptedOut,
weak_ptr_factory_.GetWeakPtr())
: base::NullCallback();
delegate_->ShowNoMatchingPaymentCredentialDialog(
url_formatter::FormatUrlForSecurityDisplay(
state_->GetTopOrigin(),
url_formatter::SchemeDisplay::OMIT_CRYPTOGRAPHIC),
spec_->method_data().front()->secure_payment_confirmation->rp_id,
base::BindOnce(&PaymentRequest::OnUserCancelled,
weak_ptr_factory_.GetWeakPtr()),
std::move(opt_out_callback));
if (observer_for_testing_)
observer_for_testing_->OnErrorDisplayed();
return;
}
if (methods_supported) {
if (SatisfiesSkipUIConstraints()) {
Pay();
} else if (!display_handle_->was_shown()) {
// If not skipping UI, then make sure that the browser payment sheet is
// being displayed.
display_handle_->Show(weak_ptr_factory_.GetWeakPtr());
}
} else {
VLOG(2) << "PaymentRequest (" << *spec_->details().id
<< "): requested method not supported.";
DCHECK(!has_recorded_completion_);
has_recorded_completion_ = true;
journey_logger_.SetNotShown(
JourneyLogger::NOT_SHOWN_REASON_NO_SUPPORTED_PAYMENT_METHOD);
client_->OnError(mojom::PaymentErrorReason::NOT_SUPPORTED,
GetNotSupportedErrorMessage(
spec_ ? spec_->payment_method_identifiers_set()
: std::set<std::string>()) +
(error_message.empty() ? "" : " " + error_message));
if (observer_for_testing_)
observer_for_testing_->OnNotSupportedError();
ResetAndDeleteThis();
}
}
base::WeakPtr<PaymentRequest> PaymentRequest::GetWeakPtr() {
return weak_ptr_factory_.GetWeakPtr();
}
void PaymentRequest::AllowConnectToSource(
const GURL& url,
const GURL& url_before_redirects,
bool did_follow_redirect,
base::OnceCallback<void(bool)> result_callback) {
if (!client_) {
std::move(result_callback).Run(false);
return;
}
// Round-trip to the renderer, even if the CSP will be bypassed due to a
// feature flag, so the renderer can print a deprecation warning about CSP
// bypass.
client_->AllowConnectToSource(url, url_before_redirects, did_follow_redirect,
std::move(result_callback));
}
void PaymentRequest::OnInitialized(InitializationTask* initialization_task) {
DCHECK_EQ(spec_.get(), initialization_task);
DCHECK_EQ(PaymentRequestSpec::UpdateReason::INITIAL_PAYMENT_DETAILS,
spec_->current_update_reason());
if (is_show_called_ && state_ && state_->is_get_all_apps_finished() &&
observer_for_testing_) {
observer_for_testing_->OnAppListReady(weak_ptr_factory_.GetWeakPtr());
}
}
bool PaymentRequest::IsInitialized() const {
return is_initialized_ && client_ && client_.is_bound() && state_ && spec_;
}
bool PaymentRequest::IsThisPaymentRequestShowing() const {
return is_show_called_ && display_handle_ && spec_ && state_;
}
bool PaymentRequest::OnlySingleAppCanProvideAllRequiredInformation() const {
DCHECK(state()->IsInitialized());
DCHECK(spec()->IsInitialized());
if (!spec()->request_shipping() && !spec()->request_payer_name() &&
!spec()->request_payer_phone() && !spec()->request_payer_email()) {
return state()->available_apps().size() == 1;
}
bool an_app_can_provide_all_info = false;
for (const auto& app : state()->available_apps()) {
if ((!spec()->request_shipping() || app->HandlesShippingAddress()) &&
(!spec()->request_payer_name() || app->HandlesPayerName()) &&
(!spec()->request_payer_phone() || app->HandlesPayerPhone()) &&
(!spec()->request_payer_email() || app->HandlesPayerEmail())) {
// There is another available app that can provide all merchant requested
// information information.
if (an_app_can_provide_all_info)
return false;
an_app_can_provide_all_info = true;
}
}
return an_app_can_provide_all_info;
}
bool PaymentRequest::SatisfiesSkipUIConstraints() {
// Only allowing URL based payment apps to skip the payment sheet.
skipped_payment_request_ui_ =
!spec()->IsSecurePaymentConfirmationRequested() &&
spec()->url_payment_method_identifiers().size() > 0 &&
base::FeatureList::IsEnabled(features::kWebPaymentsSingleAppUiSkip) &&
base::FeatureList::IsEnabled(::features::kServiceWorkerPaymentApps) &&
state()->IsInitialized() && spec()->IsInitialized() &&
OnlySingleAppCanProvideAllRequiredInformation() &&
// The available app should be preselectable.
state()->selected_app() != nullptr;
if (skipped_payment_request_ui_) {
DCHECK(state()->IsInitialized() && spec()->IsInitialized());
journey_logger_.SetSkippedShow();
} else if (state()->IsInitialized() && spec()->IsInitialized()) {
// Set "shown" only after state() and spec() initialization.
journey_logger_.SetShown();
}
return skipped_payment_request_ui_;
}
void PaymentRequest::OnPaymentResponseAvailable(
mojom::PaymentResponsePtr response) {
DCHECK(!response->method_name.empty());
DCHECK(!response->stringified_details.empty());
journey_logger_.SetReceivedInstrumentDetails();
// If currently interactive, show the processing spinner. Autofill payment
// apps request a CVC, so they are always interactive at this point. A payment
// handler may elect to be non-interactive by not showing a confirmation page
// to the user.
if (delegate_->IsInteractive())
delegate_->ShowProcessingSpinner();
client_->OnPaymentResponse(std::move(response));
}
void PaymentRequest::OnPaymentResponseError(const std::string& error_message) {
journey_logger_.SetReceivedInstrumentDetails();
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_INSTRUMENT_DETAILS_ERROR);
reject_show_error_message_ = error_message;
ShowErrorMessageAndAbortPayment();
}
void PaymentRequest::OnShippingOptionIdSelected(
std::string shipping_option_id) {
client_->OnShippingOptionChange(shipping_option_id);
}
void PaymentRequest::OnShippingAddressSelected(
mojom::PaymentAddressPtr address) {
client_->OnShippingAddressChange(RedactShippingAddress(std::move(address)));
}
void PaymentRequest::OnPayerInfoSelected(mojom::PayerDetailPtr payer_info) {
client_->OnPayerDetailChange(std::move(payer_info));
}
void PaymentRequest::OnUserCancelled() {
// If |client_| is not bound, then the object is already being destroyed as
// a result of a renderer event.
if (!client_.is_bound())
return;
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_ABORTED_BY_USER);
// This sends an error to the renderer, which informs the API user.
// If SPC flag is enabled, use NotAllowedError instead.
bool is_spc_enabled = spec_->IsSecurePaymentConfirmationRequested();
client_->OnError(
is_spc_enabled ? mojom::PaymentErrorReason::NOT_ALLOWED_ERROR
: mojom::PaymentErrorReason::USER_CANCEL,
is_spc_enabled
? errors::kWebAuthnOperationTimedOutOrNotAllowed
: (!reject_show_error_message_.empty() ? reject_show_error_message_
: errors::kUserCancelled));
ResetAndDeleteThis();
}
void PaymentRequest::OnUserOptedOut() {
// This should only be called for SPC.
DCHECK(spec_->IsSecurePaymentConfirmationRequested());
// If |client_| is not bound, then the object is already being destroyed as
// a result of a renderer event.
if (!client_.is_bound())
return;
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_USER_OPTED_OUT);
// This sends an error to the renderer, which informs the API user.
client_->OnError(mojom::PaymentErrorReason::USER_OPT_OUT,
errors::kSpcUserOptedOut);
ResetAndDeleteThis();
}
void PaymentRequest::ReadyToCommitNavigation(
content::NavigationHandle* navigation_handle) {
auto navigation_in_frame_will_destroy_or_cache_document_in_frame =
[](content::GlobalRenderFrameHostId previous_frame_id,
content::RenderFrameHost* frame) {
if (!previous_frame_id)
return false;
// If a navigation to a new document is happening inside this frame, or
// an ancestor, then the current document will be gone shortly. We have
// to look at the `previous_frame_id` as the navigation may be occurring
// in a new RenderFrameHost, replacing the current RenderFrameHost.
for (; frame; frame = frame->GetParentOrOuterDocument()) {
if (frame->GetGlobalId() == previous_frame_id)
return true;
}
return false;
};
// This method watches for cross-document navigations that would lead to the
// PaymentRequest being destroyed in the future; and it wants to track if such
// a navigation is browser- or renderer-initiated.
//
// We could track that as a state on PaymentRequest that is used at time of
// destruction, but we instead just record the metrics event here, which has a
// slight chance of being incorrect - for instance if the tab is torn down
// instead of completing the navigation.
// This checks if the upcoming navigation would destroy (or put into the
// BackForwardCache) the current document in `render_frame_host()`, which the
// PaymentRequest is attached to.
if (!navigation_in_frame_will_destroy_or_cache_document_in_frame(
navigation_handle->GetPreviousRenderFrameHostId(),
&render_frame_host())) {
return;
}
// Since the PaymentRequest dialog blocks the content of the WebContents,
// the user cannot click on a link to navigate away. Therefore, if the
// navigation is initiated in the renderer, it does not come from the user.
bool is_user_initiated = !navigation_handle->IsRendererInitiated();
RecordFirstAbortReason(is_user_initiated
? JourneyLogger::ABORT_REASON_USER_NAVIGATION
: JourneyLogger::ABORT_REASON_MERCHANT_NAVIGATION);
}
void PaymentRequest::WillBeDestroyed(
content::DocumentServiceDestructionReason reason) {
switch (reason) {
case content::DocumentServiceDestructionReason::kConnectionTerminated:
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_MOJO_CONNECTION_ERROR);
break;
case content::DocumentServiceDestructionReason::kEndOfDocumentLifetime:
// RenderFrameHost is usually deleted explicitly before PaymentRequest
// destruction if the user closes the tab or browser window without
// closing the payment request dialog.
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_ABORTED_BY_USER);
break;
}
}
void PaymentRequest::Pay() {
journey_logger_.SetPayClicked();
journey_logger_.RecordCheckoutStep(
JourneyLogger::CheckoutFunnelStep::kPaymentHandlerInvoked);
DCHECK(state_->selected_app());
VLOG(2) << "PaymentRequest (" << *spec_->details().id
<< "): paying with app: " << state_->selected_app()->GetLabel();
if (!display_handle_->was_shown() &&
state_->selected_app()->type() != PaymentApp::Type::NATIVE_MOBILE_APP) {
// If not paying with a native mobile app (such as app store billing), then
// make sure that the browser payment sheet is being displayed.
display_handle_->Show(weak_ptr_factory_.GetWeakPtr());
}
// Log the correct "selected method".
journey_logger_.SetSelectedMethod(GetSelectedMethodCategory());
state_->selected_app()->SetPaymentHandlerHost(
payment_handler_host_->AsWeakPtr());
state_->GeneratePaymentResponse();
}
JourneyLogger::PaymentMethodCategory PaymentRequest::GetSelectedMethodCategory()
const {
const PaymentApp* selected_app = state_->selected_app();
DCHECK(selected_app);
switch (state_->selected_app()->type()) {
case PaymentApp::Type::SERVICE_WORKER_APP:
// Intentionally fall through.
case PaymentApp::Type::NATIVE_MOBILE_APP: {
for (const std::string& method : selected_app->GetAppMethodNames()) {
if (method == methods::kGooglePay || method == methods::kAndroidPay) {
return JourneyLogger::PaymentMethodCategory::kGoogle;
} else if (method == methods::kGooglePlayBilling) {
return JourneyLogger::PaymentMethodCategory::kPlayBilling;
}
}
break;
}
case PaymentApp::Type::INTERNAL: {
if (spec_->IsSecurePaymentConfirmationRequested())
return JourneyLogger::PaymentMethodCategory::kSecurePaymentConfirmation;
break;
}
case PaymentApp::Type::UNDEFINED:
NOTREACHED();
break;
}
return JourneyLogger::PaymentMethodCategory::kOther;
}
bool PaymentRequest::IsOffTheRecord() const {
return delegate_->IsOffTheRecord();
}
void PaymentRequest::OnPaymentHandlerOpenWindowCalled() {
DCHECK(state_->selected_app());
// UKM for payment app origin should get recorded only when the origin of the
// invoked payment app is shown to the user.
journey_logger_.SetPaymentAppUkmSourceId(
state_->selected_app()->UkmSourceId());
}
void PaymentRequest::RecordFirstAbortReason(
JourneyLogger::AbortReason abort_reason) {
if (!has_recorded_completion_) {
has_recorded_completion_ = true;
journey_logger_.SetAborted(abort_reason);
}
}
void PaymentRequest::CanMakePaymentCallback(bool can_make_payment) {
VLOG(2) << "PaymentRequest (" << *spec_->details().id
<< "): canMakePayment = " << can_make_payment;
client_->OnCanMakePayment(
can_make_payment ? mojom::CanMakePaymentQueryResult::CAN_MAKE_PAYMENT
: mojom::CanMakePaymentQueryResult::CANNOT_MAKE_PAYMENT);
journey_logger_.SetCanMakePaymentValue(can_make_payment);
if (observer_for_testing_)
observer_for_testing_->OnCanMakePaymentReturned();
}
void PaymentRequest::HasEnrolledInstrumentCallback(
bool has_enrolled_instrument) {
VLOG(2) << "PaymentRequest (" << *spec_->details().id
<< "): hasEnrolledInstrument = " << has_enrolled_instrument;
if (!spec_ || CanMakePaymentQueryFactory::GetInstance()
->GetForContext(render_frame_host().GetBrowserContext())
->CanQuery(top_level_origin_, frame_origin_,
spec_->query_for_quota())) {
RespondToHasEnrolledInstrumentQuery(has_enrolled_instrument,
/*warn_local_development=*/false);
} else if (UrlUtil::IsLocalDevelopmentUrl(frame_origin_)) {
RespondToHasEnrolledInstrumentQuery(has_enrolled_instrument,
/*warn_local_development=*/true);
} else {
client_->OnHasEnrolledInstrument(
HasEnrolledInstrumentQueryResult::QUERY_QUOTA_EXCEEDED);
}
if (observer_for_testing_)
observer_for_testing_->OnHasEnrolledInstrumentReturned();
}
void PaymentRequest::RespondToHasEnrolledInstrumentQuery(
bool has_enrolled_instrument,
bool warn_local_development) {
HasEnrolledInstrumentQueryResult positive =
warn_local_development
? HasEnrolledInstrumentQueryResult::WARNING_HAS_ENROLLED_INSTRUMENT
: HasEnrolledInstrumentQueryResult::HAS_ENROLLED_INSTRUMENT;
HasEnrolledInstrumentQueryResult negative =
warn_local_development
? HasEnrolledInstrumentQueryResult::WARNING_HAS_NO_ENROLLED_INSTRUMENT
: HasEnrolledInstrumentQueryResult::HAS_NO_ENROLLED_INSTRUMENT;
client_->OnHasEnrolledInstrument(has_enrolled_instrument ? positive
: negative);
journey_logger_.SetHasEnrolledInstrumentValue(has_enrolled_instrument);
}
void PaymentRequest::OnAbortResult(bool aborted) {
VLOG(2) << "PaymentRequest (" << *spec_->details().id
<< "): abort = " << aborted;
if (client_.is_bound())
client_->OnAbort(aborted);
if (aborted) {
RecordFirstAbortReason(JourneyLogger::ABORT_REASON_ABORTED_BY_MERCHANT);
state_->OnAbort();
}
}
void PaymentRequest::ShowErrorMessageAndAbortPayment() {
// Note that both branches of the if-else will invoke the OnUserCancelled()
// method.
if (display_handle_ && display_handle_->was_shown()) {
// Will invoke OnUserCancelled() asynchronously when the user closes the
// error message UI.
delegate_->ShowErrorMessage();
if (observer_for_testing_)
observer_for_testing_->OnErrorDisplayed();
} else {
// Only app store billing apps do not display any browser payment UI.
DCHECK(spec_->IsAppStoreBillingAlsoRequested());
OnUserCancelled();
}
}
} // namespace payments