feat: [CHK-2860] Update gdi check url to redirect to ecommerce-fe

helm/values-dev.yaml

@@ -26,6 +26,8 @@ microservice-chart:
         TRANSACTION_REFUND_QUEUE_NAME: pagopa-d-weu-ecommerce-transactions-refund-queue-b
         TRANSACTION_NOTIFICATIONS_QUEUE_NAME: pagopa-d-weu-ecommerce-transaction-notifications-queue-b
         TRANSACTIONS_AUTHORIZATION_REQUESTED_QUEUE_NAME: pagopa-d-weu-ecommerce-transaction-auth-requested-queue-b
+        CHECKOUT_NPG_GDI_URL: "https://pagopa-d-checkout-cdn-endpoint.azureedge.net/ecommerce-fe/gdi-check"
+        CHECKOUT_OUTCOME_URL: "https://pagopa-d-checkout-cdn-endpoint.azureedge.net/esito"
   image:
     repository: pagopadcommonacr.azurecr.io/pagopaecommercetransactionsservice
     tag: "1.30.7" #improve
@@ -164,6 +166,8 @@ microservice-chart:
     NPG_AUTHORIZATION_REQUEST_TIMEOUT_SECONDS: "60"
     TRANSACTION_DOCUMENT_TTL: "600"
     CHECKOUT_BASE_PATH: "https://dev.checkout.pagopa.it"
+    CHECKOUT_NPG_GDI_URL: "https://dev.checkout.pagopa.it/ecommerce-fe/gdi-check"
+    CHECKOUT_OUTCOME_URL: "https://dev.checkout.pagopa.it/esito"
     ECOMMERCE_EVENT_VERSION: "V1"
     SEND_PAYMENT_RESULT_FOR_TX_EXPIRED_ENABLED: "true"
     SESSION_URL_BASEPATH: "https://dev.checkout.pagopa.it"

helm/values-prod.yaml

@@ -176,6 +176,8 @@ microservice-chart:
     FEATURE_WALLET_USAGE_ENABLED: "false"
     WALLET_USAGE_QUEUE_NAME: pagopa-p-weu-wallet-usage-update-queue
     WALLET_USAGE_QUEUE_TTL: "3600"
+    CHECKOUT_NPG_GDI_URL: "https://checkout.pagopa.it/ecommerce-fe/gdi-check"
+    CHECKOUT_OUTCOME_URL: "https://checkout.pagopa.it/esito"
   envSecret:
     MONGO_PASSWORD: mongo-ecommerce-password
     REDIS_PASSWORD: redis-ecommerce-access-key

helm/values-uat.yaml

@@ -170,6 +170,8 @@ microservice-chart:
     NODE_FORWARDER_URL: "https://api.uat.platform.pagopa.it/pagopa-node-forwarder/api/v1"
     NODE_FORWARDER_READ_TIMEOUT: "19000"
     NODE_FORWARDER_CONNECTION_TIMEOUT: "19000"
+    CHECKOUT_NPG_GDI_URL: "https://uat.checkout.pagopa.it/ecommerce-fe/gdi-check"
+    CHECKOUT_OUTCOME_URL: "https://uat.checkout.pagopa.it/esito"
   envSecret:
     MONGO_PASSWORD: mongo-ecommerce-password
     REDIS_PASSWORD: redis-ecommerce-access-key

src/main/java/it/pagopa/transactions/commands/handlers/TransactionRequestAuthorizationHandlerCommon.java

@@ -2,8 +2,11 @@
 
 import io.vavr.control.Either;
 import it.pagopa.ecommerce.commons.client.NpgClient;
+import it.pagopa.ecommerce.commons.domain.Claims;
+import it.pagopa.ecommerce.commons.domain.TransactionId;
 import it.pagopa.ecommerce.commons.generated.npg.v1.dto.FieldsDto;
 import it.pagopa.ecommerce.commons.generated.npg.v1.dto.StateResponseDto;
+import it.pagopa.ecommerce.commons.utils.JwtTokenUtils;
 import it.pagopa.generated.ecommerce.redirect.v1.dto.RedirectUrlRequestDto;
 import it.pagopa.generated.transactions.server.model.*;
 import it.pagopa.transactions.client.PaymentGatewayClient;
@@ -19,6 +22,7 @@
 import org.springframework.http.HttpStatus;
 import reactor.core.publisher.Mono;
 
+import javax.crypto.SecretKey;
 import java.net.URI;
 import java.nio.charset.StandardCharsets;
 import java.util.Map;
@@ -27,24 +31,38 @@
 @Slf4j
 public abstract class TransactionRequestAuthorizationHandlerCommon
         implements CommandHandler<TransactionRequestAuthorizationCommand, Mono<RequestAuthorizationResponseDto>> {
-    private static final String CHECKOUT_GDI_CHECK_PATH = "/gdi-check#gdiIframeUrl=";
     private static final String WALLET_GDI_CHECK_PATH = "/ecommerce-fe/gdi-check#gdiIframeUrl=";
-    private static final String CHECKOUT_ESITO_PATH = "/esito";
 
     private final PaymentGatewayClient paymentGatewayClient;
 
     private final String checkoutBasePath;
+    private final String checkoutNpgGdiUrl;
+    private final String checkoutOutcomeUrl;
 
     private final TransactionTemplateWrapper transactionTemplateWrapper;
 
+    private final JwtTokenUtils jwtTokenUtils;
+    private final SecretKey ecommerceSigningKey;
+    private final int jwtEcommerceValidityTimeInSeconds;
+
     protected TransactionRequestAuthorizationHandlerCommon(
             PaymentGatewayClient paymentGatewayClient,
             String checkoutBasePath,
-            TransactionTemplateWrapper transactionTemplateWrapper
+            String checkoutNpgGdiUrl,
+            String checkoutOutcomeUrl,
+            TransactionTemplateWrapper transactionTemplateWrapper,
+            JwtTokenUtils jwtTokenUtils,
+            SecretKey ecommerceSigningKey,
+            int jwtEcommerceValidityTimeInSeconds
     ) {
         this.paymentGatewayClient = paymentGatewayClient;
         this.checkoutBasePath = checkoutBasePath;
+        this.checkoutNpgGdiUrl = checkoutNpgGdiUrl;
+        this.checkoutOutcomeUrl = checkoutOutcomeUrl;
         this.transactionTemplateWrapper = transactionTemplateWrapper;
+        this.jwtTokenUtils = jwtTokenUtils;
+        this.ecommerceSigningKey = ecommerceSigningKey;
+        this.jwtEcommerceValidityTimeInSeconds = jwtEcommerceValidityTimeInSeconds;
     }
 
     /**
@@ -282,7 +300,7 @@ private Mono<AuthorizationOutput> invokeNpgConfirmPayment(
                                             .ofNullable(npgResponse.getFieldSet())
                                             .map(FieldsDto::getSessionId);
                                     log.info("NGP auth completed session id: {}", confirmPaymentSessionId);
-                                    String authUrl = switch (npgResponse.getState()) {
+                                    Mono<String> authUrl = switch (npgResponse.getState()) {
                                         case GDI_VERIFICATION -> {
                                             if (npgResponse.getFieldSet() == null
                                                     || npgResponse.getFieldSet().getFields() == null
@@ -310,19 +328,30 @@ private Mono<AuthorizationOutput> invokeNpgConfirmPayment(
                                                             )
                                             );
 
-                                            StringBuilder gdiCheckPathWithFragment = isWalletPayment
-                                                    ? new StringBuilder(
-                                                            WALLET_GDI_CHECK_PATH
-                                                    ).append(base64redirectionUrl).append("&clientId=IO")
-                                                            .append("&transactionId=")
-                                                            .append(authorizationData.transactionId().value())
-                                                    : new StringBuilder(CHECKOUT_GDI_CHECK_PATH)
-                                                            .append(base64redirectionUrl);
+                                            Mono<String> gdiCheckPathWithFragment = isWalletPayment
+                                                    ? Mono.just(
+                                                            WALLET_GDI_CHECK_PATH +
+                                                                    base64redirectionUrl + "&clientId=IO" +
+                                                                    "&transactionId=" +
+                                                                    authorizationData.transactionId().value()
+                                                    )
+                                                    : generateGuestSessionToken(
+                                                            authorizationData.transactionId(),
+                                                            orderId
+                                                    )
+                                                            .map(
+                                                                    token -> formatGdiCheckUrl(
+                                                                            base64redirectionUrl,
+                                                                            "CHECKOUT",
+                                                                            authorizationData.transactionId(),
+                                                                            token
+                                                                    )
+                                                            );
 
-                                            yield URI.create(checkoutBasePath)
-                                                    .resolve(
-                                                            gdiCheckPathWithFragment.toString()
-                                                    ).toString();
+                                            yield gdiCheckPathWithFragment.map(
+                                                    gdiCheckPath -> URI.create(checkoutBasePath).resolve(gdiCheckPath)
+                                                            .toString()
+                                            );
 
                                         }
                                         case REDIRECTED_TO_EXTERNAL_DOMAIN -> {
@@ -333,20 +362,22 @@ private Mono<AuthorizationOutput> invokeNpgConfirmPayment(
                                                         HttpStatus.BAD_GATEWAY
                                                 );
                                             }
-                                            yield npgResponse.getUrl();
+                                            yield Mono.just(npgResponse.getUrl());
                                         }
-                                        case PAYMENT_COMPLETE -> URI.create(checkoutBasePath)
-                                                .resolve(CHECKOUT_ESITO_PATH)
-                                                .toString();
+                                        case PAYMENT_COMPLETE -> Mono.just(
+                                                URI.create(checkoutBasePath)
+                                                        .resolve(checkoutOutcomeUrl)
+                                                        .toString()
+                                        );
                                         default -> throw new BadGatewayException(
                                                 "Invalid NPG confirm payment state response: " + npgResponse.getState(),
                                                 HttpStatus.BAD_GATEWAY
                                         );
                                     };
-                                    return Mono.just(
-                                            new AuthorizationOutput(
+                                    return authUrl.map(
+                                            authorizationUrl -> new AuthorizationOutput(
                                                     orderId,
-                                                    authUrl,
+                                                    authorizationUrl,
                                                     authorizationData.sessionId(),
                                                     confirmPaymentSessionId,
                                                     Optional.empty()
@@ -433,4 +464,28 @@ protected Mono<AuthorizationOutput> redirectionAuthRequestPipeline(
                         )
                 );
     }
+
+    private String formatGdiCheckUrl(
+                                     String iframeUrl,
+                                     String clientId,
+                                     TransactionId transactionId,
+                                     String sessionToken
+    ) {
+        return this.checkoutNpgGdiUrl.concat("#gdiIframeUrl=").concat(iframeUrl)
+                .concat("&clientId=").concat(clientId)
+                .concat("&transactionId=").concat(transactionId.value())
+                .concat("&sessionToken=").concat(sessionToken);
+    }
+
+    private Mono<String> generateGuestSessionToken(
+                                                   TransactionId transactionId,
+                                                   String orderId
+    ) {
+        return jwtTokenUtils
+                .generateToken(
+                        ecommerceSigningKey,
+                        jwtEcommerceValidityTimeInSeconds,
+                        new Claims(transactionId, orderId, null)
+                ).fold(Mono::error, Mono::just);
+    }
 }

src/main/java/it/pagopa/transactions/commands/handlers/v1/TransactionRequestAuthorizationHandler.java

@@ -7,6 +7,7 @@
 import it.pagopa.ecommerce.commons.domain.v1.TransactionActivated;
 import it.pagopa.ecommerce.commons.domain.v1.pojos.BaseTransaction;
 import it.pagopa.ecommerce.commons.generated.server.model.TransactionStatusDto;
+import it.pagopa.ecommerce.commons.utils.JwtTokenUtils;
 import it.pagopa.generated.transactions.server.model.CardsAuthRequestDetailsDto;
 import it.pagopa.generated.transactions.server.model.RequestAuthorizationResponseDto;
 import it.pagopa.transactions.client.EcommercePaymentMethodsClient;
@@ -27,6 +28,7 @@
 import reactor.util.function.Tuple2;
 import reactor.util.function.Tuples;
 
+import javax.crypto.SecretKey;
 import java.net.URI;
 import java.util.List;
 
@@ -46,13 +48,23 @@ public TransactionRequestAuthorizationHandler(
             TransactionsEventStoreRepository<TransactionAuthorizationRequestData> transactionEventStoreRepository,
             TransactionsUtils transactionsUtils,
             @Value("${checkout.basePath}") String checkoutBasePath,
+            @Value("${checkout.npg.gdi.url}") String checkoutNpgGdiUrl,
+            @Value("${checkout.outcome.url}") String checkoutOutcomeUrl,
             EcommercePaymentMethodsClient paymentMethodsClient,
-            TransactionTemplateWrapper transactionTemplateWrapper
+            TransactionTemplateWrapper transactionTemplateWrapper,
+            JwtTokenUtils jwtTokenUtils,
+            SecretKey ecommerceSigningKey,
+            @Value("${payment.token.validity}") int jwtEcommerceValidityTimeInSeconds
     ) {
         super(
                 paymentGatewayClient,
                 checkoutBasePath,
-                transactionTemplateWrapper
+                checkoutNpgGdiUrl,
+                checkoutOutcomeUrl,
+                transactionTemplateWrapper,
+                jwtTokenUtils,
+                ecommerceSigningKey,
+                jwtEcommerceValidityTimeInSeconds
         );
         this.transactionEventStoreRepository = transactionEventStoreRepository;
         this.transactionsUtils = transactionsUtils;

src/main/java/it/pagopa/transactions/commands/handlers/v2/TransactionRequestAuthorizationHandler.java

@@ -17,6 +17,7 @@
 import it.pagopa.ecommerce.commons.generated.server.model.TransactionStatusDto;
 import it.pagopa.ecommerce.commons.queues.QueueEvent;
 import it.pagopa.ecommerce.commons.queues.TracingUtils;
+import it.pagopa.ecommerce.commons.utils.JwtTokenUtils;
 import it.pagopa.generated.ecommerce.redirect.v1.dto.RedirectUrlRequestDto;
 import it.pagopa.generated.transactions.server.model.ApmAuthRequestDetailsDto;
 import it.pagopa.generated.transactions.server.model.CardsAuthRequestDetailsDto;
@@ -46,6 +47,7 @@
 import reactor.util.function.Tuple2;
 import reactor.util.function.Tuples;
 
+import javax.crypto.SecretKey;
 import java.net.URI;
 import java.time.Duration;
 import java.util.List;
@@ -75,6 +77,8 @@ public TransactionRequestAuthorizationHandler(
             TransactionsEventStoreRepository<TransactionAuthorizationRequestData> transactionEventStoreRepository,
             TransactionsUtils transactionsUtils,
             @Value("${checkout.basePath}") String checkoutBasePath,
+            @Value("${checkout.npg.gdi.url}") String checkoutNpgGdiUrl,
+            @Value("${checkout.outcome.url}") String checkoutOutcomeUrl,
             EcommercePaymentMethodsClient paymentMethodsClient,
             TransactionTemplateWrapper transactionTemplateWrapper,
             @Qualifier(
@@ -86,12 +90,20 @@ public TransactionRequestAuthorizationHandler(
             @Value("${azurestorage.queues.transientQueues.ttlSeconds}") Integer transientQueuesTTLSeconds,
             @Value("${npg.authorization.request.timeout.seconds}") Integer npgAuthRequestTimeout,
             TracingUtils tracingUtils,
-            OpenTelemetryUtils openTelemetryUtils
+            OpenTelemetryUtils openTelemetryUtils,
+            JwtTokenUtils jwtTokenUtils,
+            SecretKey ecommerceSigningKey,
+            @Value("${payment.token.validity}") int jwtEcommerceValidityTimeInSeconds
     ) {
         super(
                 paymentGatewayClient,
                 checkoutBasePath,
-                transactionTemplateWrapper
+                checkoutNpgGdiUrl,
+                checkoutOutcomeUrl,
+                transactionTemplateWrapper,
+                jwtTokenUtils,
+                ecommerceSigningKey,
+                jwtEcommerceValidityTimeInSeconds
         );
         this.transactionEventStoreRepository = transactionEventStoreRepository;
         this.transactionsUtils = transactionsUtils;

src/main/resources/application.properties

@@ -80,6 +80,8 @@ warmup.request.newTransaction.noticeCodePrefix=${WARMUP_REQUEST_NEW_TRANSACTION_
 
 
 checkout.basePath=${CHECKOUT_BASE_PATH}
+checkout.npg.gdi.url=${CHECKOUT_NPG_GDI_URL}
+checkout.outcome.url=${CHECKOUT_OUTCOME_URL}
 npg.uri=${NPG_URI}
 npg.readTimeout=${NPG_READ_TIMEOUT}
 npg.connectionTimeout=${NPG_CONNECTION_TIMEOUT}