Add fraud detection in FC module

financial-connections/src/main/java/com/stripe/android/financialconnections/di/FinancialConnectionsSheetNativeModule.kt

@@ -4,6 +4,7 @@ import android.app.Application
 import androidx.lifecycle.SavedStateHandle
 import com.stripe.android.core.ApiVersion
 import com.stripe.android.core.Logger
+import com.stripe.android.core.frauddetection.FraudDetectionDataRepository
 import com.stripe.android.core.networking.ApiRequest
 import com.stripe.android.core.networking.StripeNetworkClient
 import com.stripe.android.core.version.StripeSdkVersion
@@ -125,6 +126,7 @@ internal interface FinancialConnectionsSheetNativeModule {
             locale: Locale?,
             logger: Logger,
             isLinkWithStripe: IsLinkWithStripe,
+            fraudDetectionDataRepository: FraudDetectionDataRepository,
         ) = FinancialConnectionsConsumerSessionRepository(
             financialConnectionsConsumersApiService = financialConnectionsConsumersApiService,
             provideApiRequestOptions = provideApiRequestOptions,
@@ -133,6 +135,7 @@ internal interface FinancialConnectionsSheetNativeModule {
             locale = locale ?: Locale.getDefault(),
             logger = logger,
             isLinkWithStripe = isLinkWithStripe,
+            fraudDetectionDataRepository = fraudDetectionDataRepository,
         )
 
         @Singleton

financial-connections/src/main/java/com/stripe/android/financialconnections/di/FinancialConnectionsSheetSharedModule.kt

@@ -3,6 +3,7 @@ package com.stripe.android.financialconnections.di
 import android.app.Application
 import com.stripe.android.core.ApiVersion
 import com.stripe.android.core.Logger
+import com.stripe.android.core.frauddetection.FraudDetectionDataRepository
 import com.stripe.android.core.injection.IOContext
 import com.stripe.android.core.injection.STRIPE_ACCOUNT_ID
 import com.stripe.android.core.networking.AnalyticsRequestExecutor
@@ -33,6 +34,7 @@ import com.stripe.android.financialconnections.repository.ConsumerSessionReposit
 import com.stripe.android.financialconnections.repository.FinancialConnectionsRepository
 import com.stripe.android.financialconnections.repository.FinancialConnectionsRepositoryImpl
 import com.stripe.android.financialconnections.repository.RealConsumerSessionRepository
+import com.stripe.android.financialconnections.utils.DefaultFraudDetectionDataRepository
 import dagger.Binds
 import dagger.Module
 import dagger.Provides
@@ -183,5 +185,12 @@ internal interface FinancialConnectionsSheetSharedModule {
         internal fun providesIoDispatcher(): CoroutineDispatcher {
             return Dispatchers.IO
         }
+
+        @Provides
+        internal fun provideFraudDetectionDataRepository(
+            application: Application,
+        ): FraudDetectionDataRepository {
+            return DefaultFraudDetectionDataRepository(application)
+        }
     }
 }

financial-connections/src/main/java/com/stripe/android/financialconnections/repository/FinancialConnectionsConsumerSessionRepository.kt

@@ -1,6 +1,7 @@
 package com.stripe.android.financialconnections.repository
 
 import com.stripe.android.core.Logger
+import com.stripe.android.core.frauddetection.FraudDetectionDataRepository
 import com.stripe.android.financialconnections.domain.IsLinkWithStripe
 import com.stripe.android.financialconnections.repository.api.FinancialConnectionsConsumersApiService
 import com.stripe.android.financialconnections.repository.api.ProvideApiRequestOptions
@@ -72,6 +73,7 @@ internal interface FinancialConnectionsConsumerSessionRepository {
             locale: Locale?,
             logger: Logger,
             isLinkWithStripe: IsLinkWithStripe,
+            fraudDetectionDataRepository: FraudDetectionDataRepository,
         ): FinancialConnectionsConsumerSessionRepository =
             FinancialConnectionsConsumerSessionRepositoryImpl(
                 consumersApiService = consumersApiService,
@@ -80,6 +82,7 @@ internal interface FinancialConnectionsConsumerSessionRepository {
                 consumerSessionRepository = consumerSessionRepository,
                 locale = locale,
                 logger = logger,
+                fraudDetectionDataRepository = fraudDetectionDataRepository,
                 isLinkWithStripe = isLinkWithStripe,
             )
     }
@@ -92,6 +95,7 @@ private class FinancialConnectionsConsumerSessionRepositoryImpl(
     private val provideApiRequestOptions: ProvideApiRequestOptions,
     private val locale: Locale?,
     private val logger: Logger,
+    private val fraudDetectionDataRepository: FraudDetectionDataRepository,
     isLinkWithStripe: IsLinkWithStripe,
 ) : FinancialConnectionsConsumerSessionRepository {
 
@@ -103,6 +107,10 @@ private class FinancialConnectionsConsumerSessionRepositoryImpl(
         "android_connections"
     }
 
+    init {
+        fraudDetectionDataRepository.refresh()
+    }
+
     override suspend fun getCachedConsumerSession(): CachedConsumerSession? = mutex.withLock {
         consumerSessionRepository.provideConsumerSession()
     }
@@ -201,12 +209,15 @@ private class FinancialConnectionsConsumerSessionRepositoryImpl(
         consumerSessionClientSecret: String,
         expectedPaymentMethodType: String
     ): SharePaymentDetails {
+        val fraudDetectionData = fraudDetectionDataRepository.getCached()?.params.orEmpty()
+
         return consumersApiService.sharePaymentDetails(
             consumerSessionClientSecret = consumerSessionClientSecret,
             paymentDetailsId = paymentDetailsId,
             expectedPaymentMethodType = expectedPaymentMethodType,
             requestSurface = requestSurface,
             requestOptions = provideApiRequestOptions(useConsumerPublishableKey = false),
+            extraParams = fraudDetectionData,
         ).getOrThrow()
     }
 

financial-connections/src/main/java/com/stripe/android/financialconnections/repository/FinancialConnectionsRepository.kt

@@ -4,6 +4,7 @@ import com.stripe.android.core.exception.APIConnectionException
 import com.stripe.android.core.exception.APIException
 import com.stripe.android.core.exception.AuthenticationException
 import com.stripe.android.core.exception.InvalidRequestException
+import com.stripe.android.core.frauddetection.FraudDetectionDataRepository
 import com.stripe.android.core.networking.ApiRequest
 import com.stripe.android.financialconnections.model.FinancialConnectionsAccountList
 import com.stripe.android.financialconnections.model.FinancialConnectionsSession
@@ -62,7 +63,8 @@ internal interface FinancialConnectionsRepository {
 internal class FinancialConnectionsRepositoryImpl @Inject constructor(
     private val requestExecutor: FinancialConnectionsRequestExecutor,
     private val provideApiRequestOptions: ProvideApiRequestOptions,
-    private val apiRequestFactory: ApiRequest.Factory
+    private val fraudDetectionDataRepository: FraudDetectionDataRepository,
+    private val apiRequestFactory: ApiRequest.Factory,
 ) : FinancialConnectionsRepository {
 
     override suspend fun getFinancialConnectionsAccounts(
@@ -147,10 +149,12 @@ internal class FinancialConnectionsRepositoryImpl @Inject constructor(
             ),
         )
 
+        val fraudDetectionParams = fraudDetectionDataRepository.getCached()?.params.orEmpty()
+
         val request = apiRequestFactory.createPost(
             url = paymentMethodsUrl,
             options = provideApiRequestOptions(useConsumerPublishableKey = false),
-            params = params,
+            params = params + fraudDetectionParams,
         )
 
         return requestExecutor.execute(

financial-connections/src/main/java/com/stripe/android/financialconnections/utils/FinancialConnectionsFraudDetectionRepositoryFactory.kt

@@ -0,0 +1,23 @@
+package com.stripe.android.financialconnections.utils
+
+import android.app.Application
+import com.stripe.android.core.frauddetection.DefaultFraudDetectionDataRepository
+import com.stripe.android.core.frauddetection.DefaultFraudDetectionDataRequestFactory
+import com.stripe.android.core.frauddetection.DefaultFraudDetectionDataStore
+import com.stripe.android.core.networking.DefaultStripeNetworkClient
+import kotlinx.coroutines.Dispatchers
+
+internal fun DefaultFraudDetectionDataRepository(
+    application: Application,
+): DefaultFraudDetectionDataRepository {
+    val workContext = Dispatchers.IO
+
+    return DefaultFraudDetectionDataRepository(
+        localStore = DefaultFraudDetectionDataStore(application, workContext),
+        fraudDetectionDataRequestFactory = DefaultFraudDetectionDataRequestFactory(application),
+        stripeNetworkClient = DefaultStripeNetworkClient(workContext = workContext),
+        errorReporter = { /* No-op */ },
+        workContext = workContext,
+        fraudDetectionEnabledProvider = { true },
+    )
+}

financial-connections/src/test/java/com/stripe/android/financialconnections/repository/FinancialConnectionsConsumerSessionRepositoryImplTest.kt

@@ -3,6 +3,8 @@ package com.stripe.android.financialconnections.repository
 import androidx.lifecycle.SavedStateHandle
 import com.google.common.truth.Truth.assertThat
 import com.stripe.android.core.Logger
+import com.stripe.android.core.frauddetection.FraudDetectionData
+import com.stripe.android.core.frauddetection.FraudDetectionDataRepository
 import com.stripe.android.core.networking.ApiRequest
 import com.stripe.android.financialconnections.ApiKeyFixtures
 import com.stripe.android.financialconnections.ApiKeyFixtures.consumerSession
@@ -15,6 +17,7 @@ import com.stripe.android.model.ConsumerSession.VerificationSession.SessionType
 import com.stripe.android.model.ConsumerSessionLookup
 import com.stripe.android.model.ConsumerSessionSignup
 import com.stripe.android.model.CustomEmailType
+import com.stripe.android.model.SharePaymentDetails
 import com.stripe.android.model.VerificationType
 import com.stripe.android.repository.ConsumersApiService
 import kotlinx.coroutines.ExperimentalCoroutinesApi
@@ -23,6 +26,7 @@ import org.junit.Test
 import org.mockito.kotlin.anyOrNull
 import org.mockito.kotlin.eq
 import org.mockito.kotlin.mock
+import org.mockito.kotlin.never
 import org.mockito.kotlin.verify
 import org.mockito.kotlin.whenever
 import java.util.Locale
@@ -39,6 +43,7 @@ class FinancialConnectionsConsumerSessionRepositoryImplTest {
     private val logger: Logger = mock()
     private val locale: Locale = Locale.getDefault()
     private val consumerSessionRepository = RealConsumerSessionRepository(SavedStateHandle())
+    private val fraudDetectionDataRepository = mock<FraudDetectionDataRepository>()
 
     private fun buildRepository(
         isInstantDebits: Boolean = false
@@ -50,6 +55,7 @@ class FinancialConnectionsConsumerSessionRepositoryImplTest {
         locale = locale,
         logger = logger,
         isLinkWithStripe = { isInstantDebits },
+        fraudDetectionDataRepository = fraudDetectionDataRepository,
     )
 
     @Test
@@ -324,4 +330,42 @@ class FinancialConnectionsConsumerSessionRepositoryImplTest {
             requestOptions = anyOrNull(),
         )
     }
+
+    @Test
+    fun `Sends fraud detection data when sharing PaymentDetails`() = runTest {
+        val consumerSessionClientSecret = "clientSecret"
+        val repository = buildRepository()
+
+        val fraudParams = FraudDetectionData(
+            guid = "guid_1234",
+            muid = "muid_1234",
+            sid = "sid_1234",
+            timestamp = 1234567890L,
+        )
+
+        whenever(fraudDetectionDataRepository.getCached()).thenReturn(fraudParams)
+
+        whenever(
+            consumersApiService.sharePaymentDetails(
+                consumerSessionClientSecret = anyOrNull(),
+                paymentDetailsId = anyOrNull(),
+                expectedPaymentMethodType = anyOrNull(),
+                requestSurface = anyOrNull(),
+                requestOptions = anyOrNull(),
+                extraParams = eq(fraudParams.params),
+            )
+        ).thenReturn(
+            Result.success(
+                SharePaymentDetails(paymentMethodId = "pm_123")
+            )
+        )
+
+        repository.sharePaymentDetails(
+            consumerSessionClientSecret = consumerSessionClientSecret,
+            paymentDetailsId = "pd_123",
+            expectedPaymentMethodType = "card",
+        )
+
+        verify(fraudDetectionDataRepository, never()).getLatest()
+    }
 }

financial-connections/src/test/java/com/stripe/android/financialconnections/repository/FinancialConnectionsRepositoryImplTest.kt

@@ -2,6 +2,7 @@ package com.stripe.android.financialconnections.repository
 
 import com.google.common.truth.Truth.assertThat
 import com.stripe.android.core.Logger
+import com.stripe.android.core.frauddetection.FraudDetectionDataRepository
 import com.stripe.android.core.networking.ApiRequest
 import com.stripe.android.core.networking.StripeNetworkClient
 import com.stripe.android.core.networking.StripeResponse
@@ -24,6 +25,7 @@ class FinancialConnectionsRepositoryImplTest {
 
     private val mockStripeNetworkClient = mock<StripeNetworkClient>()
     private val apiRequestFactory = ApiRequest.Factory()
+    private val fraudDetectionDataRepository = mock<FraudDetectionDataRepository>()
 
     private val financialConnectionsRepositoryImpl = FinancialConnectionsRepositoryImpl(
         requestExecutor = FinancialConnectionsRequestExecutor(
@@ -36,6 +38,7 @@ class FinancialConnectionsRepositoryImplTest {
             ApiRequest.Options(ApiKeyFixtures.DEFAULT_PUBLISHABLE_KEY)
         },
         apiRequestFactory = apiRequestFactory,
+        fraudDetectionDataRepository = fraudDetectionDataRepository,
     )
 
     @Test

payments-core/src/main/java/com/stripe/android/networking/StripeApiRepository.kt

@@ -22,7 +22,6 @@ import com.stripe.android.core.exception.PermissionException
 import com.stripe.android.core.exception.RateLimitException
 import com.stripe.android.core.exception.StripeException
 import com.stripe.android.core.exception.safeAnalyticsMessage
-import com.stripe.android.core.frauddetection.DefaultFraudDetectionDataRepository
 import com.stripe.android.core.frauddetection.FraudDetectionData
 import com.stripe.android.core.frauddetection.FraudDetectionDataParamsUtils
 import com.stripe.android.core.frauddetection.FraudDetectionDataRepository

payments-model/src/main/java/com/stripe/android/repository/ConsumersApiService.kt

@@ -84,6 +84,7 @@ interface ConsumersApiService {
         expectedPaymentMethodType: String,
         requestSurface: String,
         requestOptions: ApiRequest.Options,
+        extraParams: Map<String, Any?>,
     ): Result<SharePaymentDetails>
 }
 
@@ -277,7 +278,8 @@ class ConsumersApiServiceImpl(
         paymentDetailsId: String,
         expectedPaymentMethodType: String,
         requestSurface: String,
-        requestOptions: ApiRequest.Options
+        requestOptions: ApiRequest.Options,
+        extraParams: Map<String, Any?>,
     ): Result<SharePaymentDetails> {
         return executeRequestWithResultParser(
             stripeErrorJsonParser = stripeErrorJsonParser,
@@ -292,7 +294,7 @@ class ConsumersApiServiceImpl(
                     "credentials" to mapOf(
                         "consumer_session_client_secret" to consumerSessionClientSecret
                     ),
-                )
+                ) + extraParams,
             ),
             responseJsonParser = SharePaymentDetailsJsonParser,
         )