balanced / balanced-js Goto Github PK
View Code? Open in Web Editor NEWJavascript client library for Balanced that tokenizes cards and bank accounts.
License: Other
Javascript client library for Balanced that tokenizes cards and bank accounts.
License: Other
It is now account_type
.
Changing the type
parameter has no effect. Changing account_type
works.
Dupe of #72
The extras map includes the name of the field as the key and the error message as the value. This makes it easy for people integrating balanced.js to parse the error messages.
Please ensure this is included in balanced.js for revision 1.1
Please tweak the library to build versioned libraries.
they should end up being deployed like this:
https://js.balancedpayments.com/{major}.{minor}.{build}/balanced.js
where major is the API revision, minor is incremented whenever we change the balanced.js interface in a non-backwards compatible manner and build is incremented anytime we change anything in the library.
When trying to tokenize the bank account and routing number with an input field with type "number", it breaks because it is not a string.
This is the error message:
TypeError: Object 9900000000 has no method 'match'
Write a README that will define the interface for the js client of the ACH API.
security_code
should be cvv
@remear pointed out that the csc
field has been renamed to card verification value (cvv
) and as such we should change the method to isCardVerificationValueValid
or isCVVValid
All bank account routing numbers must follow the MICR routing number format, which can be validated client side.
The helper function already exists in the v1
version of balanced.js.
Before we bring the new version of balanced.js to the master branch we need to tag and create a github release of the current version.
Please verify that it's identical to what's currently running in production at https://js.balancedpayments.com/v1/balanced.js
balanced.js gives slightly different formats for errors depending on if they are generated via the library or the server.
from the server:
{
"status": 404,
"error": {
"status": "Not Found",
"category_code": "not-found",
"category_type": "request",
"description": "
The requested URL was not found on the server.
If you entered the URL manually please check your spelling and try again.
Your request id is OHMc8c72f6a0f7811e39e35026ba7d79bff.",
"request_id": "OHMc8c72f6a0f7811e39e35026ba7d79bff",
"status_code": "404"
}
}
from the library
{
"error": {
"card_number": "\"\" is not a valid credit card number",
"expiration_month": "Missing field",
"expiration_year": "Missing field",
"security_code": "\"\" is not a valid credit card security code",
"expiration": "\"-\" is not a valid credit card expiration date"
},
"status": 400
}
A second minified version can be built but the original should not be minified.
Port the old jasmine tests over to this repo and make sure they work
https://github.com/balanced/balanced-js#balancedjs that first link should point to https://docs.balancedpayments.com/1.1/guides/balanced-js/
https://github.com/PoundPay/balanced/blob/master/balanced_service/resources/bank_accounts/forms/rev1.py#L15 has the type field documented as account_type
but it looks like balanced.js is expecting type
https://github.com/balanced/balanced-js/blob/rev1/src/balanced.js#L310
Take our existing dashboard build system and port this to this repo.
I want to be able to run:
grunt build
grunt test
and have it build the js for prod and run a test suite respectively.
We need to get the error messages between the current server side validation and the client side validation consistent for rev1.
e.g.
CURL
{
"errors": [
{
"status": "Bad Request",
"category_code": "request",
"additional": null,
"status_code": 400,
"category_type": "request",
"extras": {
"cvv": "Security code is not valid for mastercard"
},
"request_id": "OHM2a54ac64201111e397ab026ba7d79bff",
"description": "Invalid field [cvv] - Security code is not valid for mastercard Your request id is OHM2a54ac64201111e397ab026ba7d79bff."
}
]
}
JS
{
"error": {
"security_code": "\"\" is not a valid credit card security code"
},
"status": 400
}
Please ensure that the keys and properties are consistent across both (the server is the reference, the client should emulate that fully).
Other validation methods use the format of isXValid. Should validateRoutingNumber be renamed to isRoutingNumberValid to be consistent?
bower install balanced-js
It'd be nice to version this dependency.
Currently it just finishes and you need to open up a network inspector to see if it worked as expected.
I'm attempting to set up catches for errors using the numbers specified here: https://docs.balancedpayments.com/1.1/overview/resources/#test-credit-card-numbers
However balanced-js
never seems to return any errors for these cards.
For functions which take callbacks, such as balanced.card.create
, it would be very convenient if we could send an additional context, which will be set to this
. It could be called like so:
balanced.card.create(card_data, callbackFunction, [context])
This is extremely handy for any js that tries to emulate some form of OOP (ie: backbone views).
Implement travis so we can build and run tests.
Add a validation function to ensure the account number is all digits.
We recently deployed a change to allow CORs requests for card/bank account tokenization.
We should support this instead since it will simplify the client.
Balanced.js should exist as a package in modern-day browser package managers such as bower.io or component.io
We need a bower.json
file and a component.json
file to do this properly.
In attempting to run tests on linux I have found that the testing framework is very brittle
google-chrome
be in my path otherwise it crashes, it did not look at the fact that chromium
is in my path, and it should not fail if someone does not have chrome or firefox not installed.grunt serve
it looks like it tries to make a mac specific open
call after starting the server, but when that fails the grunt task fails and stops the serverNot included currently
The XD library appears to be incorrectly serializing arrays when passing them from proxy to the balanced.js library.
Here's what the server returns:
{
"cards": [
{
"href": "/cards/CC6AmwAOSWiNXW3YVn2Mx14b",
"id": "CC6AmwAOSWiNXW3YVn2Mx14b",
"links": {}
}
],
"links": {}
}
Here's what balanced.js spits out:
{
"status": 201,
"data": {
"cards": {
"0": {
"href": "/cards/CC6AmwAOSWiNXW3YVn2Mx14b",
"id": "CC6AmwAOSWiNXW3YVn2Mx14b"
}
}
}
}
If you look closely you'll see that the cards
collection has changed from a list into a hash.
I suspect the issue lies in the XD deserialization lib but I have not confirmed - https://github.com/balanced/balanced-js/blob/rev1/lib/xd.js#L4
A thought after reading #85
In the future, might it be possible to allow the marketplace owner (..or connecting user?) to set `send_limit_amount' to minimize risk?
According to the docs, a postal_code requires a country_code but not a street address.
However, if you try a balanced.card.create
with valid card info and a postal_code
set, you will get back an error that the street_address
is not set.
We would like to include a postal code for fraud protection purposes, but do not want to discourage users by also requiring a street address.
It is trying to make a JSONP request to the api server. It gets a 401 Authorization Required response.
cURL:
curl 'https://api.balancedpayments.com/jsonp/cards?callback=balanced_jsonp_40716435480862856&data=%7B%22number%22:%224242424242424242%22,%22expiration_month%22:3,%22expiration_year%22:2015,%22security_code%22:%22123%22,%22name%22:%22Tarun%20Chaudhry%22,%22postal_code%22:%2295014%22,%22meta%22:%7B%22capabilities_system_timezone%22:-8,%22capabilities_user_agent%22:%22Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_9_0)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/31.0.1650.57%20Safari/537.36%22,%22capabilities_language%22:%22en-US%22,%22capabilities_kp%22:36,%22capabilities_cli%22:0,%22capabilities_loaded%22:1386294521720,%22capabilities_screen_width%22:1920,%22capabilities_screen_length%22:1080,%22capabilities_hist%22:2,%22capabilities_cookie%22:%221383350633531.36316291126422584.58!0%22,%22capabilities_cl%22:true,%22capabilities_ps%22:true,%22capabilities_submitted%22:1386295111455,%22capabilities_scrollX%22:0,%22capabilities_scrollY%22:0%7D%7D' -H 'Host: api.balancedpayments.com' -H 'Authorization: Basic MY_MARKETPLACE_AUTH' -H 'Cookie: csrftoken=CRSF_TOKEN; existing=1; session=SESSION_COOKIE'
Response:
balanced_jsonp_40716435480862856(
{"status":401,"header":{"X-Balanced-Guru":"OHMe84c2f585e1911e3a84c02a1fe53e539","Content-Type":"application/json","www-authenticate":"Basic realm="
The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required.</p>
In case you are allowed to request the document, please check your user-id and password and try again.</p>"","x-newrelic-app-data":"PxQFWFNXCQYTVVhWAwQDVUYdFhE1AwE2QgNWEVlbQFtcCxY0QwgcAQVEUxJETxgDHERRTAcDBF5TBQYHVlJSWgNRDFsOFBQDA1ABTRFDB1dQBVVQV1RaAFZVUQMEARVKRFdXXxEDPg==","access-control-allow-origin":"*","Content-Length":600,"access-control-allow-headers":"Content-Type","x-balanced-host":"balanced-api-05","access-control-allow-methods":"POST, OPTIONS","X-Midlr-Version":"2","x-balanced-version":"aadda5908f9c6479980e9e4b1fc747ed1255abcb"},"body":"{\n "status": "Unauthorized",\n "category_code": "authentication-required",\n "category_type": "permission",\n "description": "
The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required.</p>
In case you are allowed to request the document, please check your user-id and password and try again.</p> Your request id is OHMe84c2f585e1911e3a84c02a1fe53e539.",\n "request_id": "OHMe84c2f585e1911e3a84c02a1fe53e539",\n "status_code": 401\n}"}
);
This is from the dashboard.
Throws a 400 error.
Line 525: unknown object 'global'. I had to add line:
var global = {};
above to fix it.
Would it be worthwhile to include the tax_id in the call to balanced.bankAccount.create?
in the balanced.js docs
it says in the general validation area
balanced.bankAccount.validate({bank_code, account_number, name})
it should be balanced.bankAccount.validate({bank_code: bank_code, account_number: account_number, name: name})
If the /example
dir was copied into the build dir then we could run a single server rather than running an example and the js file on separate servers.
The current library which is not open source.
Let's port that code over here and make the existing tests work. It uses jasmine for integration testing, is that still the best way to do this?
Don't port the fabfile, we should deploy the same way we deploy the dashboard.
Validation should be more strict and/or more informative. Examples:
/* I think there should be some sort of warning
for trying to pass in an object, or if there is a
clear type mismatch */
balanced.bankAccount.create({
name: 1010001101010,
routing_number: 123123123,
account_number: {
'omg': 'wtfbbq'
}
}, function(res) {...}); // 201
/* same issue with functions, it makes the request
though it does not serialize the `account_number`
and thus it errors, could have been prevented */
balanced.bankAccount.create({
name: 'foo bar',
routing_number: 123123123,
account_number: function(){}
}, function(res) {...}); // 400
/* it would be nice if `create` could return a promise using
some lightweight promises lib that implements promises/A+ */
var promise = balanced.bankAccount.create({
name: 'foo bar',
routing_number: 123123123,
account_number: 58294368
}); // cryptic error message due to minification, needs callback function parameter
balanced.bankAccount.create('foo'); // yay cryptic error
The request would look something like https://api.balancedpayments.com/cards?callback=asdfadsf&data=urlencode(JSON.stringify(data_for_request))
Or we could make a separate end point just for the jsonp: https://api.balancedpayments.com/jsonp/(cards|bank_accounts)&callback=asdfasdf&data=urlencode(JSON.stringify(data_for_request)
http://www.erikzaadi.com/2012/07/16/jquery-compatible-jsonp-with-nginx/
Possible nginx config to support this
location /jsonp/cards {
log_format compression '$remote_addr - $remote_user [$time_local] '
'"/jsonp/cards" $status $bytes_sent '
'"$http_referer" "$http_user_agent"';
if ($args_callback) {
echo_before_body '$args_callback(';
echo_after_body ');'
}
set $upstream_api_url http://midlr_api;
proxy_method POST;
proxy_set_header 'Content-type' 'application/json';
proxy_set_body $args_data;
proxy_pass $upstream_api_url/cards;
}
Hello,
I am developing a Parse app, which requires payment integration. Unfortunately Parse.com doesn't support NPM, because of which I cannot do npm install and get work done. Is there a way to include say a "stand alone" js library which includes all dependencies. Right now its not working because jsonapi-client.js (one of Balanced.js's dependencies) is found to be missing.
Error: https://gist.github.com/sidharthshah/8a44fce5c8b5bd2c82cb
Any other suggestion would be appreciated.
This would prevent future issues such as #68
https://github.com/balanced/balanced-js/blob/rev1/Gruntfile.js#L13
Stops debugging issues like in #65
In src/balanced.js
line 226 and 315, you're not checking hasOwnProperty when iterating through object properties. Since Ember.js adds extensions to arrays, ec
will be >0 for an empty array, causing all creates to fail.
We're seeing some slowness occasionally during tokenizations.
The actual tokenization call is zippy (<2s)
[marshall@balanced-log-01:~]$ grep -r OHM6629e8960e9e11e380ca02a1fe52a36c /mnt/logs/balanced-api-0?/2013-08-26/nginx-access
/mnt/logs/balanced-api-05/2013-08-26/nginx-access:50.18.199.26 - - [26/Aug/2013:22:25:33 +0000] "POST /v1/marketplaces/TEST-MP5m04ORxNlNDm1bB7nkcgSY/bank_accounts HTTP/1.1" 201 1063 "https://js.balancedpayments.com/proxy" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.57 Safari/537.36" 1.212 "OHM6629e8960e9e11e380ca02a1fe52a36c"
But the tokenizer has to wait aaaages before it gets the response
[marshall@balanced-log-01:~]$ grep -r OHM6629e8960e9e11e380ca02a1fe52a36c /mnt/logs/balanced-www-0?/2013-08-26/nginx-access
/mnt/logs/balanced-www-01/2013-08-26/nginx-access:173.164.253.217 - - [26/Aug/2013:22:25:33 +0000] "POST /v1/marketplaces/TEST-MP5m04ORxNlNDm1bB7nkcgSY/bank_accounts HTTP/1.1" 201 1063 "https://js.balancedpayments.com/proxy" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.57 Safari/537.36" 17.167 "OHM6629e8960e9e11e380ca02a1fe52a36c"
This is on a test marketplace so it looks like this is general network latency between the balanced-js relay, the ELB and the balanced service (or possibly midlr but I didn't see any requests matching that OHM).
The current version of balanced.js works like this:
We're streamlining this process by allowing cards to be tokenized at the root level (e.g. they will POST to api.balancedpayments.com/cards
(not routed under marketplace).
We need to change the balanced.js library to handle this. There should be no more init
call.
This must be completely tested.
Questions:
As above.
should live at https://js.balancedpayments.com/0.0.1/balanced.js
Error messages do not all come at the same time.
If the user forgets to enter name, routing number, or account number, then the errors say those fields are missing. However, balanced.js won't notify of a missing type field until the other 3 fields are filled.
Another problem is that balanced.js won't validate routing numbers until after type is selected (using test numbers from the docs). If this due to different number validations for checking and savings account, please state clearly in the docs.
Error messages are not consistent
There are these:
account_number: "Missing field"
bank_code: ""123" is not a valid bank code"
name: "Missing field"
Then there's this:
category_code: "request"
category_type: "request"
description: "Invalid field [type] - "None" must be a string Your request id is OHMc47b762c47af11e3925902a1fe53e539."
extras: Object
request_id: "OHMc47b762c47af11e3925902a1fe53e539"
status: "Bad Request"
status_code: "400"
And this:
category_code: "invalid-routing-number"
category_type: "request"
description: "Routing number is invalid. Your request id is OHMd2a442ba47af11e3b00702a1fe53e539."
extras: Object
request_id: "OHMd2a442ba47af11e3b00702a1fe53e539"
status: "Bad Request"
status_code: "400"
This needs 3 ways to check errors: by checking the key, by searching the description string for [type], and by checking the category_code value.
Cross-browser testing:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.