magento
diff --git a/‎CHANGELOG.md
Lines changed: 612 additions & 0 deletions b/‎CHANGELOG.md
Lines changed: 612 additions & 0 deletions
diff --git a/‎app/code/Magento/AdvancedSearch/view/adminhtml/templates/system/config/testconnection.phtml
Lines changed: 0 additions & 1 deletion b/‎app/code/Magento/AdvancedSearch/view/adminhtml/templates/system/config/testconnection.phtml
Lines changed: 0 additions & 1 deletion
diff --git a/‎app/code/Magento/AdvancedSearch/view/frontend/templates/search_data.phtml
Lines changed: 3 additions & 3 deletions b/‎app/code/Magento/AdvancedSearch/view/frontend/templates/search_data.phtml
Lines changed: 3 additions & 3 deletions
diff --git a/‎app/code/Magento/Analytics/view/adminhtml/templates/dashboard/section.phtml
Lines changed: 0 additions & 1 deletion b/‎app/code/Magento/Analytics/view/adminhtml/templates/dashboard/section.phtml
Lines changed: 0 additions & 1 deletion
diff --git a/‎app/code/Magento/Authorization/Model/Role.php
Lines changed: 1 addition & 11 deletions b/‎app/code/Magento/Authorization/Model/Role.php
Lines changed: 1 addition & 11 deletions
diff --git a/‎app/code/Magento/Authorizenet/Test/Mftf/Test/StorefrontVerifySecureURLRedirectAuthorizenetTest.xml
Lines changed: 42 additions & 0 deletions b/‎app/code/Magento/Authorizenet/Test/Mftf/Test/StorefrontVerifySecureURLRedirectAuthorizenetTest.xml
Lines changed: 42 additions & 0 deletions
diff --git a/‎app/code/Magento/Authorizenet/view/adminhtml/templates/directpost/iframe.phtml
Lines changed: 4 additions & 6 deletions b/‎app/code/Magento/Authorizenet/view/adminhtml/templates/directpost/iframe.phtml
Lines changed: 4 additions & 6 deletions
diff --git a/‎app/code/Magento/Authorizenet/view/adminhtml/templates/directpost/info.phtml
Lines changed: 8 additions & 9 deletions b/‎app/code/Magento/Authorizenet/view/adminhtml/templates/directpost/info.phtml
Lines changed: 8 additions & 9 deletions
diff --git a/‎app/code/Magento/Authorizenet/view/adminhtml/templates/order/view/info/fraud_details.phtml
Lines changed: 7 additions & 8 deletions b/‎app/code/Magento/Authorizenet/view/adminhtml/templates/order/view/info/fraud_details.phtml
Lines changed: 7 additions & 8 deletions
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/Gateway/Response/CloseTransactionHandler.php
Lines changed: 9 additions & 2 deletions b/‎app/code/Magento/AuthorizenetAcceptjs/Gateway/Response/CloseTransactionHandler.php
Lines changed: 9 additions & 2 deletions
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml
Lines changed: 5 additions & 0 deletions b/‎app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml
Lines changed: 5 additions & 0 deletions
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/etc/di.xml
Lines changed: 8 additions & 1 deletion b/‎app/code/Magento/AuthorizenetAcceptjs/etc/di.xml
Lines changed: 8 additions & 1 deletion
diff --git a/‎app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/templates/form/cc.phtml
Lines changed: 7 additions & 8 deletions b/‎app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/templates/form/cc.phtml
Lines changed: 7 additions & 8 deletions
@@ -3,7 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-// @codingStandardsIgnoreFile
 ?>
 <button class="scalable" type="button" id="<?= $block->getHtmlId() ?>" data-mage-init='{"testConnection":{
     "url": "<?= $block->escapeUrl($block->getAjaxUrl()) ?>",
 
@@ -3,22 +3,22 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-// @codingStandardsIgnoreFile
+
 /**
  * @var \Magento\AdvancedSearch\Block\SearchData $block
  */
 ?>
 <?php
 /** @var \Magento\Search\Model\QueryResult[] $data */
 $data = $block->getItems();
-if (count($data)):?>
+if (count($data)) : ?>
     <dl class="block">
         <dt class="title"><?= $block->escapeHtml(__($block->getTitle())) ?></dt>
         <?php foreach ($data as $additionalInfo) : ?>
             <dd class="item">
                 <a href="<?= $block->escapeUrl($block->getLink($additionalInfo->getQueryText())) ?>"
                     ><?= $block->escapeHtml($additionalInfo->getQueryText()) ?></a>
-                <?php if ($block->isShowResultsCount()): ?>
+                <?php if ($block->isShowResultsCount()) : ?>
                     <span class="count"><?= /* @noEscape */ (int)$additionalInfo->getResultsCount() ?></span>
                 <?php endif; ?>
             </dd>
 
@@ -3,7 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-// @codingStandardsIgnoreFile
 ?>
 
 <section class="dashboard-advanced-reports" data-index="dashboard-advanced-reports">
 
@@ -40,7 +40,7 @@ class Role extends \Magento\Framework\Model\AbstractModel
      * @param \Magento\Authorization\Model\ResourceModel\Role\Collection $resourceCollection
      * @param array $data
      */
-    public function __construct(
+    public function __construct( //phpcs:ignore Generic.CodeAnalysis.UselessOverridingMethod
         \Magento\Framework\Model\Context $context,
         \Magento\Framework\Registry $registry,
         \Magento\Authorization\Model\ResourceModel\Role $resource,
@@ -52,28 +52,18 @@ public function __construct(
 
     /**
      * @inheritDoc
-     *
-     * @SuppressWarnings(PHPMD.SerializationAware)
-     * @deprecated Do not use PHP serialization.
      */
     public function __sleep()
     {
-        trigger_error('Using PHP serialization is deprecated', E_USER_DEPRECATED);
-
         $properties = parent::__sleep();
         return array_diff($properties, ['_resource', '_resourceCollection']);
     }
 
     /**
      * @inheritDoc
-     *
-     * @SuppressWarnings(PHPMD.SerializationAware)
-     * @deprecated Do not use PHP serialization.
      */
     public function __wakeup()
     {
-        trigger_error('Using PHP serialization is deprecated', E_USER_DEPRECATED);
-
         parent::__wakeup();
         $objectManager = \Magento\Framework\App\ObjectManager::getInstance();
         $this->_resource = $objectManager->get(\Magento\Authorization\Model\ResourceModel\Role::class);
 
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="StorefrontVerifySecureURLRedirectAuthorizenet">
+        <annotations>
+            <features value="Authorizenet"/>
+            <stories value="Storefront Secure URLs"/>
+            <title value="Verify Secure URLs For Storefront Authorizenet Pages"/>
+            <description value="Verify that the Secure URL configuration applies to the Authorizenet pages on the Storefront"/>
+            <severity value="MAJOR"/>
+            <testCaseId value="MC-15610"/>
+            <group value="authorizenet"/>
+            <group value="configuration"/>
+            <group value="secure_storefront_url"/>
+        </annotations>
+        <before>
+            <createData entity="Simple_US_Customer" stepKey="customer"/>
+            <actionGroup ref="LoginToStorefrontActionGroup" stepKey="loginToStorefront">
+                <argument name="Customer" value="$$customer$$"/>
+            </actionGroup>
+            <executeJS function="return window.location.host" stepKey="hostname"/>
+            <magentoCLI command="config:set web/secure/base_url https://{$hostname}/" stepKey="setSecureBaseURL"/>
+            <magentoCLI command="config:set web/secure/use_in_frontend 1" stepKey="useSecureURLsOnStorefront"/>
+            <magentoCLI command="cache:flush" stepKey="flushCache"/>
+        </before>
+        <after>
+            <magentoCLI command="config:set web/secure/use_in_frontend 0" stepKey="dontUseSecureURLsOnStorefront"/>
+            <magentoCLI command="cache:flush" stepKey="flushCache"/>
+            <deleteData createDataKey="customer" stepKey="deleteCustomer"/>
+        </after>
+        <executeJS function="return window.location.host" stepKey="hostname"/>
+        <amOnUrl url="http://{$hostname}/authorizenet" stepKey="goToUnsecureAuthorizenetURL"/>
+        <seeCurrentUrlEquals url="https://{$hostname}/authorizenet" stepKey="seeSecureAuthorizenetURL"/>
+    </test>
+</tests>
@@ -4,8 +4,6 @@
  * See COPYING.txt for license details.
  */
 
-// @codingStandardsIgnoreFile
-
 /**
  * @var $block \Magento\Authorizenet\Block\Transparent\Iframe
  */
@@ -15,15 +13,15 @@ $helper = $block->getHelper('adminhtml');
 <html>
     <head>
         <script>
-        <?php if (isset($params['redirect'])): ?>
+        <?php if (isset($params['redirect'])) : ?>
             window.location="<?= $block->escapeUrl($params['redirect']) ?>";
         <?php endif; ?>
-        <?php if (isset($params['redirect_parent'])): ?>
+        <?php if (isset($params['redirect_parent'])) : ?>
             window.top.location="<?= $block->escapeUrl($params['redirect_parent']) ?>";
         <?php endif; ?>
-        <?php if (isset($params['error_msg'])): ?>
+        <?php if (isset($params['error_msg'])) : ?>
             window.top.directPostModel.showError(<?= /* @noEscape */ json_encode((array)$params['error_msg']) ?>);
-            <?php if (isset($params['x_invoice_num'])): ?>
+            <?php if (isset($params['x_invoice_num'])) : ?>
                 window.top.directPostModel.successUrl="<?= $block->escapeUrl($helper->getSuccessOrderUrl($params)) ?>";
             <?php endif; ?>
         <?php endif; ?>
 
@@ -4,15 +4,14 @@
  * See COPYING.txt for license details.
  */
 
-// @codingStandardsIgnoreFile
 /**
  * @var \Magento\Authorizenet\Block\Transparent\Iframe $block
  * @see \Magento\Authorizenet\Block\Transparent\Iframe
  */
 $code = $block->escapeHtml($block->getMethodCode());
 $method = $block->getMethod();
 $controller = $block->escapeHtml($block->getRequest()->getControllerName());
-$orderUrl = $block->escapeUrl($this->helper('Magento\Authorizenet\Helper\Backend\Data')->getPlaceOrderAdminUrl());
+$orderUrl = $block->escapeUrl($block->getHelper('adminhtml')->getPlaceOrderAdminUrl());
 $ccType = $block->getInfoData('cc_type');
 $ccExpMonth = $block->getInfoData('cc_exp_month');
 $ccExpYear = $block->getInfoData('cc_exp_year');
@@ -41,9 +40,9 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
                         'validate-cc-type-select':'#<?= /* @noEscape */ $code ?>_cc_number'
                         }">
                 <option value=""><?= $block->escapeHtml(__('Please Select')) ?></option>
-                <?php foreach ($block->getCcAvailableTypes() as $typeCode => $typeName): ?>
+                <?php foreach ($block->getCcAvailableTypes() as $typeCode => $typeName) : ?>
                     <option value="<?= $block->escapeHtml($typeCode) ?>"
-                            <?php if ($typeCode == $ccType): ?>selected="selected"<?php endif; ?>>
+                            <?php if ($typeCode == $ccType) : ?>selected="selected"<?php endif; ?>>
                         <?= $block->escapeHtml($typeName) ?>
                     </option>
                 <?php endforeach; ?>
@@ -81,9 +80,9 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
                         'required':true,
                         'validate-cc-exp':'#<?= /* @noEscape */ $code ?>_expiration_yr'
                         }">
-                <?php foreach ($block->getCcMonths() as $k => $v): ?>
+                <?php foreach ($block->getCcMonths() as $k => $v) : ?>
                     <option value="<?= $block->escapeHtml($k) ?>"
-                            <?php if ($k == $ccExpMonth): ?>selected="selected"<?php endif; ?>>
+                            <?php if ($k == $ccExpMonth) : ?>selected="selected"<?php endif; ?>>
                         <?= $block->escapeHtml($v) ?>
                     </option>
                 <?php endforeach; ?>
@@ -93,17 +92,17 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
                     class="admin__control-select admin__control-select-year"
                     data-container="<?= /* @noEscape */ $code ?>-cc-year"
                     data-validate="{required:true}">
-                <?php foreach ($block->getCcYears() as $k => $v): ?>
+                <?php foreach ($block->getCcYears() as $k => $v) : ?>
                     <option value="<?= /* @noEscape */ $k ? $block->escapeHtml($k) : '' ?>"
-                            <?php if ($k == $ccExpYear): ?>selected="selected"<?php endif; ?>>
+                            <?php if ($k == $ccExpYear) : ?>selected="selected"<?php endif; ?>>
                         <?= $block->escapeHtml($v) ?>
                     </option>
                 <?php endforeach; ?>
             </select>
         </div>
     </div>
 
-    <?php if ($block->hasVerification()): ?>
+    <?php if ($block->hasVerification()) : ?>
     <div class="admin__field _required field-cvv">
         <label class="admin__field-label"
                for="<?= /* @noEscape */ $code ?>_cc_cid"
 
@@ -4,49 +4,48 @@
  * See COPYING.txt for license details.
  */
 
-// @codingStandardsIgnoreFile
 /**
  * @var \Magento\Authorizenet\Block\Adminhtml\Order\View\Info\FraudDetails $block
  */
 $payment = $block->getPayment();
 $fraudDetails = $payment->getAdditionalInformation('fraud_details');
 ?>
 
-<?php if (!empty($fraudDetails)): ?>
+<?php if (!empty($fraudDetails)) : ?>
     <div class="admin__page-section-item-title">
         <span class="title"><?= $block->escapeHtml(__('Fraud Detection ')) ?></span>
     </div>
 
     <div class="admin__page-section-item-content">
         <div class="order-payment-additional">
-            <?php if(!empty($fraudDetails['fds_filter_action'])): ?>
+            <?php if (!empty($fraudDetails['fds_filter_action'])) : ?>
                 <?= $block->escapeHtml(__('FDS Filter Action')) ?>:
                 <?= $block->escapeHtml($fraudDetails['fds_filter_action']) ?>
                 </br>
             <?php endif; ?>
 
-            <?php if(!empty($fraudDetails['avs_response'])): ?>
+            <?php if (!empty($fraudDetails['avs_response'])) : ?>
                 <?= $block->escapeHtml(__('AVS Response')) ?>:
                 <?= $block->escapeHtml($fraudDetails['avs_response']) ?>
                 </br>
             <?php endif; ?>
 
-            <?php if(!empty($fraudDetails['card_code_response'])): ?>
+            <?php if (!empty($fraudDetails['card_code_response'])) : ?>
                 <?= $block->escapeHtml(__('Card Code Response')) ?>:
                 <?= $block->escapeHtml($fraudDetails['card_code_response']) ?>
                 </br>
             <?php endif; ?>
 
-            <?php if(!empty($fraudDetails['cavv_response']) || ($fraudDetails['cavv_response'] === 0)): ?>
+            <?php if (!empty($fraudDetails['cavv_response']) || ($fraudDetails['cavv_response'] === 0)) : ?>
                 <?= $block->escapeHtml(__('CAVV Response')) ?>:
                 <?= $block->escapeHtml($fraudDetails['cavv_response']) ?>
                 </br>
             <?php endif; ?>
 
-            <?php if(!empty($fraudDetails['fraud_filters'])): ?>
+            <?php if (!empty($fraudDetails['fraud_filters'])) : ?>
                 <strong><?= $block->escapeHtml(__('Fraud Filters')) ?>:
                 </strong></br>
-                <?php foreach($fraudDetails['fraud_filters'] as $filter): ?>
+                <?php foreach ($fraudDetails['fraud_filters'] as $filter) : ?>
                     <?= $block->escapeHtml($filter['name']) ?>:
                     <?= $block->escapeHtml($filter['action']) ?>
                     </br>
 
@@ -22,12 +22,19 @@ class CloseTransactionHandler implements HandlerInterface
      */
     private $subjectReader;
 
+    /**
+     * @var bool
+     */
+    private $closeTransaction;
+
     /**
      * @param SubjectReader $subjectReader
+     * @param bool $closeTransaction
      */
-    public function __construct(SubjectReader $subjectReader)
+    public function __construct(SubjectReader $subjectReader, bool $closeTransaction = true)
     {
         $this->subjectReader = $subjectReader;
+        $this->closeTransaction = $closeTransaction;
     }
 
     /**
@@ -39,7 +46,7 @@ public function handle(array $handlingSubject, array $response): void
         $payment = $paymentDO->getPayment();
 
         if ($payment instanceof Payment) {
-            $payment->setIsTransactionClosed(true);
+            $payment->setIsTransactionClosed($this->closeTransaction);
             $payment->setShouldCloseParentTransaction(true);
         }
     }
 
@@ -31,4 +31,9 @@
             </argument>
         </arguments>
     </virtualType>
+    <virtualType name="AuthorizenetAcceptjsAuthorizeCommand" type="Magento\Payment\Gateway\Command\GatewayCommand">
+        <arguments>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
+        </arguments>
+    </virtualType>
 </config>
@@ -134,6 +134,7 @@
         <arguments>
             <argument name="requestBuilder" xsi:type="object">AuthorizenetAcceptjsRefundRequest</argument>
             <argument name="handler" xsi:type="object">AuthorizenetAcceptjsRefundSettledHandler</argument>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
         </arguments>
     </virtualType>
     <virtualType name="AuthorizenetAcceptjsCaptureCommand" type="Magento\AuthorizenetAcceptjs\Gateway\Command\CaptureStrategyCommand">
@@ -145,6 +146,7 @@
         <arguments>
             <argument name="requestBuilder" xsi:type="object">AuthorizenetAcceptjsCaptureRequest</argument>
             <argument name="handler" xsi:type="object">AuthorizenetAcceptjsCaptureTransactionHandler</argument>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
         </arguments>
     </virtualType>
     <virtualType name="AuthorizenetAcceptjsVoidCommand" type="Magento\Payment\Gateway\Command\GatewayCommand">
@@ -188,10 +190,15 @@
             </argument>
         </arguments>
     </virtualType>
+    <virtualType name="CloseCaptureTransactionHandler" type="Magento\AuthorizenetAcceptjs\Gateway\Response\CloseTransactionHandler">
+        <arguments>
+            <argument name="closeTransaction" xsi:type="boolean">false</argument>
+        </arguments>
+    </virtualType>
     <virtualType name="AuthorizenetAcceptjsCaptureTransactionHandler" type="Magento\Payment\Gateway\Response\HandlerChain">
         <arguments>
             <argument name="handlers" xsi:type="array">
-                <item name="close_parent_transaction" xsi:type="string">Magento\AuthorizenetAcceptjs\Gateway\Response\CloseParentTransactionHandler</item>
+                <item name="close_transaction" xsi:type="string">CloseCaptureTransactionHandler</item>
             </argument>
         </arguments>
     </virtualType>
 
@@ -4,7 +4,6 @@
  * See COPYING.txt for license details.
  */
 
-// @codingStandardsIgnoreFile
 /**
  * @var Magento\AuthorizenetAcceptjs\Block\Form $block
  */
@@ -23,8 +22,8 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
             <select id="<?= /* @noEscape */ $code ?>_cc_type" name="payment[cc_type]"
                     class="required-entry validate-cc-type-select admin__control-select">
                 <option value=""></option>
-                <?php foreach ($block->getCcAvailableTypes() as $typeCode => $typeName): ?>
-                    <option value="<?= $block->escapeHtml($typeCode) ?>" <?php if ($typeCode == $ccType): ?>selected="selected"<?php endif ?>>
+                <?php foreach ($block->getCcAvailableTypes() as $typeCode => $typeName) : ?>
+                    <option value="<?= $block->escapeHtml($typeCode) ?>" <?php if ($typeCode == $ccType) : ?>selected="selected"<?php endif ?>>
                         <?= $block->escapeHtml($typeName) ?>
                     </option>
                 <?php endforeach ?>
@@ -48,26 +47,26 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
         <div class="admin__field-control">
             <select id="<?= /* @noEscape */ $code ?>_cc_exp_month" name="payment[cc_exp_month]"
                     class="admin__control-select admin__control-select-month validate-cc-exp required-entry">
-                <?php foreach ($block->getCcMonths() as $k => $v): ?>
+                <?php foreach ($block->getCcMonths() as $k => $v) : ?>
                     <option value="<?= $block->escapeHtml($k) ?>"
-                            <?php if ($k == $ccExpMonth): ?>selected="selected"<?php endif ?>>
+                            <?php if ($k == $ccExpMonth) : ?>selected="selected"<?php endif ?>>
                         <?= $block->escapeHtml($v) ?>
                     </option>
                 <?php endforeach; ?>
             </select>
             <select id="<?= /* @noEscape */ $code ?>_cc_exp_year" name="payment[cc_exp_year]"
                     class="admin__control-select admin__control-select-year required-entry">
-                <?php foreach ($block->getCcYears() as $k => $v): ?>
+                <?php foreach ($block->getCcYears() as $k => $v) : ?>
                     <option value="<?= /* @noEscape */ $k ? $block->escapeHtml($k) : '' ?>"
-                            <?php if ($k == $ccExpYear): ?>selected="selected"<?php endif ?>>
+                            <?php if ($k == $ccExpYear) : ?>selected="selected"<?php endif ?>>
                         <?= $block->escapeHtml($v) ?>
                     </option>
                 <?php endforeach ?>
             </select>
         </div>
     </div>
 
-    <?php if ($block->isCvvEnabled()): ?>
+    <?php if ($block->isCvvEnabled()) : ?>
         <div class="field-number required admin__field _required">
             <label class="admin__field-label" for="<?= /* @noEscape */ $code ?>_cc_cid">
                 <span><?= $block->escapeHtml(__('Card Verification Number')) ?></span>