npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@cybersource/flex-sdk-web

v0.3.1

Published

Easily create payment tokens using Flex API

Downloads

7,518

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bprokopcbprokopcjadonaldjadonaldmneillmneillrgillanrgillan

Keywords

cybersourceflextokenizationpaymentssdk

Readme

flex-sdk-web

npm version

Storing your customer’s card data dramatically increases your repeat-custom conversion rate, but it can also introduce additional risks along with a PCI DSS overhead - these are mitigated by tokenizing the card data. CyberSource replaces your customer’s card data with a token that can be used only by you.

Secure Acceptance Flexible Token API provides a secure method for tokenizing card data and reducing your PCI DSS burden. Card data is encrypted on the customer’s device and sent directly to CyberSource, bypassing your systems altogether.

This SDK simplifies the client-side integration and enables:

  • Full control of the user experience
  • Wide range of browser support
  • SAQ A-EP eligibility

Table of contents

Installation

Install the package with:

yarn add @cybersource/flex-sdk-web
# or
npm install @cybersource/flex-sdk-web --save

The SDK is exposed as a UMD providing compatibility with most module loader specs or direct use in the browser via a script tag.

How to use

Include in your app

import flex from '@cybersource/flex-sdk-web';

const options = {};

flex.createToken(options, response => {
  // use response
});

OR

Include via a script tag

<html>
  <body>
    <script src="./YOUR_ASSETS_PATH/flex-sdk-web.js"></script>
    <script>
      var options = {};

      FLEX.createToken(options, function(response) {
        // use response
      });
    </script>
  </body>
</html>

Docs

Full documentation is located in the /docs folder at the root of the installation directory.

Example Integration

The SDK is non-prescriptive on your payment flow design, making few assumptions about your development stack. It is easily integrated into any front-end setup. Described below is a minimal example for a web app using full page refreshes and form POSTs.

Steps:

  • For each transaction a new Flex public key should be fetched prior to rendering the checkout page.
  • Flex public key is rendered to a JS variable in JWK format.
  • On the button click event all payment data is gathered and a token creation call is made using the SDK.
  • When the token is created, the value is set on a hidden field and the form is submitted.
  • You can use token with follow-on CyberSource services to complete payment (e.g. in the subscription ID field used in the Simple Order API).
<!-- checkout template -->
<html>
  <body>
    <form id="paymentForm" action="/your/server/endpoint" method="post">
      <input type="text" id="cardNumber" />
      <input type="text" name="securityCode" />
      <input type="text" name="cardExpirationMonth" />
      <input type="text" name="cardExpirationYear" />
      <select name="cardType">
        <option value="001">VISA</option>
        <option value="002">MasterCard</option>
        <option value="003">AmericanExpress</option>
      </select>
      <input type="hidden" name="token" />
      <button type="button" id="payBtn">Pay Now</button>
    </form>
    <script>
      var jwk = {
        /* flex public key in jwk format */
      };
    </script>
    <script src="integration.js"></script>
  </body>
</html>
// integration.js
import flex from '@cybersource/flex-sdk-web';

document.querySelector('#payBtn').addEventListener('click', () => {
  const options = {
    kid: jwk.kid,
    keystore: jwk,
    encryptionType: 'RsaOaep', // ensure this matches the encryptionType you specified when creating your key
    cardInfo: {
      cardNumber: document.querySelector('#cardNumber').value,
      cardType: document.querySelector('select[name="cardType"]').value,
      cardExpirationMonth: document.querySelector('input[name="cardExpirationMonth"]').value,
      cardExpirationYear: document.querySelector('input[name="cardExpirationYear"]').value
    }
  };

  flex.createToken(options, response => {
    if (response.error) {
      alert('There has been an error!');
      console.log(response);
      return;
    }

    document.querySelector("input[name='token']").value = response.token;
    document.querySelector('#paymentForm').submit();
  });
});

Note that the SDK can easily be integrated into a single page application, using AJAX for the key fetch and token submission.

Browser support

  • Chrome 37+
  • Internet Explorer 11
  • Safari 7.1+ *
  • iOS Safari 8+ *
  • Firefox 34+
  • Edge 12+

Note that Safari 10 and below does not support an encryptionType of RsaOaep256

Copyright and license

Code and documentation copyright 2017 CyberSource. Released under the CyberSource SDK License Agreement as detailed in ./LICENSE.md.