Documentation Home

Cybersource Secure Acceptance SOP Quick Start

Broadleaf Commerce offers an out-of-the-box Cybersource Secure Acceptance SOP solution that requires little configuration and is easily set up.

** You must have completed the Cybersource Secure Acceptance SOP Environment Setup before continuing **

Adding Cybersource Secure Acceptance SOP Checkout Support

  1. Exclude the cybersource URL from the CSRF token filter in your applicationContext-security.xml
    <bean id="blCsrfFilter" class="org.broadleafcommerce.common.security.handler.CsrfFilter" >
        <property name="excludedRequestPatterns">
            <list>
                <value>/cybersource-payment/**</value>
            </list>
        </property>
    </bean>

Done!

At this point, all the configuration should be complete and you are now ready to test your integration with CyberSource Secure Acceptance SOP. Add something to your cart and proceed with checkout.

Advanced Configuration: Creating and Updating Payment Tokens for Credit Cards and eChecks

This module also allows you to CREATE and UPDATE payment tokens utilizing the Transparent Redirect pattern provided by the CyberSource Secure Acceptance tokenization API's.

For example, you may wish to allows customers the ability to save payment methods in their account using Broadleaf's CustomerPayment entity.
To do that, all you need to do is create a page that utilizes the Transparent Redirect Credit Card Processor with the parameter config-create_payment_token="CREDIT_CARD".

    <blc:transparent_credit_card_form paymentRequestDTO="${customerPaymentDto}"
                                      action="#"
                                      role="form"
                                      method="POST"
                                      config-create_payment_token="CREDIT_CARD">

        <div class="form-group">
            <label>Card Holders Name</label>
            <input th:name="${#paymentGatewayField.mapName('creditCard.creditCardHolderName')}"
                   type="text"
                   class="form-control"
                   placeholder="Bill Broadleaf"
                   value="Bill Broadleaf"/>
        </div>

        ...

    </blc:transparent_credit_card_form>

Note: If you need to create a payment token for an eCheck, your parameter would be: config-create_payment_token="ELECTRONIC_CHECK".
Similarly, if you need to create a form to UPDATE a Credit Card, your parameter would be: config-update_payment_token="CREDIT_CARD"

Note: The default implementation assumes that the billing information is already on the payment dto passed into the processor. The only fields
that are unsigned are the Credit Card information. You can change this by overriding the blCybersourcePaymentTransparentRedirectService and change the
getUnsignedCardFields() to return the comma separated list of unsigned fields necessary for your implementation.

The Thymeleaf processor will create the necessary Transparent Redirect form with the hidden fields needed to create the token.
If the call to CyberSource was successful, it will redirect to the configured gateway.cybersource.secureAcceptance.paymentToken.create.returnUrl