odex25_standard/odex25_donation/applepay_fast_checkout/controllers/main.py

import json
import secrets
import requests

from odoo.http import route, request, Controller

class ApplePayFastCheckout(Controller):

    @route('/applepay', type='http', auth='public', website=True, csrf=False)
    def apple_pay_iframe(self, **kwargs):
        nonce = secrets.token_urlsafe(16)
        acquirer_id = request.env['payment.acquirer'].sudo().search([('provider', '=', 'applepay')], limit=1)

        if acquirer_id.state == 'test':
            url = "https://eu-test.oppwa.com/v1/paymentWidgets.js"
        else:
            url = "https://eu-prod.oppwa.com/v1/paymentWidgets.js"

        integrity = requests.get(f'{url}/v1/fastcheckout/integrity').json().get('integrity', '')

        response = request.render("applepay_fast_checkout.apple_pay_iframe", {'hyperpay_src': url, 'merchant_id': acquirer_id.applepay_entity_id, 'nonce': nonce, 'integrity': integrity})
        response.headers['Content-Security-Policy'] = "script-src blob: 'self' 'unsafe-inline' 'unsafe-eval' https://*; worker-src blob: 'self' 'unsafe-inline' 'unsafe-eval' https://*;connect-src 'self' https://* wss://*;frame-src 'self' blob: https://*;"

        return response

    @route('/applepay/checkout', type='json', auth='public', website=True)
    def apple_pay_create_checkout(self, **post):
        data = json.loads(request.httprequest.data.decode('utf-8'))
        processed_data = self._process_checkout_data(data)
        checkout_id = self._get_checkout_id(processed_data)
        return {'checkout_id': checkout_id}

    def _process_checkout_data(self, data):
        return data

    def _get_checkout_id(self, vals):
        return ''