{"id":5,"date":"2026-04-09T02:04:48","date_gmt":"2026-04-09T02:04:48","guid":{"rendered":"https:\/\/merchant.cubis-helios.com\/?page_id=5"},"modified":"2026-04-09T04:40:28","modified_gmt":"2026-04-09T04:40:28","slug":"test-daletguard","status":"publish","type":"page","link":"https:\/\/merchant.cubis-helios.com\/","title":{"rendered":"Daletguard test"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\">Daletguard test \u2014 Social anti-fraud verification<\/h1>\n\n\n\n<p>This page is used to end-to-end test the <strong>daletguard<\/strong> integration from this merchant site to <code>https:\/\/daletguard.com<\/code>. The button below opens a modal containing an iframe hosted on daletguard.com, in which the user picks a social network and completes an OAuth flow. The result comes back to the page via <code>postMessage<\/code>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. &#8220;Checkout&#8221; scenario<\/h2>\n\n\n\n<p>Use case: a customer is about to confirm a cart. We ask for a light anti-fraud check.<\/p>\n\n\n    <div id=\"dg_0heIGWmX\" class=\"daletguard-wrap\" data-dg-mode=\"checkout\">\n        <button type=\"button\" class=\"daletguard-btn\">\ud83d\udd10 \ud83d\uded2 Verify to complete my order<\/button>\n        <pre class=\"daletguard-result\" aria-live=\"polite\"><\/pre>\n\n        <div class=\"daletguard-modal\" role=\"dialog\" aria-modal=\"true\" aria-label=\"Social verification\">\n            <div class=\"daletguard-modal-inner\">\n                <div class=\"daletguard-modal-head\">\n                    <strong>Social verification<\/strong>\n                    <button type=\"button\" class=\"daletguard-close\" aria-label=\"Close\">\u2715<\/button>\n                <\/div>\n                <iframe class=\"daletguard-iframe\"\n                        src=\"about:blank\"\n                        allow=\"publickey-credentials-get *; publickey-credentials-create *\"\n                        referrerpolicy=\"no-referrer\"><\/iframe>\n            <\/div>\n        <\/div>\n    <\/div>\n\n    <style>\n        #dg_0heIGWmX .daletguard-btn { padding:12px 20px;background:#2c3e50;color:#fff;border:0;border-radius:4px;cursor:pointer;font-size:15px; }\n        #dg_0heIGWmX .daletguard-btn:hover { background:#34495e; }\n        #dg_0heIGWmX .daletguard-result { margin-top:12px;padding:0;background:transparent;color:#555;font-family:ui-monospace,monospace;white-space:pre-wrap;word-break:break-word; }\n        #dg_0heIGWmX .daletguard-result.ok  { padding:10px;background:#d4edda;color:#155724;border-radius:4px; }\n        #dg_0heIGWmX .daletguard-result.err { padding:10px;background:#f8d7da;color:#721c24;border-radius:4px; }\n        #dg_0heIGWmX .daletguard-modal { display:none;position:fixed;inset:0;background:rgba(0,0,0,.6);z-index:9999;align-items:center;justify-content:center; }\n        #dg_0heIGWmX .daletguard-modal.open { display:flex; }\n        #dg_0heIGWmX .daletguard-modal-inner { background:#fff;padding:16px;border-radius:8px;width:440px;max-width:95vw; }\n        #dg_0heIGWmX .daletguard-modal-head { display:flex;justify-content:space-between;align-items:center;margin-bottom:8px; }\n        #dg_0heIGWmX .daletguard-close { border:0;background:transparent;font-size:22px;line-height:1;cursor:pointer;color:#666; }\n        #dg_0heIGWmX .daletguard-iframe { width:100%;height:520px;border:1px solid #ddd;border-radius:4px; }\n    <\/style>\n\n    <script>\n    (function(){\n        const ROOT    = document.getElementById(\"dg_0heIGWmX\");\n        if (!ROOT) return;\n        const btn     = ROOT.querySelector('.daletguard-btn');\n        const result  = ROOT.querySelector('.daletguard-result');\n        const modal   = ROOT.querySelector('.daletguard-modal');\n        const iframe  = ROOT.querySelector('.daletguard-iframe');\n        const close   = ROOT.querySelector('.daletguard-close');\n        const AJAX    = \"https:\\\/\\\/merchant.cubis-helios.com\\\/wp-admin\\\/admin-ajax.php\";\n        const DALET   = \"https:\\\/\\\/daletguard.com\";\n        const DALET_ORIGIN = new URL(DALET).origin;\n\n        function setResult(text, cls) {\n            result.className = 'daletguard-result' + (cls ? ' ' + cls : '');\n            result.textContent = text;\n        }\n        function openModal()  { modal.classList.add('open'); }\n        function closeModal() { modal.classList.remove('open'); iframe.src = 'about:blank'; }\n\n        close.addEventListener('click', closeModal);\n        modal.addEventListener('click', (e) => { if (e.target === modal) closeModal(); });\n\n        btn.addEventListener('click', async () => {\n            setResult('Initializing daletguard session\u2026');\n            try {\n                const body = new URLSearchParams({\n                    action: 'daletguard_init_session',\n                    mode:   ROOT.dataset.dgMode,\n                });\n                const res  = await fetch(AJAX, { method:'POST', credentials:'same-origin', body });\n                const data = await res.json();\n                if (!res.ok || !data.iframe_url) {\n                    throw new Error(data.error || ('HTTP ' + res.status));\n                }\n                setResult('Session ' + data.session_id + '\\nOpening iframe\u2026');\n                iframe.src = data.iframe_url;\n                openModal();\n            } catch (e) {\n                setResult('\u274c Init error: ' + e.message, 'err');\n            }\n        });\n\n        window.addEventListener('message', (ev) => {\n            \/\/ Whitelist stricte de l'origin : n'accepte que les messages venant de daletguard.com.\n            if (ev.origin !== DALET_ORIGIN) return;\n            const msg = ev.data || {};\n            if (msg.type === 'SOCIAL_AUTH_SUCCESS') {\n                setResult('\u2705 OAuth OK\\nnetwork: ' + msg.network + '\\nsession_id: ' + msg.session_id, 'ok');\n                setTimeout(closeModal, 1000);\n            } else if (msg.type === 'SOCIAL_AUTH_ERROR') {\n                setResult('\u274c OAuth error: ' + (msg.error || 'unknown'), 'err');\n                setTimeout(closeModal, 1500);\n            } else if (msg.type === 'SOCIAL_AUTH_CLOSE') {\n                closeModal();\n            }\n        });\n    })();\n    <\/script>\n    \n\n\n\n<h2 class=\"wp-block-heading\">2. &#8220;Signup&#8221; scenario<\/h2>\n\n\n\n<p>Use case: account creation. We require a slightly stronger verification.<\/p>\n\n\n    <div id=\"dg_AhY17yro\" class=\"daletguard-wrap\" data-dg-mode=\"signup\">\n        <button type=\"button\" class=\"daletguard-btn\">\ud83d\udd10 \ud83d\udc64 Create my account with a social network<\/button>\n        <pre class=\"daletguard-result\" aria-live=\"polite\"><\/pre>\n\n        <div class=\"daletguard-modal\" role=\"dialog\" aria-modal=\"true\" aria-label=\"Social verification\">\n            <div class=\"daletguard-modal-inner\">\n                <div class=\"daletguard-modal-head\">\n                    <strong>Social verification<\/strong>\n                    <button type=\"button\" class=\"daletguard-close\" aria-label=\"Close\">\u2715<\/button>\n                <\/div>\n                <iframe class=\"daletguard-iframe\"\n                        src=\"about:blank\"\n                        allow=\"publickey-credentials-get *; publickey-credentials-create *\"\n                        referrerpolicy=\"no-referrer\"><\/iframe>\n            <\/div>\n        <\/div>\n    <\/div>\n\n    <style>\n        #dg_AhY17yro .daletguard-btn { padding:12px 20px;background:#2c3e50;color:#fff;border:0;border-radius:4px;cursor:pointer;font-size:15px; }\n        #dg_AhY17yro .daletguard-btn:hover { background:#34495e; }\n        #dg_AhY17yro .daletguard-result { margin-top:12px;padding:0;background:transparent;color:#555;font-family:ui-monospace,monospace;white-space:pre-wrap;word-break:break-word; }\n        #dg_AhY17yro .daletguard-result.ok  { padding:10px;background:#d4edda;color:#155724;border-radius:4px; }\n        #dg_AhY17yro .daletguard-result.err { padding:10px;background:#f8d7da;color:#721c24;border-radius:4px; }\n        #dg_AhY17yro .daletguard-modal { display:none;position:fixed;inset:0;background:rgba(0,0,0,.6);z-index:9999;align-items:center;justify-content:center; }\n        #dg_AhY17yro .daletguard-modal.open { display:flex; }\n        #dg_AhY17yro .daletguard-modal-inner { background:#fff;padding:16px;border-radius:8px;width:440px;max-width:95vw; }\n        #dg_AhY17yro .daletguard-modal-head { display:flex;justify-content:space-between;align-items:center;margin-bottom:8px; }\n        #dg_AhY17yro .daletguard-close { border:0;background:transparent;font-size:22px;line-height:1;cursor:pointer;color:#666; }\n        #dg_AhY17yro .daletguard-iframe { width:100%;height:520px;border:1px solid #ddd;border-radius:4px; }\n    <\/style>\n\n    <script>\n    (function(){\n        const ROOT    = document.getElementById(\"dg_AhY17yro\");\n        if (!ROOT) return;\n        const btn     = ROOT.querySelector('.daletguard-btn');\n        const result  = ROOT.querySelector('.daletguard-result');\n        const modal   = ROOT.querySelector('.daletguard-modal');\n        const iframe  = ROOT.querySelector('.daletguard-iframe');\n        const close   = ROOT.querySelector('.daletguard-close');\n        const AJAX    = \"https:\\\/\\\/merchant.cubis-helios.com\\\/wp-admin\\\/admin-ajax.php\";\n        const DALET   = \"https:\\\/\\\/daletguard.com\";\n        const DALET_ORIGIN = new URL(DALET).origin;\n\n        function setResult(text, cls) {\n            result.className = 'daletguard-result' + (cls ? ' ' + cls : '');\n            result.textContent = text;\n        }\n        function openModal()  { modal.classList.add('open'); }\n        function closeModal() { modal.classList.remove('open'); iframe.src = 'about:blank'; }\n\n        close.addEventListener('click', closeModal);\n        modal.addEventListener('click', (e) => { if (e.target === modal) closeModal(); });\n\n        btn.addEventListener('click', async () => {\n            setResult('Initializing daletguard session\u2026');\n            try {\n                const body = new URLSearchParams({\n                    action: 'daletguard_init_session',\n                    mode:   ROOT.dataset.dgMode,\n                });\n                const res  = await fetch(AJAX, { method:'POST', credentials:'same-origin', body });\n                const data = await res.json();\n                if (!res.ok || !data.iframe_url) {\n                    throw new Error(data.error || ('HTTP ' + res.status));\n                }\n                setResult('Session ' + data.session_id + '\\nOpening iframe\u2026');\n                iframe.src = data.iframe_url;\n                openModal();\n            } catch (e) {\n                setResult('\u274c Init error: ' + e.message, 'err');\n            }\n        });\n\n        window.addEventListener('message', (ev) => {\n            \/\/ Whitelist stricte de l'origin : n'accepte que les messages venant de daletguard.com.\n            if (ev.origin !== DALET_ORIGIN) return;\n            const msg = ev.data || {};\n            if (msg.type === 'SOCIAL_AUTH_SUCCESS') {\n                setResult('\u2705 OAuth OK\\nnetwork: ' + msg.network + '\\nsession_id: ' + msg.session_id, 'ok');\n                setTimeout(closeModal, 1000);\n            } else if (msg.type === 'SOCIAL_AUTH_ERROR') {\n                setResult('\u274c OAuth error: ' + (msg.error || 'unknown'), 'err');\n                setTimeout(closeModal, 1500);\n            } else if (msg.type === 'SOCIAL_AUTH_CLOSE') {\n                closeModal();\n            }\n        });\n    })();\n    <\/script>\n    \n\n\n\n<h2 class=\"wp-block-heading\">3. What to watch for<\/h2>\n\n\n\n<ul>\n<li>On click, the status line switches to <em>&#8220;Initializing daletguard session\u2026&#8221;<\/em> \u2014 that&#8217;s the server-side AJAX call to <code>\/api\/v1\/session\/init<\/code>.<\/li>\n<li>A modal opens, the iframe loads <code>https:\/\/daletguard.com\/iframe?token=...<\/code> and displays the list of available OAuth providers.<\/li>\n<li>After choosing a provider (e.g. <strong>Google<\/strong> or <strong>Microsoft<\/strong>), a popup window opens with the provider&#8217;s consent screen, then returns to daletguard.<\/li>\n<li>On success, the popup stays open to display the full raw JSON payload collected from the provider (on the daletguard side), while the merchant modal shows <code>\u2705 OAuth OK<\/code> with the <code>session_id<\/code> and <code>network<\/code>.<\/li>\n<li>The Bearer <code>session_token<\/code> (moteur API key) must <strong>never<\/strong> appear in the browser dev tools \u2014 it stays server-side on WordPress.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">4. Server-side verification<\/h2>\n\n\n\n<p>Once the modal has closed successfully, fetch the collected data from a terminal (replace <code>&lt;SID&gt;<\/code> with the displayed <code>session_id<\/code>):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>curl -H \"Authorization: Bearer dev-api-key\" \\\n  https:\/\/daletguard.com\/api\/v1\/session\/&lt;SID&gt;\/data | jq<\/code><\/pre>\n\n\n\n<p>The returned JSON should contain an <code>authentications<\/code> array with at least one entry for the chosen provider, including its <code>email<\/code>, <code>sub<\/code>, <code>name<\/code>, and any extended data (birthday, phones, addresses for Google via People API; <code>amr<\/code>\/<code>acr<\/code> MFA context for Microsoft via id_token).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">5. Common errors and hints<\/h2>\n\n\n\n<ul>\n<li><strong>Blank modal \/ blank iframe<\/strong> \u2192 browser console: likely a CSP <code>frame-ancestors<\/code> issue on the daletguard nginx side.<\/li>\n<li><strong>&#8220;Init error: HTTP 502&#8221;<\/strong> under the button \u2192 the <code>merchant-apache<\/code> container cannot reach <code>daletguard.com<\/code>, or the <code>DALETGUARD_MOTEUR_API_KEY<\/code> in the merchant docker-compose does not match <code>MOTEUR_API_KEY<\/code> on the daletguard side.<\/li>\n<li><strong>Google answers <code>redirect_uri_mismatch<\/code><\/strong> \u2192 in the Google Cloud Console, the authorized URI must be exactly <code>https:\/\/daletguard.com\/api\/v1\/auth\/google\/callback<\/code>.<\/li>\n<li><strong>Microsoft answers <code>AADSTS50011<\/code><\/strong> \u2192 same thing on Azure Portal \u2192 App registration \u2192 Authentication \u2192 redirect URI must be exactly <code>https:\/\/daletguard.com\/api\/v1\/auth\/microsoft\/callback<\/code>.<\/li>\n<li><strong>Iframe returns &#8220;invalid token&#8221;<\/strong> \u2192 the session_token has expired (default TTL = 10 min) or was already used. Click the button again to regenerate.<\/li>\n<li><strong><code>postMessage<\/code> is ignored<\/strong> \u2192 the origin is not whitelisted. Check that <code>DALETGUARD_BASE_URL<\/code> on the merchant side is exactly <code>https:\/\/daletguard.com<\/code> (no trailing slash, same scheme).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">6. Useful logs during the test<\/h2>\n\n\n\n<p>In a terminal on the daletguard server, keep running:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker compose logs -f fastapi<\/code><\/pre>\n\n\n\n<p>You should see, in order: <code>POST \/api\/v1\/session\/init<\/code>, <code>GET \/iframe<\/code>, <code>GET \/api\/v1\/auth\/networks<\/code>, <code>GET \/api\/v1\/auth\/{network}\/start \u2192 302<\/code>, then <code>GET \/api\/v1\/auth\/{network}\/callback \u2192 302<\/code>.<\/p>\n\n","protected":false},"excerpt":{"rendered":"<p>Daletguard test \u2014 Social anti-fraud verification This page is used to end-to-end test the daletguard integration from this merchant site to https:\/\/daletguard.com. The button below opens a modal containing an iframe hosted on daletguard.com, in which the user picks a social network and completes an OAuth flow. The result comes back to the page via [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=\/wp\/v2\/pages\/5"}],"collection":[{"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"replies":[{"embeddable":true,"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5"}],"version-history":[{"count":1,"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=\/wp\/v2\/pages\/5\/revisions"}],"predecessor-version":[{"id":6,"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=\/wp\/v2\/pages\/5\/revisions\/6"}],"wp:attachment":[{"href":"https:\/\/merchant.cubis-helios.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}