From 829110afe48c9e729373c56204aef59addb6c8d5 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Tue, 31 Oct 2017 16:33:02 +0000
Subject: [PATCH 01/12] Enhanced order status management

Implemented order status management for authorisation, capture, refund
and flag.
---
 Controller/Payment/Verify.php     |   3 +-
 Gateway/Config/Config.php         |  52 +++++++++++----
 Model/Service/CallbackService.php |   6 +-
 etc/adminhtml/system.xml          | 104 +++++++++++++++++++-----------
 etc/config.xml                    |  15 ++---
 5 files changed, 117 insertions(+), 63 deletions(-)

diff --git a/Controller/Payment/Verify.php b/Controller/Payment/Verify.php
index a3b64f37e..e0522e90a 100755
--- a/Controller/Payment/Verify.php
+++ b/Controller/Payment/Verify.php
@@ -243,8 +243,7 @@ public function placeLocalPaymentOrder() {
                                        ->setLastOrderStatus($order->getStatus());
             
                 // Update order status
-                $order->setState(\Magento\Sales\Model\Order::STATE_NEW);
-                $order->setStatus($this->gatewayConfig->getNewOrderStatus());
+                $order->setStatus($this->gatewayConfig->getOrderStatusCaptured());
 
                 // Set email sent
                 $order->setEmailSent(1);
diff --git a/Gateway/Config/Config.php b/Gateway/Config/Config.php
index 28c2bca32..8159d48da 100755
--- a/Gateway/Config/Config.php
+++ b/Gateway/Config/Config.php
@@ -23,7 +23,6 @@ class Config extends BaseConfig {
     const KEY_CC_TYPES = 'cctypes';
     const KEY_USE_CVV = 'useccv';
     const KEY_COUNTRY_CREDIT_CARD = 'countrycreditcard';
-
     const KEY_INTEGRATION = 'integration';
     const KEY_PUBLIC_KEY = 'public_key';
     const KEY_SECRET_KEY = 'secret_key';
@@ -32,39 +31,34 @@ class Config extends BaseConfig {
     const KEY_AUTO_CAPTURE_TIME = 'auto_capture_time';
     const KEY_VERIFY_3DSECURE = 'verify_3dsecure';
     const KEY_ATTEMPT_N3D = 'attemptN3D';
-
     const KEY_SANDBOX_API_URL = 'sandbox_api_url';
     const KEY_LIVE_API_URL = 'live_api_url';
-
     const KEY_SANDBOX_EMBEDDED_URL = 'sandbox_embedded_url';
     const KEY_SANDBOX_HOSTED_URL = 'sandbox_hosted_url';
     const KEY_LIVE_EMBEDDED_URL = 'live_embedded_url';
     const KEY_LIVE_HOSTED_URL = 'live_hosted_url';
-
     const MIN_AUTO_CAPTURE_TIME = 0;
     const MAX_AUTO_CAPTURE_TIME = 168;
-
-    CONST KEY_USE_DESCRIPTOR = 'descriptor_enable';
+    const KEY_USE_DESCRIPTOR = 'descriptor_enable';
     const KEY_DESCRIPTOR_NAME = 'descriptor_name';
     const KEY_DESCRIPTOR_CITY = 'descriptor_city';
-
     const CODE_3DSECURE = 'three_d_secure';
-
     const KEY_THEME_COLOR = 'theme_color';
     const KEY_BUTTON_LABEL = 'button_label';
-
     const KEY_NEW_ORDER_STATUS = 'new_order_status';
+    const KEY_ORDER_STATUS_AUTHORIZED = 'order_status_authorized';
+    const KEY_ORDER_STATUS_CAPTURED = 'order_status_captured';
+    const KEY_ORDER_STATUS_REFUNDED = 'order_status_refunded';
+    const KEY_ORDER_STATUS_FLAGGED = 'order_status_flagged';
     const KEY_ACCEPTED_CURRENCIES = 'accepted_currencies';
     const KEY_PAYMENT_CURRENCY = 'payment_currency';
     const KEY_CUSTOM_CURRENCY = 'custom_currency';
     const KEY_PAYMENT_MODE = 'payment_mode';
     const KEY_AUTO_GENERATE_INVOICE = 'auto_generate_invoice';
-
     const KEY_EMBEDDED_THEME = 'embedded_theme';
     const KEY_EMBEDDED_CSS = 'embedded_css';
     const KEY_CUSTOM_CSS = 'custom_css';
     const KEY_CSS_FILE = 'css_file';
-
     const KEY_VAULT_TITLE = 'checkout_com_cc_vault/title';
 
     /**
@@ -128,6 +122,42 @@ public function getNewOrderStatus() {
         return (string) $this->getValue(self::KEY_NEW_ORDER_STATUS);
     }
 
+    /**
+     * Returns the authorized order status.
+     *
+     * @return string
+     */
+    public function getOrderStatusAuthorized() {
+        return (string) $this->getValue(self::KEY_ORDER_STATUS_AUTHORIZED);
+    }
+
+    /**
+     * Returns the captured order status.
+     *
+     * @return string
+     */
+    public function getOrderStatusCaptured() {
+        return (string) $this->getValue(self::KEY_ORDER_STATUS_CAPTURED);
+    }
+
+    /**
+     * Returns the refunded order status.
+     *
+     * @return string
+     */
+    public function getOrderStatusRefunded() {
+        return (string) $this->getValue(self::KEY_ORDER_STATUS_REFUNDED);
+    }
+
+    /**
+     * Returns the flagged order status.
+     *
+     * @return string
+     */
+    public function getOrderStatusFlagged() {
+        return (string) $this->getValue(self::KEY_ORDER_STATUS_FLAGGED);
+    }
+
     /**
      * Returns the design settings.
      *
diff --git a/Model/Service/CallbackService.php b/Model/Service/CallbackService.php
index b37d67377..a20460041 100755
--- a/Model/Service/CallbackService.php
+++ b/Model/Service/CallbackService.php
@@ -136,8 +136,7 @@ public function run() {
             // Perform authorize complementary actions
             if ($commandName == 'authorize') {
                 // Update order status
-                $order->setState(\Magento\Sales\Model\Order::STATE_NEW);
-                $order->setStatus(\Magento\Sales\Model\Order::STATE_PENDING_PAYMENT);
+                $order->setStatus($this->gatewayConfig->getOrderStatusAuthorized());
 
                 // Delete comments history
                 foreach ($order->getAllStatusHistory() as $orderComment) {
@@ -158,8 +157,7 @@ public function run() {
             // Perform capture complementary actions
             if ($commandName == 'capture') {
                 // Update order status
-                $order->setState(\Magento\Sales\Model\Order::STATE_NEW);
-                $order->setStatus($this->gatewayConfig->getNewOrderStatus());
+                $order->setStatus($this->gatewayConfig->getOrderStatusCaptured());
 
                 // Create new comment
                 $newComment = 'Captured amount of ' . ChargeAmountAdapter::getStoreAmountOfCurrency($this->gatewayResponse['response']['message']['value'], $this->gatewayResponse['response']['message']['currency']) . ' ' . $this->gatewayResponse['response']['message']['currency'] .' Transaction ID: ' . $this->gatewayResponse['response']['message']['id'];
diff --git a/etc/adminhtml/system.xml b/etc/adminhtml/system.xml
index d4ca2c381..135770778 100755
--- a/etc/adminhtml/system.xml
+++ b/etc/adminhtml/system.xml
@@ -41,29 +41,13 @@
                         <config_path>payment/checkout_com/sort_order</config_path>
                     </field>
 
-                    <field id="new_order_status" translate="label comment" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
-                        <label>New order status</label>
-                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
-                        <config_path>payment/checkout_com/new_order_status</config_path>
-                        <comment>Select the status that should be used for new orders.</comment>
-                    </field>
-
-                    <field id="auto_generate_invoice" translate="label comment" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
-                        <label>Automatically generate invoice</label>
-                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
-                        <config_path>payment/checkout_com/auto_generate_invoice</config_path>
-                        <comment>
-                            When set to "Yes", an invoice will be generated automatically for the new order status selected above.
-                        </comment>
-                    </field>
-
-                    <field id="integration" translate="label" sortOrder="60" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="integration" translate="label" sortOrder="40" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Integration</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\Integration</source_model>
                         <config_path>payment/checkout_com/integration</config_path>
                     </field>
 
-                    <field id="payment_mode" translate="label" sortOrder="70" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="payment_mode" translate="label" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Payment mode</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\PaymentMode</source_model>
                         <config_path>payment/checkout_com/payment_mode</config_path>
@@ -72,7 +56,7 @@
                         </depends>
                     </field>
 
-                    <field id="theme_color" translate="label comment" type="text" sortOrder="80" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="theme_color" translate="label comment" type="text" sortOrder="60" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Theme color</label>
                         <config_path>payment/checkout_com/theme_color</config_path>
                         <comment>Provide a color code in hexadecimal format. Ex: #00b660.</comment>
@@ -81,7 +65,7 @@
                         </depends>
                     </field>     
 
-                 	<field id="button_label" translate="label" type="text" sortOrder="90" showInDefault="1" showInWebsite="1" showInStore="0">
+                 	<field id="button_label" translate="label" type="text" sortOrder="70" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Button label</label>
                         <config_path>payment/checkout_com/button_label</config_path>
                         <depends>
@@ -89,7 +73,7 @@
                         </depends>
                     </field>
 
-                    <field id="embedded_theme" translate="label" type="select" sortOrder="100" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="embedded_theme" translate="label" type="select" sortOrder="80" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Theme</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\EmbeddedTheme</source_model>
                         <config_path>payment/checkout_com/embedded_theme</config_path>
@@ -98,7 +82,7 @@
                         </depends>
                     </field>
 
-                    <field id="css_file" translate="label" sortOrder="110" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="css_file" translate="label" sortOrder="90" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>CSS file</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\CssFile</source_model>
                         <config_path>payment/checkout_com/css_file</config_path>
@@ -107,7 +91,7 @@
                         </depends>
                     </field>
 
-                    <field id="custom_css" translate="label comment" type="file" sortOrder="120" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="custom_css" translate="label comment" type="file" sortOrder="100" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Custom Css File</label>
                         <backend_model>CheckoutCom\Magento2\Model\Config\Backend\CustomCss</backend_model>
                         <base_url type="media" scope_info="1">checkout_com</base_url>
@@ -187,15 +171,63 @@
                     </field>
                 </group>
 
-                <group id="checkout_com_currency_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="4">
+                <group id="checkout_com_order_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="4">
+                    <label>New order Settings</label>
+
+                    <field id="new_order_status" translate="label comment" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>New order status</label>
+                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
+                        <config_path>payment/checkout_com/new_order_status</config_path>
+                        <comment>Select the status that should be used for new orders.</comment>
+                    </field>
+
+                    <field id="order_status_authorized" translate="label comment" type="select" sortOrder="10" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Authorization order status</label>
+                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
+                        <config_path>payment/checkout_com/order_status_authorized</config_path>
+                        <comment>Select the status that should be used for orders with successful payment authorisation.</comment>
+                    </field>
+
+                    <field id="order_status_captured" translate="label comment" type="select" sortOrder="20" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Capture order status</label>
+                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
+                        <config_path>payment/checkout_com/order_status_captured</config_path>
+                        <comment>Select the status that should be used for orders with successful payment capture.</comment>
+                    </field>
+
+                    <field id="order_status_refunded" translate="label comment" type="select" sortOrder="30" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Refund order status</label>
+                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
+                        <config_path>payment/checkout_com/order_status_refunded</config_path>
+                        <comment>Select the status that should be used for new orders with successful payment refund.</comment>
+                    </field>
+
+                    <field id="order_status_flagged" translate="label comment" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Flagged order status</label>
+                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
+                        <config_path>payment/checkout_com/order_status_flagged</config_path>
+                        <comment>Select the status that should be used for flagged orders.</comment>
+                    </field>
+
+                    <field id="auto_generate_invoice" translate="label comment" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Automatically generate invoice</label>
+                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                        <config_path>payment/checkout_com/auto_generate_invoice</config_path>
+                        <comment>
+                            When set to "Yes", an invoice will be generated automatically for the new order status selected above.
+                        </comment>
+                    </field>
+                </group>
+
+                <group id="checkout_com_currency_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="5">
                     <label>Currency Settings</label>
-                    <field id="payment_currency" translate="label" sortOrder="80" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="payment_currency" translate="label" sortOrder="0" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Payment Currency</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\PaymentCurrency</source_model>
                         <config_path>payment/checkout_com/payment_currency</config_path>
                     </field>
 
-                    <field id="custom_currency" translate="label comment" sortOrder="90" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="custom_currency" translate="label comment" sortOrder="10" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Custom Currency</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\CustomCurrency</source_model>
                         <config_path>payment/checkout_com/custom_currency</config_path>
@@ -205,7 +237,7 @@
                         <comment>If you select a single specific currency, please make sure the selected currency is available and activated in your merchant account. Contact your Checkout.com account manager or send an email to support@checkout.com for more information.</comment>
                     </field>
 
-                    <field id="accepted_currencies" translate="label comment" sortOrder="100" type="multiselect" showInDefault="1" showInWebsite="1" showInStore="0" canRestore="1">
+                    <field id="accepted_currencies" translate="label comment" sortOrder="20" type="multiselect" showInDefault="1" showInWebsite="1" showInStore="0" canRestore="1">
                         <label>Accepted Currencies</label>
                         <source_model>Magento\Config\Model\Config\Source\Locale\Currency</source_model>
                         <config_path>payment/checkout_com/accepted_currencies</config_path>
@@ -213,35 +245,35 @@
                    </field>
                 </group>
 
-                <group id="checkout_com_country_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="5">
+                <group id="checkout_com_country_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="6">
                     <label>Country Settings</label>
 
-                    <field id="allowspecific" translate="label" sortOrder="100" type="allowspecific" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="allowspecific" translate="label" sortOrder="0" type="allowspecific" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Payment from Applicable Countries</label>
                         <source_model>Magento\Payment\Model\Config\Source\Allspecificcountries</source_model>
                     </field>
 
-                    <field id="specificcountry" translate="label" sortOrder="110" type="multiselect" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="specificcountry" translate="label" sortOrder="10" type="multiselect" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Payment from Specific Countries</label>
                         <source_model>Magento\Directory\Model\Config\Source\Country</source_model>
                     </field>
                 </group>
 
-                <group id="checkout_com_account_keys" translate="label" showInDefault="1" showInWebsite="1" sortOrder="6">
+                <group id="checkout_com_account_keys" translate="label" showInDefault="1" showInWebsite="1" sortOrder="7">
                     <label>Account keys</label>
-                    <field id="public_key" translate="label" sortOrder="10" type="obscure" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="public_key" translate="label" sortOrder="0" type="obscure" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Public Key</label>
                         <backend_model>Magento\Config\Model\Config\Backend\Encrypted</backend_model>
                         <config_path>payment/checkout_com/public_key</config_path>
                     </field>
 
-                    <field id="secret_key" translate="label" sortOrder="20" type="obscure" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="secret_key" translate="label" sortOrder="10" type="obscure" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Secret Key</label>
                         <backend_model>Magento\Config\Model\Config\Backend\Encrypted</backend_model>
                         <config_path>payment/checkout_com/secret_key</config_path>
                     </field>
 
-                    <field id="private_shared_key" translate="label" sortOrder="30" type="obscure" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="private_shared_key" translate="label" sortOrder="20" type="obscure" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Private Shared Key</label>
                         <backend_model>Magento\Config\Model\Config\Backend\Encrypted</backend_model>
                         <config_path>payment/checkout_com/private_shared_key</config_path>
@@ -249,7 +281,7 @@
                     </field>
                 </group>
 
-                <group id="checkout_com_callback_urls" translate="label" showInDefault="1" showInWebsite="1" sortOrder="7">
+                <group id="checkout_com_callback_urls" translate="label" showInDefault="1" showInWebsite="1" sortOrder="8">
                     <label>Callbacks URLs</label>
 
                     <field id="webhook_url" translate="label" sortOrder="0" type="text" showInDefault="1" showInWebsite="1" showInStore="0">
@@ -268,7 +300,7 @@
                     </field>
                 </group>
 
-                <group id="checkout_com_descriptor" translate="label" showInDefault="1" showInWebsite="1" sortOrder="8">
+                <group id="checkout_com_descriptor" translate="label" showInDefault="1" showInWebsite="1" sortOrder="9">
                     <label>Dynamic Descriptor</label>
 
                     <field id="descriptor_enable" translate="label comment" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
diff --git a/etc/config.xml b/etc/config.xml
index 828f518ff..6066d5a5b 100755
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -19,46 +19,41 @@
                 <can_authorize_vault>1</can_authorize_vault>
                 <can_capture_vault>1</can_capture_vault>
                 <can_charge_details>1</can_charge_details>
-                <order_status>processing</order_status>
-                <new_order_status>complete</new_order_status>
+                <new_order_status>pending</new_order_status>
+                <order_status_authorized>pending_payment</order_status_authorized>
+                <order_status_captured>processing</order_status_captured>
+                <order_status_refunded>canceled</order_status_refunded>
+                <order_status_flagged>fraud</order_status_flagged>
                 <payment_currency>base_currency</payment_currency>
                 <custom_currency>USD</custom_currency>
                 <accepted_currencies>USD</accepted_currencies>
                 <attemptN3D>0</attemptN3D>
                 <auto_generate_invoice>1</auto_generate_invoice>
-
                 <theme_color>#00b660</theme_color>
                 <button_label>Pay Now</button_label>
                 <payment_mode>cards</payment_mode>
                 <embedded_theme>standard</embedded_theme>
                 <css_file>default</css_file>
                 <custom_css></custom_css>
-          
                 <environment>sandbox</environment>
                 <integration>hosted</integration>
                 <payment_action>authorize</payment_action>
                 <auto_capture>0</auto_capture>
                 <auto_capture_time>0</auto_capture_time>
-
                 <public_key backend_model="Magento\Config\Model\Config\Backend\Encrypted" />
                 <secret_key backend_model="Magento\Config\Model\Config\Backend\Encrypted" />
                 <private_shared_key backend_model="Magento\Config\Model\Config\Backend\Encrypted" />
- 
                 <sandbox_api_url><![CDATA[https://sandbox.checkout.com/api2/v2/]]></sandbox_api_url>
                 <live_api_url><![CDATA[https://api2.checkout.com/v2/]]></live_api_url>
-
                 <sandbox_embedded_url><![CDATA[https://cdn.checkout.com/v2/sandbox/js/checkout.js]]></sandbox_embedded_url>
                 <live_embedded_url><![CDATA[https://cdn.checkout.com/v2/js/checkout.js]]></live_embedded_url>
                 <embedded_css><![CDATA[https://cdn.checkout.com/v2/js/css/checkout.js.css]]></embedded_css>
-
                 <sandbox_hosted_url><![CDATA[https://secure1.checkout.com/sandbox/payment/]]></sandbox_hosted_url>
                 <live_hosted_url><![CDATA[https://secure1.checkout.com/payment/]]></live_hosted_url>
-
                 <sort_order>1</sort_order>
                 <debugReplaceKeys>public_key,secret_key</debugReplaceKeys>
                 <masked_fields>cvv,number</masked_fields>
                 <paymentInfoKeys>cc_type,cc_number,card_expiry_month,card_expiry_year,card_last_4,status,responseMessage,responseAdvancedInfo,responseCode,authCode,three_d_secure</paymentInfoKeys>
-
                 <useccv>1</useccv>
                 <save_card_check_amount>1.00</save_card_check_amount>
                 <save_card_check_currency>USD</save_card_check_currency>

From 756350b93d70403c2d036d0a5f44bc77805485f7 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Tue, 31 Oct 2017 16:54:06 +0000
Subject: [PATCH 02/12] Order comments override

Make order comments override optional in module config.
---
 Gateway/Config/Config.php         | 11 ++++++++++-
 Model/Service/CallbackService.php | 32 ++++++++++++++++++-------------
 etc/adminhtml/system.xml          | 12 +++++++++++-
 etc/config.xml                    |  1 +
 4 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/Gateway/Config/Config.php b/Gateway/Config/Config.php
index 8159d48da..10d99c02d 100755
--- a/Gateway/Config/Config.php
+++ b/Gateway/Config/Config.php
@@ -60,7 +60,7 @@ class Config extends BaseConfig {
     const KEY_CUSTOM_CSS = 'custom_css';
     const KEY_CSS_FILE = 'css_file';
     const KEY_VAULT_TITLE = 'checkout_com_cc_vault/title';
-
+    const KEY_ORDER_COMMENTS_OVERRIDE = 'order_comments_override';
     /**
      * @var array
      */
@@ -219,6 +219,15 @@ public function isActive() {
         return (bool) in_array($quote->getQuoteCurrencyCode(), $this->getAcceptedCurrencies());
     }
 
+    /**
+     * Determines if the core order comments need override.
+     *
+     * @return bool
+     */
+    public function overrideOrderComments() {
+        return (bool) $this->getValue(self::KEY_ORDER_COMMENTS_OVERRIDE);
+    }
+
     /**
      * Determines if debug mode is enabled.
      *
diff --git a/Model/Service/CallbackService.php b/Model/Service/CallbackService.php
index a20460041..6265150c1 100755
--- a/Model/Service/CallbackService.php
+++ b/Model/Service/CallbackService.php
@@ -114,6 +114,8 @@ public function run() {
         $order      = $this->getAssociatedOrder();
         $payment    = $order->getPayment();
 
+        $overrideComments = $this->gatewayConfig->overrideOrderComments();
+
         if($payment instanceof Payment) {
             $infoInstance = $payment->getMethodInstance()->getInfoInstance();
             $this->callbackMethod->setInfoInstance($infoInstance);
@@ -138,20 +140,21 @@ public function run() {
                 // Update order status
                 $order->setStatus($this->gatewayConfig->getOrderStatusAuthorized());
 
-                // Delete comments history
-                foreach ($order->getAllStatusHistory() as $orderComment) {
-                    $orderComment->delete();
-                } 
-
                 // Set email sent
                 $order->setEmailSent(1);
 
-                // Create new comment
-                $newComment = 'Authorized amount of ' . ChargeAmountAdapter::getStoreAmountOfCurrency($this->gatewayResponse['response']['message']['value'], $this->gatewayResponse['response']['message']['currency']) . ' ' . $this->gatewayResponse['response']['message']['currency'] .' Transaction ID: ' . $this->gatewayResponse['response']['message']['id'];
+                if ($overrideComments) {
+                    // Delete comments history
+                    foreach ($order->getAllStatusHistory() as $orderComment) {
+                        $orderComment->delete();
+                    } 
 
-                // Add the new comment
-                $order->addStatusToHistory($order->getStatus(), $newComment, $notify = true);
+                    // Create new comment
+                    $newComment = 'Authorized amount of ' . ChargeAmountAdapter::getStoreAmountOfCurrency($this->gatewayResponse['response']['message']['value'], $this->gatewayResponse['response']['message']['currency']) . ' ' . $this->gatewayResponse['response']['message']['currency'] .' Transaction ID: ' . $this->gatewayResponse['response']['message']['id'];
 
+                    // Add the new comment
+                    $order->addStatusToHistory($order->getStatus(), $newComment, $notify = true);
+                }
             }
 
             // Perform capture complementary actions
@@ -159,13 +162,16 @@ public function run() {
                 // Update order status
                 $order->setStatus($this->gatewayConfig->getOrderStatusCaptured());
 
-                // Create new comment
-                $newComment = 'Captured amount of ' . ChargeAmountAdapter::getStoreAmountOfCurrency($this->gatewayResponse['response']['message']['value'], $this->gatewayResponse['response']['message']['currency']) . ' ' . $this->gatewayResponse['response']['message']['currency'] .' Transaction ID: ' . $this->gatewayResponse['response']['message']['id'];
+                if ($overrideComments) {
+                    // Create new comment
+                    $newComment = 'Captured amount of ' . ChargeAmountAdapter::getStoreAmountOfCurrency($this->gatewayResponse['response']['message']['value'], $this->gatewayResponse['response']['message']['currency']) . ' ' . $this->gatewayResponse['response']['message']['currency'] .' Transaction ID: ' . $this->gatewayResponse['response']['message']['id'];
 
-                // Add the new comment
-                $order->addStatusToHistory($order->getStatus(), $newComment, $notify = true);
+                    // Add the new comment
+                    $order->addStatusToHistory($order->getStatus(), $newComment, $notify = true);
+                }
             }
 
+            // Save the order
             $this->orderRepository->save($order);
         }
     }
diff --git a/etc/adminhtml/system.xml b/etc/adminhtml/system.xml
index 135770778..d9b762aeb 100755
--- a/etc/adminhtml/system.xml
+++ b/etc/adminhtml/system.xml
@@ -172,7 +172,7 @@
                 </group>
 
                 <group id="checkout_com_order_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="4">
-                    <label>New order Settings</label>
+                    <label>Order Settings</label>
 
                     <field id="new_order_status" translate="label comment" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>New order status</label>
@@ -217,6 +217,16 @@
                             When set to "Yes", an invoice will be generated automatically for the new order status selected above.
                         </comment>
                     </field>
+
+                    <field id="order_comments_override" translate="label" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Override order comments</label>
+                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                        <config_path>payment/checkout_com/order_comments_override</config_path>
+                        <comment>
+                            Set to "Yes" when using multiple currencies to avoid orders being flagged as fraud by Magento core.
+                        </comment>
+                    </field>
+
                 </group>
 
                 <group id="checkout_com_currency_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="5">
diff --git a/etc/config.xml b/etc/config.xml
index 6066d5a5b..2ed437516 100755
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -24,6 +24,7 @@
                 <order_status_captured>processing</order_status_captured>
                 <order_status_refunded>canceled</order_status_refunded>
                 <order_status_flagged>fraud</order_status_flagged>
+                <order_comments_override>1</order_comments_override>
                 <payment_currency>base_currency</payment_currency>
                 <custom_currency>USD</custom_currency>
                 <accepted_currencies>USD</accepted_currencies>

From d02879ab6d041b9d96f8f99a95c9f1520cf387fb Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Tue, 31 Oct 2017 17:00:45 +0000
Subject: [PATCH 03/12] Updated module config comment

Updated the comment for the automatic invoice generation field.
---
 etc/adminhtml/system.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/etc/adminhtml/system.xml b/etc/adminhtml/system.xml
index d9b762aeb..b7489ae74 100755
--- a/etc/adminhtml/system.xml
+++ b/etc/adminhtml/system.xml
@@ -214,7 +214,7 @@
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/auto_generate_invoice</config_path>
                         <comment>
-                            When set to "Yes", an invoice will be generated automatically for the new order status selected above.
+                            When set to "Yes", an invoice will be generated automatically for the captured order status selected above.
                         </comment>
                     </field>
 

From 73d3fc5a5270003ead680d87c930b75b3dc02f80 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Tue, 7 Nov 2017 17:40:55 +0000
Subject: [PATCH 04/12] Pre and post auth order creation.

Added a feature to decide if order should be created before or after
payment authorisation.
---
 Controller/Payment/PlaceOrder.php             | 130 ++++++++++---
 Controller/Payment/PlaceOrderAjax.php         | 130 +++++++++++++
 Controller/Payment/Verify.php                 |  21 +--
 Gateway/Config/Config.php                     |  11 ++
 Gateway/Http/Client/AbstractTransaction.php   |  11 +-
 Gateway/Response/TransactionHandler.php       |  15 +-
 Model/Adminhtml/Source/OrderCreation.php      |  38 ++++
 Model/Resource/MobilePayment.php              |   3 -
 Model/Service/CallbackService.php             |  74 +++++---
 Model/Service/PaymentTokenService.php         |   8 +-
 Model/Service/TokenChargeService.php          | 173 ++++++++++++++++++
 Model/Service/TransactionService.php          |  74 ++++++++
 Model/Ui/ConfigProvider.php                   |   1 +
 etc/adminhtml/system.xml                      |  40 ++--
 etc/config.xml                                |   2 +
 .../view/payment/method-renderer/cc-form.js   |   5 +-
 .../view/payment/method-renderer/embedded.js  |   8 +-
 .../js/view/payment/method-renderer/hosted.js |  91 +++++++--
 18 files changed, 725 insertions(+), 110 deletions(-)
 create mode 100755 Controller/Payment/PlaceOrderAjax.php
 create mode 100644 Model/Adminhtml/Source/OrderCreation.php
 create mode 100755 Model/Service/TokenChargeService.php
 create mode 100755 Model/Service/TransactionService.php

diff --git a/Controller/Payment/PlaceOrder.php b/Controller/Payment/PlaceOrder.php
index c869903ee..798032c50 100755
--- a/Controller/Payment/PlaceOrder.php
+++ b/Controller/Payment/PlaceOrder.php
@@ -11,18 +11,34 @@
 namespace CheckoutCom\Magento2\Controller\Payment;
 
 use Magento\Framework\App\Action\Context;
-use Magento\Checkout\Model\Session;
+use Magento\Checkout\Model\Session as CheckoutSession;
 use Magento\Customer\Model\Session as CustomerSession;
 use CheckoutCom\Magento2\Gateway\Config\Config as GatewayConfig;
 use CheckoutCom\Magento2\Model\Service\OrderService;
 use Magento\Customer\Api\Data\GroupInterface;
+use Magento\Sales\Api\Data\OrderInterface;
+use CheckoutCom\Magento2\Model\Ui\ConfigProvider;
+use Magento\Sales\Model\Order\Payment\Transaction;
+use Magento\Sales\Model\Order\Payment\Transaction\BuilderInterface;
+use CheckoutCom\Magento2\Model\Service\TokenChargeService;
+use Magento\Sales\Model\Order\Email\Sender\OrderSender;
 
 class PlaceOrder extends AbstractAction {
 
     /**
-     * @var Session
+     * @var TokenChargeService
      */
-    protected $session;
+    protected $tokenChargeService;
+
+    /**
+     * @var CheckoutSession
+     */
+    protected $checkoutSession;
+
+    /**
+     * @var OrderInterface
+     */
+    protected $orderInterface;
 
     /**
      * @var OrderService
@@ -34,19 +50,39 @@ class PlaceOrder extends AbstractAction {
      */
     protected $customerSession;
 
+    /**
+     * @var OrderSender
+     */
+    private $orderSender;
+
     /**
      * PlaceOrder constructor.
      * @param Context $context
-     * @param Session $session
+     * @param CheckoutSession $checkoutSession
      * @param GatewayConfig $gatewayConfig
+     * @param OrderInterface $orderInterface
      * @param OrderService $orderService
+     * @param Order $orderManager
+     * @param OrderSender $orderSender
      */
-    public function __construct(Context $context, Session $session, GatewayConfig $gatewayConfig, OrderService $orderService, CustomerSession $customerSession) {
+    public function __construct(
+        Context $context,
+        CheckoutSession $checkoutSession,
+        GatewayConfig $gatewayConfig,
+        OrderService $orderService,
+        OrderInterface $orderInterface,
+        CustomerSession $customerSession,
+        TokenChargeService $tokenChargeService,
+        OrderSender $orderSender
+    ) {
         parent::__construct($context, $gatewayConfig);
 
-        $this->session          = $session;
-        $this->customerSession  = $customerSession;
-        $this->orderService     = $orderService;
+        $this->checkoutSession        = $checkoutSession;
+        $this->customerSession        = $customerSession;
+        $this->orderService           = $orderService;
+        $this->orderInterface         = $orderInterface;
+        $this->tokenChargeService     = $tokenChargeService;
+        $this->orderSender            = $orderSender;
     }
 
     /**
@@ -55,31 +91,70 @@ public function __construct(Context $context, Session $session, GatewayConfig $g
      * @return \Magento\Framework\Controller\Result\Redirect
      */
     public function execute() {
+
         // Retrieve the request parameters
-        $resultRedirect = $this->getResultRedirect();
-        $cardToken      = $this->getRequest()->getParam('cko-card-token');
-        $email          = $this->getRequest()->getParam('cko-context-id');
-        $agreement      = array_keys($this->getRequest()->getPostValue('agreement', []));
-        $quote          = $this->session->getQuote();
+        $params = array(
+            'cardToken' => $this->getRequest()->getParam('cko-card-token'),
+            'email' => $this->getRequest()->getParam('cko-context-id'),
+            'agreement' => array_keys($this->getRequest()->getPostValue('agreement', [])),
+            'quote' => $this->checkoutSession->getQuote()
+        );
+
+        $order = null;
+        if (isset($this->customerSession->getData('checkoutSessionData')['orderTrackId'])) {
+            $order = $this->orderInterface->loadByIncrementId($this->customerSession->getData('checkoutSessionData')['orderTrackId']);
+        }
+
+        if ($order) {
+            $this->updateOrder($params, $order);
+        }
+        else {
+            $this->createOrder($params);
+        }
+    }
+
+    public function updateOrder($params, $order) {
+
+        // Create the charge for order already placed
+        $updateSuccess = $this->tokenChargeService->sendChargeRequest($params['cardToken'], $order);
+
+        // Update payment data
+        $order = $this->updatePaymentData($order);
+
+        // Send email
+        if ($updateSuccess) {
+            $order->setEmailSent(1)->save();
+            $this->orderSender->send($order);
+        }
+        
+        // 3D Secure redirection if needed
+        if($this->gatewayConfig->isVerify3DSecure()) {
+            $this->place3DSecureRedirectUrl();
+            exit();
+        }
+
+        return $this->_redirect('checkout/onepage/success', ['_secure' => true]);
+    }
+
+    public function createOrder($params) {
 
         // Check for guest email
-        if ($quote->getCustomerEmail() === null
+        if ($params['quote']->getCustomerEmail() === null
             && $this->customerSession->isLoggedIn() === false
             && isset($this->customerSession->getData('checkoutSessionData')['customerEmail'])
-            && $this->customerSession->getData('checkoutSessionData')['customerEmail'] === $email) 
+            && $this->customerSession->getData('checkoutSessionData')['customerEmail'] === $params['email']) 
         {
-            $quote->setCustomerId(null)
-            ->setCustomerEmail($email)
+            $params['quote']->setCustomerId(null)
+            ->setCustomerEmail($params['email'])
             ->setCustomerIsGuest(true)
             ->setCustomerGroupId(GroupInterface::NOT_LOGGED_IN_ID);
         }
 
         // Perform quote and order validation
         try {
-
             // Create an order from the quote
-            $this->validateQuote($quote);
-            $this->orderService->execute($quote, $cardToken, $agreement);
+            $this->validateQuote($params['quote']);
+            $this->orderService->execute($params['quote'], $params['cardToken'], $params['agreement']);
 
             // 3D Secure redirection if needed
             if($this->gatewayConfig->isVerify3DSecure()) {
@@ -87,13 +162,22 @@ public function execute() {
                 exit();
             }
 
-            return $resultRedirect->setPath('checkout/onepage/success', ['_secure' => true]);
+            return $this->_redirect('checkout/onepage/success', ['_secure' => true]);
 
         } catch (\Exception $e) {
             $this->messageManager->addExceptionMessage($e, $e->getMessage());
         }
 
-        return $resultRedirect->setPath('checkout/cart', ['_secure' => true]);
+        return $this->_redirect('checkout/cart', ['_secure' => true]);
+    }
+
+    public function updatePaymentData($order) {
+        $payment = $order->getPayment();
+        $payment->setMethod(ConfigProvider::CODE); 
+        $payment->save();
+        $order->save();
+
+        return $order;
     }
 
     /**
@@ -104,7 +188,7 @@ public function execute() {
     public function place3DSecureRedirectUrl() {
         echo '<script type="text/javascript">';
         echo 'function waitForElement() {';
-        echo 'var redirectUrl = "' . $this->session->get3DSRedirect() . '";';
+        echo 'var redirectUrl = "' . $this->checkoutSession->get3DSRedirect() . '";';
         echo 'if (redirectUrl.length != 0){ window.location.replace(redirectUrl); }';
         echo 'else { setTimeout(waitForElement, 250); }';
         echo '} ';
diff --git a/Controller/Payment/PlaceOrderAjax.php b/Controller/Payment/PlaceOrderAjax.php
new file mode 100755
index 000000000..6d174dfa8
--- /dev/null
+++ b/Controller/Payment/PlaceOrderAjax.php
@@ -0,0 +1,130 @@
+<?php
+/**
+ * Checkout.com Magento 2 Payment module (https://www.checkout.com)
+ *
+ * Copyright (c) 2017 Checkout.com (https://www.checkout.com)
+ * Author: David Fiaty | integration@checkout.com
+ *
+ * License GNU/GPL V3 https://www.gnu.org/licenses/gpl-3.0.en.html
+ */
+
+namespace CheckoutCom\Magento2\Controller\Payment;
+
+use Magento\Framework\App\Action\Context;
+use Magento\Checkout\Model\Session as CheckoutSession;
+use Magento\Customer\Model\Session as CustomerSession;
+use CheckoutCom\Magento2\Gateway\Config\Config as GatewayConfig;
+use CheckoutCom\Magento2\Model\Service\OrderService;
+use Magento\Customer\Api\Data\GroupInterface;
+use Magento\Quote\Model\QuoteManagement;
+use CheckoutCom\Magento2\Model\Ui\ConfigProvider;
+use Magento\Framework\Controller\Result\JsonFactory;
+
+class PlaceOrderAjax extends AbstractAction {
+
+    /**
+     * @var QuoteManagement
+     */
+    protected $quoteManagement;
+
+    /**
+     * @var CheckoutSession
+     */
+    protected $checkoutSession;
+
+    /**
+     * @var OrderService
+     */
+    protected $orderService;
+
+    /**
+     * @var CustomerSession
+     */
+    protected $customerSession;
+
+    /**
+     * @var JsonFactory
+     */
+    protected $resultJsonFactory;
+
+    /**
+     * PlaceOrder constructor.
+     * @param Context $context
+     * @param CheckoutSession $checkoutSession
+     * @param GatewayConfig $gatewayConfig
+     * @param OrderService $orderService
+     * @param JsonFactory $resultJsonFactory
+     */
+    public function __construct(
+        Context $context,
+        CheckoutSession $checkoutSession,
+        GatewayConfig $gatewayConfig,
+        OrderService $orderService,
+        CustomerSession $customerSession,
+        QuoteManagement $quoteManagement, 
+        JsonFactory $resultJsonFactory
+    ) {
+        parent::__construct($context, $gatewayConfig);
+
+        $this->checkoutSession   = $checkoutSession;
+        $this->customerSession   = $customerSession;
+        $this->orderService      = $orderService;
+        $this->quoteManagement   = $quoteManagement;
+        $this->resultJsonFactory = $resultJsonFactory;
+    }
+
+    /**
+     * Handles the controller method.
+     *
+     * @return \Magento\Framework\Controller\Result\Redirect
+     */
+    public function execute() {
+        // Prepare the redirection
+        $resultRedirect = $this->getResultRedirect();
+
+        // Load the customer quote
+        $quote          = $this->checkoutSession->getQuote();
+
+        // Retrieve the request parameters
+        $cardToken      = $this->getRequest()->getParam('cko-card-token');
+        $email          = $this->getRequest()->getParam('cko-context-id');
+        $agreement      = array_keys($this->getRequest()->getPostValue('agreement', []));
+
+        // Check for guest email
+        if ($quote->getCustomerEmail() === null
+            && $this->customerSession->isLoggedIn() === false
+            && isset($this->customerSession->getData('checkoutSessionData')['customerEmail'])
+        ) 
+        {
+            $quote->setCustomerId(null)
+            ->setCustomerEmail($email)
+            ->setCustomerIsGuest(true)
+            ->setCustomerGroupId(GroupInterface::NOT_LOGGED_IN_ID)
+            ->save();
+        }
+
+        // Prepare session quote info for redirection after payment
+        $this->checkoutSession
+        ->setLastQuoteId($quote->getId())
+        ->setLastSuccessQuoteId($quote->getId())
+        ->clearHelperData();
+
+        // Set payment
+        $quote->getPayment()->setMethod('substitution');
+        $quote->collectTotals()->save();
+
+        // Create the order
+        $order = $this->quoteManagement->submit($quote);
+
+        // Prepare session order info for redirection after payment
+        if ($order) {
+            $this->checkoutSession->setLastOrderId($order->getId())
+                               ->setLastRealOrderId($order->getIncrementId())
+                               ->setLastOrderStatus($order->getStatus());
+        }
+        
+        return $this->resultJsonFactory->create()->setData([
+            'trackId' => $order->getIncrementId()
+        ]);
+    }
+}
diff --git a/Controller/Payment/Verify.php b/Controller/Payment/Verify.php
index e0522e90a..e9e5cd624 100755
--- a/Controller/Payment/Verify.php
+++ b/Controller/Payment/Verify.php
@@ -144,17 +144,14 @@ public function __construct(
      * @throws LocalizedException
      */
     public function execute() {
-
         // Get the payment token from response
         $paymentToken = $this->extractPaymentToken();
 
         // Finalize the process
         return $this->finalizeProcess($paymentToken);
-
     }
 
     public function finalizeProcess($paymentToken) {
-
         // Process the gateway response
         $response = $this->verifyPaymentService->verifyPayment($paymentToken);
 
@@ -162,8 +159,8 @@ public function finalizeProcess($paymentToken) {
         $this->watchdog->bark($response);
 
         // If it's an alternative payment
-        if ((int) $response['chargeMode'] == 3) {
-            if ((int) $response['responseCode'] == 10000 || (int) $response['responseCode'] == 10100) {
+        if (isset($response['chargeMode']) && (int) $response['chargeMode'] == 3) {
+            if (isset($response['responseCode']) && (int) $response['responseCode'] == 10000 || (int) $response['responseCode'] == 10100) {
 
                 // Place a local payment order
                 $this->placeLocalPaymentOrder();
@@ -173,10 +170,9 @@ public function finalizeProcess($paymentToken) {
             }
         }
 
-       // If it's a vault card id charge response
-        else if (isset($response['trackId']) && $response['udf1'] == 'cardIdCharge') {
-
-            if ((int) $response['responseCode'] == 10000) {
+        // If it's a vault card id charge response
+        else if (isset($response['udf1']) && $response['udf1'] == 'cardIdCharge') {
+            if (isset($response['responseCode']) && (int) $response['responseCode'] == 10000) {
                 $this->messageManager->addSuccessMessage( __('Order successfully processed.') );
             }
             else {
@@ -188,13 +184,12 @@ public function finalizeProcess($paymentToken) {
 
         // Else proceed normally for 3D Secure
         else {
-
-            if ($response['udf2'] == 'storeInVaultOnSuccess') {
+            if (isset($response['udf2']) && $response['udf2'] == 'storeInVaultOnSuccess') {
                 $this->vaultCardAfterThreeDSecure( $response );
             }
 
             // Check for declined transactions
-            if ($response['status'] === 'Declined') {
+            if (isset($response['status']) && $response['status'] === 'Declined') {
                 throw new LocalizedException(__('The transaction has been declined.'));
             }
 
@@ -225,7 +220,7 @@ public function placeLocalPaymentOrder() {
 
         // Set payment
         $payment = $quote->getPayment();
-        $payment->setMethod(ConfigProvider::CODE);
+        $payment->setMethod('checkmo');
         $quote->save();
 
         // Save the quote
diff --git a/Gateway/Config/Config.php b/Gateway/Config/Config.php
index 10d99c02d..82cb2524e 100755
--- a/Gateway/Config/Config.php
+++ b/Gateway/Config/Config.php
@@ -61,6 +61,8 @@ class Config extends BaseConfig {
     const KEY_CSS_FILE = 'css_file';
     const KEY_VAULT_TITLE = 'checkout_com_cc_vault/title';
     const KEY_ORDER_COMMENTS_OVERRIDE = 'order_comments_override';
+    const KEY_ORDER_CREATION = 'order_creation';
+
     /**
      * @var array
      */
@@ -409,6 +411,15 @@ public function getCssFile() {
         return (string) $this->getValue(self::KEY_CSS_FILE);
     }
 
+    /**
+     * Returns the new order creation setting.
+     *
+     * @return string
+     */
+    public function getOrderCreation() {
+        return (string) $this->getValue(self::KEY_ORDER_CREATION);
+    }
+
     /**
      * Returns the custom CSS URL for embedded integration.
      *
diff --git a/Gateway/Http/Client/AbstractTransaction.php b/Gateway/Http/Client/AbstractTransaction.php
index 98389b904..6ccf8a090 100755
--- a/Gateway/Http/Client/AbstractTransaction.php
+++ b/Gateway/Http/Client/AbstractTransaction.php
@@ -84,7 +84,16 @@ abstract class AbstractTransaction implements ClientInterface {
      * @param ManagerInterface $messageManager
      * @param GatewayResponseHolder $gatewayResponseHolder
      */
-    public function __construct(Logger $logger, ZendClient $clientFactory, ManagerInterface $messageManager, GatewayResponseHolder $gatewayResponseHolder, Cart $cart, CartManagementInterface $cartManagement, QuoteManagement $quoteManagement, CustomerSession $customerSession) {
+    public function __construct(
+        Logger $logger,
+        ZendClient $clientFactory,
+        ManagerInterface $messageManager,
+        GatewayResponseHolder $gatewayResponseHolder,
+        Cart $cart,
+        CartManagementInterface $cartManagement,
+        QuoteManagement $quoteManagement,
+        CustomerSession $customerSession
+    ) {
         $this->logger                   = $logger;
         $this->clientFactory            = $clientFactory;
         $this->messageManager           = $messageManager;
diff --git a/Gateway/Response/TransactionHandler.php b/Gateway/Response/TransactionHandler.php
index 33035be40..65cd901fe 100755
--- a/Gateway/Response/TransactionHandler.php
+++ b/Gateway/Response/TransactionHandler.php
@@ -64,9 +64,16 @@ class TransactionHandler implements HandlerInterface {
 
     protected $messageManager;
 
-    public function __construct(Session $session, VaultTokenFactory $vaultTokenFactory, 
-            PaymentTokenRepositoryInterface $paymentTokenRepository, PaymentTokenManagementInterface $paymentTokenManagement, CustomerSession $customerSession, 
-ManagerInterface $messageManager, VerifyPaymentService $verifyPaymentService, Watchdog $watchdog) {
+    public function __construct(
+        Session $session,
+        VaultTokenFactory $vaultTokenFactory,
+        PaymentTokenRepositoryInterface $paymentTokenRepository,
+        PaymentTokenManagementInterface $paymentTokenManagement,
+        CustomerSession $customerSession, 
+        ManagerInterface $messageManager,
+        VerifyPaymentService $verifyPaymentService,
+        Watchdog $watchdog
+    ) {
         $this->session = $session;
         $this->vaultTokenFactory    = $vaultTokenFactory;
         $this->paymentTokenRepository   = $paymentTokenRepository;
@@ -134,7 +141,7 @@ public function handle(array $handlingSubject, array $response) {
             $payment->setIsTransactionClosed(true);
         }
 
-        // Prepare 3D Secure redirection with session variable
+        // Prepare 3D Secure redirection with session variable for post auth order
         if (array_key_exists(self::REDIRECT_URL, $response)) {
             
             // Get the 3DS redirection URL
diff --git a/Model/Adminhtml/Source/OrderCreation.php b/Model/Adminhtml/Source/OrderCreation.php
new file mode 100644
index 000000000..c69fb8bec
--- /dev/null
+++ b/Model/Adminhtml/Source/OrderCreation.php
@@ -0,0 +1,38 @@
+<?php
+/**
+ * Checkout.com Magento 2 Payment module (https://www.checkout.com)
+ *
+ * Copyright (c) 2017 Checkout.com (https://www.checkout.com)
+ * Author: David Fiaty | integration@checkout.com
+ *
+ * License GNU/GPL V3 https://www.gnu.org/licenses/gpl-3.0.en.html
+ */
+
+namespace CheckoutCom\Magento2\Model\Adminhtml\Source;
+
+use Magento\Framework\Option\ArrayInterface;
+
+class OrderCreation implements ArrayInterface {
+
+    const BEFORE_AUTH = 'before_auth';
+    const AFTER_AUTH = 'after_auth';
+
+    /**
+     * Possible environment types
+     *
+     * @return array
+     */
+    public function toOptionArray() {
+        return [
+            [
+                'value' => self::BEFORE_AUTH,
+                'label' => 'Before authorization'
+            ],
+            [
+                'value' => self::AFTER_AUTH,
+                'label' => 'After authorization'
+            ]        
+        ];
+    }
+
+}
\ No newline at end of file
diff --git a/Model/Resource/MobilePayment.php b/Model/Resource/MobilePayment.php
index 6cc98fed2..90cc2d54c 100755
--- a/Model/Resource/MobilePayment.php
+++ b/Model/Resource/MobilePayment.php
@@ -174,7 +174,6 @@ private function prepareProductsForGateway() {
 
             // If the product id is valid
             if ((int) $product->id > 0) {
-
                 // Load the product object
                 $p = $this->productManager->load($product->id);
 
@@ -183,8 +182,6 @@ private function prepareProductsForGateway() {
                     'name' => $p->getName(),
                     'price' => number_format($p->getPrice(), 2),
                     'quantity' => (int) $product->quantity,
-                    //'description' => $p->getData('description'),
-                    //'image' => null,
                 );
             }
         }
diff --git a/Model/Service/CallbackService.php b/Model/Service/CallbackService.php
index 6265150c1..ce21d7d67 100755
--- a/Model/Service/CallbackService.php
+++ b/Model/Service/CallbackService.php
@@ -10,25 +10,24 @@
 
 namespace CheckoutCom\Magento2\Model\Service;
 
+use DomainException;
 use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\App\ObjectManager;
 use Magento\Sales\Api\OrderRepositoryInterface;
 use Magento\Sales\Model\Order\Payment;
 use Magento\Sales\Model\OrderFactory;
+use Magento\Sales\Model\Service\InvoiceService;
+use Magento\Sales\Model\Order\Invoice;
+use Magento\Sales\Api\InvoiceRepositoryInterface;
+use Magento\Customer\Model\CustomerFactory;
+use Magento\Store\Model\StoreManagerInterface;
 use CheckoutCom\Magento2\Model\Adapter\CallbackEventAdapter;
 use CheckoutCom\Magento2\Model\Adapter\ChargeAmountAdapter;
 use CheckoutCom\Magento2\Model\GatewayResponseHolder;
 use CheckoutCom\Magento2\Model\GatewayResponseTrait;
 use CheckoutCom\Magento2\Model\Method\CallbackMethod;
-use DomainException;
-
 use CheckoutCom\Magento2\Gateway\Config\Config as GatewayConfig;
-use Magento\Sales\Model\Service\InvoiceService;
-use Magento\Sales\Model\Order\Invoice;
-use Magento\Sales\Api\InvoiceRepositoryInterface;
 use CheckoutCom\Magento2\Model\Service\StoreCardService;
-use Magento\Customer\Model\CustomerFactory;
-use Magento\Store\Model\StoreManagerInterface;
 
 class CallbackService {
 
@@ -69,8 +68,19 @@ class CallbackService {
      */
     protected $invoiceRepository;
 
+    /**
+     * @var StoreCardService
+     */
     protected $storeCardService;
+
+    /**
+     * @var CustomerFactory
+     */
     protected $customerFactory;
+
+    /**
+     * @var StoreManagerInterface
+     */
     protected $storeManager;
 
     /**
@@ -80,7 +90,18 @@ class CallbackService {
      * @param OrderFactory $orderFactory
      * @param OrderRepositoryInterface $orderRepository
      */
-    public function __construct(CallbackMethod $callbackMethod, CallbackEventAdapter $eventAdapter, OrderFactory $orderFactory, OrderRepositoryInterface $orderRepository, GatewayConfig $gatewayConfig, InvoiceService $invoiceService, InvoiceRepositoryInterface $invoiceRepository, StoreCardService $storeCardService, CustomerFactory $customerFactory, StoreManagerInterface $storeManager) {
+    public function __construct(
+        CallbackMethod $callbackMethod,
+        CallbackEventAdapter $eventAdapter,
+        OrderFactory $orderFactory,
+        OrderRepositoryInterface $orderRepository,
+        GatewayConfig $gatewayConfig,
+        InvoiceService $invoiceService,
+        InvoiceRepositoryInterface $invoiceRepository,
+        StoreCardService $storeCardService,
+        CustomerFactory $customerFactory,
+        StoreManagerInterface $storeManager
+    ) {
         $this->callbackMethod   = $callbackMethod;
         $this->eventAdapter     = $eventAdapter;
         $this->orderFactory     = $orderFactory;
@@ -100,49 +121,45 @@ public function __construct(CallbackMethod $callbackMethod, CallbackEventAdapter
      * @throws LocalizedException
      */
     public function run() {
-        if( ! $this->gatewayResponse) {
+        if(!$this->gatewayResponse) {
             throw new DomainException('The response is empty.');
         }
 
+        // Set the gateway response
         $this->callbackMethod->setGatewayResponse($this->gatewayResponse);
 
+        // Perform tasks and prepare data
         $commandName    = $this->getCommandName();
         $amount         = $this->getAmount();
-
-        $this->callbackMethod->validate();
-
         $order      = $this->getAssociatedOrder();
         $payment    = $order->getPayment();
 
+        // Get override comments setting from config
         $overrideComments = $this->gatewayConfig->overrideOrderComments();
 
-        if($payment instanceof Payment) {
+        // Process the payment
+        if ($payment instanceof Payment) {
+            // Prepare payment info
             $infoInstance = $payment->getMethodInstance()->getInfoInstance();
             $this->callbackMethod->setInfoInstance($infoInstance);
-
             $this->putGatewayResponseToHolder();
 
-            // Perform the required action on transaction
-            switch($commandName) {
-                case 'capture':
-                    $this->callbackMethod->capture($payment, $amount);
-                    break;
-                case 'refund':
-                    $this->callbackMethod->refund($payment, $amount);
-                    break;
-                case 'void':
-                    $this->callbackMethod->void($payment);
-                    break;
+            // Test the command name
+            if ($commandName == 'refund') {
+                $this->callbackMethod->refund($payment, $amount);
+            }
+            else if ($commandName == 'void') {
+                $this->callbackMethod->void($payment);
             }
-
             // Perform authorize complementary actions
-            if ($commandName == 'authorize') {
+            else if ($commandName == 'authorize') {
                 // Update order status
                 $order->setStatus($this->gatewayConfig->getOrderStatusAuthorized());
 
                 // Set email sent
                 $order->setEmailSent(1);
 
+                // Comments override
                 if ($overrideComments) {
                     // Delete comments history
                     foreach ($order->getAllStatusHistory() as $orderComment) {
@@ -158,10 +175,11 @@ public function run() {
             }
 
             // Perform capture complementary actions
-            if ($commandName == 'capture') {
+            else if ($commandName == 'capture') {
                 // Update order status
                 $order->setStatus($this->gatewayConfig->getOrderStatusCaptured());
 
+                // Comments override
                 if ($overrideComments) {
                     // Create new comment
                     $newComment = 'Captured amount of ' . ChargeAmountAdapter::getStoreAmountOfCurrency($this->gatewayResponse['response']['message']['value'], $this->gatewayResponse['response']['message']['currency']) . ' ' . $this->gatewayResponse['response']['message']['currency'] .' Transaction ID: ' . $this->gatewayResponse['response']['message']['id'];
diff --git a/Model/Service/PaymentTokenService.php b/Model/Service/PaymentTokenService.php
index 91887124c..f99f77f1a 100755
--- a/Model/Service/PaymentTokenService.php
+++ b/Model/Service/PaymentTokenService.php
@@ -59,7 +59,13 @@ class PaymentTokenService {
      * @param StoreManagerInterface $storeManager
      * @param Watchdog $watchdog
     */
-    public function __construct(GatewayConfig $gatewayConfig, TransferFactory $transferFactory, Session $checkoutSession, StoreManagerInterface $storeManager, Watchdog $watchdog) {
+    public function __construct(
+        GatewayConfig $gatewayConfig,
+        TransferFactory $transferFactory,
+        Session $checkoutSession,
+        StoreManagerInterface $storeManager,
+        Watchdog $watchdog
+    ) {
         $this->gatewayConfig    = $gatewayConfig;
         $this->transferFactory  = $transferFactory;
         $this->checkoutSession = $checkoutSession;
diff --git a/Model/Service/TokenChargeService.php b/Model/Service/TokenChargeService.php
new file mode 100755
index 000000000..b2732ba91
--- /dev/null
+++ b/Model/Service/TokenChargeService.php
@@ -0,0 +1,173 @@
+<?php
+/**
+ * Checkout.com Magento 2 Payment module (https://www.checkout.com)
+ *
+ * Copyright (c) 2017 Checkout.com (https://www.checkout.com)
+ * Author: David Fiaty | integration@checkout.com
+ *
+ * License GNU/GPL V3 https://www.gnu.org/licenses/gpl-3.0.en.html
+ */
+
+namespace CheckoutCom\Magento2\Model\Service;
+
+use Magento\Framework\HTTP\ZendClient;
+use Magento\Payment\Gateway\Http\TransferInterface;
+use Magento\Payment\Gateway\Http\ClientException;
+use Magento\Payment\Model\Method\Logger;
+use Magento\Framework\Message\ManagerInterface;
+use Magento\Checkout\Model\Session as CheckoutSession;
+use CheckoutCom\Magento2\Helper\Watchdog;
+use CheckoutCom\Magento2\Model\Adapter\ChargeAmountAdapter;
+use CheckoutCom\Magento2\Gateway\Http\TransferFactory;
+use CheckoutCom\Magento2\Gateway\Config\Config;
+
+class TokenChargeService {
+
+    const REDIRECT_URL = 'redirectUrl';
+
+    /**
+     * @var Logger
+     */
+    protected $logger;
+
+    /**
+     * @var GatewayConfig
+     */
+    protected $gatewayConfig;
+
+    /**
+     * @var TransferFactory
+     */
+    protected $transferFactory;
+
+    /**
+     * @var ManagerInterface
+     */
+    protected $messageManager;
+
+    /**
+     * @var Watchdog
+     */
+    protected $watchdog;
+
+    /**
+     * @var CheckoutSession
+     */
+    protected $checkoutSession;
+
+    public function __construct(
+        Config $gatewayConfig,
+        TransferFactory $transferFactory,
+        Logger $logger,
+        ManagerInterface $messageManager,
+        Watchdog $watchdog,
+        CheckoutSession $checkoutSession
+    ) {
+        $this->logger                   = $logger;
+        $this->gatewayConfig            = $gatewayConfig;
+        $this->transferFactory          = $transferFactory;
+        $this->messageManager           = $messageManager;
+        $this->watchdog                 = $watchdog;
+        $this->checkoutSession          = $checkoutSession;
+    }
+
+    public function sendChargeRequest($cardToken, $order) {
+        // Set the request parameters
+        $url = 'charges/token';
+        $method = 'POST';
+        $transfer = $this->transferFactory->create([
+            'autoCapTime'   => $this->gatewayConfig->getAutoCaptureTimeInHours(),
+            'autoCapture'   => $this->gatewayConfig->isAutoCapture() ? 'Y' : 'N',
+            'email'         => $order->getBillingAddress()->getEmail(),
+            'customerIp'    => $order->getRemoteIp(),
+            'chargeMode'    => $this->gatewayConfig->isVerify3DSecure() ? 2 : 1,
+            'attemptN3D'    => filter_var($this->gatewayConfig->isAttemptN3D(), FILTER_VALIDATE_BOOLEAN),
+            'customerName'  => $order->getCustomerName(),
+            'currency'      => ChargeAmountAdapter::getPaymentFinalCurrencyCode($order->getCurrencyCode()),
+            'value'         => $order->getGrandTotal()*100,
+            'trackId'       => $order->getIncrementId(),
+            'cardToken'     => $cardToken
+        ]);
+
+        // Handle the request
+        return $this->_handleRequest($url, $method, $transfer);
+    }
+
+    protected function _handleRequest($url, $method, $transfer) {
+        // Prepare log data
+        $log = [
+            'request'           => $transfer->getBody(),
+            'request_uri'       => $url,
+            'request_headers'   => $transfer->getHeaders(),
+            'request_method'    => $method,
+        ];
+
+        try {
+            // Send the request
+            $response           = $this->getHttpClient($url, $transfer)->request();
+            $result             = json_decode($response->getBody(), true);
+
+            // Handle the response
+            $result = $this->_handleResponse($result);
+
+            // Log the response
+            $log['response']    = $result;
+
+            return $result;
+        }
+        catch (Zend_Http_Client_Exception $e) {
+            throw new ClientException(__($e->getMessage()));
+        }
+        finally {
+            $this->logger->debug($log);
+        } 
+    }
+
+    protected function _handleResponse($response) {
+        // Debug info
+        $this->watchdog->bark($response);
+
+        // Handle response code
+        if (isset($response['responseCode']) && ((int) $response['responseCode'] == 10000 || (int) $response['responseCode'] == 10100)) {
+            // Prepare 3D Secure redirection with session variable for pre auth order
+            if (array_key_exists(self::REDIRECT_URL, $response)) {
+                
+                // Get the 3DS redirection URL
+                $redirectUrl = $response[self::REDIRECT_URL];
+                
+                // Set 3DS redirection in session for the PlaceOrder controller
+                $this->checkoutSession->set3DSRedirect($redirectUrl);
+
+                // Put the response in session for the PlaceOrder controller
+                $this->checkoutSession->setGatewayResponseId($response['id']);
+            }
+
+            return true;
+        }
+        else {
+            if (isset($response['responseMessage'])) {
+                $this->messageManager->addErrorMessage($response['responseMessage']);
+            }             
+        }
+
+        return false;
+    }
+
+    /**
+     * Returns prepared HTTP client.
+     *
+     * @param string $endpoint
+     * @param TransferInterface $transfer
+     * @return ZendClient
+     * @throws \Exception
+     */
+    private function getHttpClient($endpoint, TransferInterface $transfer) {
+        $client = new ZendClient($this->gatewayConfig->getApiUrl() . $endpoint);
+        $client->setMethod('POST');
+        $client->setRawData( json_encode( $transfer->getBody()) ) ;
+        $client->setHeaders($transfer->getHeaders());
+        $client->setUrlEncodeBody($transfer->shouldEncode());
+        
+        return $client;
+    }
+}
diff --git a/Model/Service/TransactionService.php b/Model/Service/TransactionService.php
new file mode 100755
index 000000000..cc2cfe460
--- /dev/null
+++ b/Model/Service/TransactionService.php
@@ -0,0 +1,74 @@
+<?php
+/**
+ * Checkout.com Magento 2 Payment module (https://www.checkout.com)
+ *
+ * Copyright (c) 2017 Checkout.com (https://www.checkout.com)
+ * Author: David Fiaty | integration@checkout.com
+ *
+ * License GNU/GPL V3 https://www.gnu.org/licenses/gpl-3.0.en.html
+ */
+
+namespace CheckoutCom\Magento2\Model\Service;
+
+use Magento\Sales\Model\Order\Payment\Transaction;
+use Magento\Sales\Model\Order\Payment\Transaction\BuilderInterface;
+use Magento\Framework\Message\ManagerInterface;
+use CheckoutCom\Magento2\Model\Ui\ConfigProvider;
+
+class TransactionService {
+
+    /**
+     * @var BuilderInterface
+     */
+    protected $transactionBuilder;
+
+    /**
+     * @var ManagerInterface
+     */
+    protected $messageManager;
+
+    /**
+     * TransactionService constructor.
+     * @param BuilderInterface $transactionBuilder
+     */
+    public function __construct(BuilderInterface $transactionBuilder, ManagerInterface $messageManager) {
+        $this->transactionBuilder = $transactionBuilder;
+        $this->messageManager     = $messageManager;
+    }
+
+    public function execute($order = null, $paymentData = array()) {
+        try {
+            // Prepare payment object
+            $payment = $order->getPayment();
+            $payment->setMethod(ConfigProvider::CODE); 
+            $payment->setLastTransId($paymentData['id']);
+            $payment->setTransactionId($paymentData['id']);
+            $payment->setAdditionalInformation([Transaction::RAW_DETAILS => (array) $paymentData]);
+
+            // Formatted price
+            $formatedPrice = $order->getBaseCurrency()->formatTxt($order->getGrandTotal());
+ 
+            // Prepare transaction
+            $transaction = $this->transactionBuilder->setPayment($payment)
+            ->setOrder($order)
+            ->setTransactionId($paymentData['id'])
+            ->setAdditionalInformation([Transaction::RAW_DETAILS => (array) $paymentData])
+            ->setFailSafe(true)
+            ->build(Transaction::TYPE_CAPTURE);
+ 
+            // Add transaction to payment
+            $payment->addTransactionCommentsToOrder($transaction, __('The authorized amount is %1.', $formatedPrice));
+            $payment->setParentTransactionId(null);
+
+            // Save payment, transaction and order
+            $payment->save();
+            $order->save();
+            $transaction->save();
+ 
+            return  $transaction->getTransactionId();
+
+        } catch (Exception $e) {
+            $this->messageManager->addExceptionMessage($e, $e->getMessage());
+        }
+    }
+}
diff --git a/Model/Ui/ConfigProvider.php b/Model/Ui/ConfigProvider.php
index fa99eb150..5d89d1188 100755
--- a/Model/Ui/ConfigProvider.php
+++ b/Model/Ui/ConfigProvider.php
@@ -96,6 +96,7 @@ public function getConfig() {
                     'css_file' => $this->config->getCssFile(),
                     'custom_css' => $this->config->getCustomCss(),
                     'vault_title' => $this->config->getVaultTitle(),
+                    'order_creation' => $this->config->getOrderCreation(),
                 ],
             ],
         ];
diff --git a/etc/adminhtml/system.xml b/etc/adminhtml/system.xml
index b7489ae74..4bc22072b 100755
--- a/etc/adminhtml/system.xml
+++ b/etc/adminhtml/system.xml
@@ -174,42 +174,60 @@
                 <group id="checkout_com_order_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="4">
                     <label>Order Settings</label>
 
-                    <field id="new_order_status" translate="label comment" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="order_creation" translate="label" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Order creation</label>
+                        <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderCreation</source_model>
+                        <config_path>payment/checkout_com/order_creation</config_path>
+                        <comment>
+                            Define if new orders should be created before or after payment authorization. Works with the Hosted integration only.
+                        </comment>
+                    </field>
+
+                    <field id="order_comments_override" translate="label" type="select" sortOrder="10" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Override order comments</label>
+                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                        <config_path>payment/checkout_com/order_comments_override</config_path>
+                        <comment>
+                            Set to "Yes" when using multiple currencies to avoid orders being flagged as fraud by Magento core.
+                        </comment>
+                    </field>
+
+                    <field id="new_order_status" translate="label comment" type="select" sortOrder="20" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>New order status</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
                         <config_path>payment/checkout_com/new_order_status</config_path>
                         <comment>Select the status that should be used for new orders.</comment>
                     </field>
 
-                    <field id="order_status_authorized" translate="label comment" type="select" sortOrder="10" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="order_status_authorized" translate="label comment" type="select" sortOrder="30" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Authorization order status</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
                         <config_path>payment/checkout_com/order_status_authorized</config_path>
                         <comment>Select the status that should be used for orders with successful payment authorisation.</comment>
                     </field>
 
-                    <field id="order_status_captured" translate="label comment" type="select" sortOrder="20" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="order_status_captured" translate="label comment" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Capture order status</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
                         <config_path>payment/checkout_com/order_status_captured</config_path>
                         <comment>Select the status that should be used for orders with successful payment capture.</comment>
                     </field>
 
-                    <field id="order_status_refunded" translate="label comment" type="select" sortOrder="30" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="order_status_refunded" translate="label comment" type="select" sortOrder="50" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Refund order status</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
                         <config_path>payment/checkout_com/order_status_refunded</config_path>
                         <comment>Select the status that should be used for new orders with successful payment refund.</comment>
                     </field>
 
-                    <field id="order_status_flagged" translate="label comment" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="order_status_flagged" translate="label comment" type="select" sortOrder="60" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Flagged order status</label>
                         <source_model>CheckoutCom\Magento2\Model\Adminhtml\Source\OrderStatus</source_model>
                         <config_path>payment/checkout_com/order_status_flagged</config_path>
                         <comment>Select the status that should be used for flagged orders.</comment>
                     </field>
 
-                    <field id="auto_generate_invoice" translate="label comment" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="auto_generate_invoice" translate="label comment" sortOrder="70" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Automatically generate invoice</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/auto_generate_invoice</config_path>
@@ -217,16 +235,6 @@
                             When set to "Yes", an invoice will be generated automatically for the captured order status selected above.
                         </comment>
                     </field>
-
-                    <field id="order_comments_override" translate="label" type="select" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="0">
-                        <label>Override order comments</label>
-                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
-                        <config_path>payment/checkout_com/order_comments_override</config_path>
-                        <comment>
-                            Set to "Yes" when using multiple currencies to avoid orders being flagged as fraud by Magento core.
-                        </comment>
-                    </field>
-
                 </group>
 
                 <group id="checkout_com_currency_settings" translate="label" showInDefault="1" showInWebsite="1" sortOrder="5">
diff --git a/etc/config.xml b/etc/config.xml
index 2ed437516..95d271520 100755
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -19,6 +19,7 @@
                 <can_authorize_vault>1</can_authorize_vault>
                 <can_capture_vault>1</can_capture_vault>
                 <can_charge_details>1</can_charge_details>
+                <order_creation>after_auth</order_creation>
                 <new_order_status>pending</new_order_status>
                 <order_status_authorized>pending_payment</order_status_authorized>
                 <order_status_captured>processing</order_status_captured>
@@ -28,6 +29,7 @@
                 <payment_currency>base_currency</payment_currency>
                 <custom_currency>USD</custom_currency>
                 <accepted_currencies>USD</accepted_currencies>
+                <verify_3dsecure>0</verify_3dsecure>
                 <attemptN3D>0</attemptN3D>
                 <auto_generate_invoice>1</auto_generate_invoice>
                 <theme_color>#00b660</theme_color>
diff --git a/view/frontend/web/js/view/payment/method-renderer/cc-form.js b/view/frontend/web/js/view/payment/method-renderer/cc-form.js
index eaf7585fc..1d5b757cd 100755
--- a/view/frontend/web/js/view/payment/method-renderer/cc-form.js
+++ b/view/frontend/web/js/view/payment/method-renderer/cc-form.js
@@ -19,9 +19,10 @@ define(
         'Magento_Checkout/js/model/quote',
         'Magento_Checkout/js/action/place-order',
         'CheckoutCom_Magento2/js/view/payment/response-strategy',
+        'Magento_Checkout/js/checkout-data',
         'Magento_Checkout/js/model/payment/additional-validators'
     ],
-    function ($, Component, VaultEnabler, CheckoutCom, quote, placeOrderAction, responseStrategy, additionalValidators) {
+    function ($, Component, VaultEnabler, CheckoutCom, quote, placeOrderAction, responseStrategy, checkoutData, additionalValidators) {
         'use strict';
 
         return Component.extend({
@@ -112,7 +113,7 @@ define(
              * @returns {string}
              */
             getEmailAddress: function() {
-                return window.checkoutConfig.customerData.email || quote.guestEmail;
+                return window.checkoutConfig.customerData.email || quote.guestEmail || checkoutData.getValidatedEmailValue();
             },
 
             /**
diff --git a/view/frontend/web/js/view/payment/method-renderer/embedded.js b/view/frontend/web/js/view/payment/method-renderer/embedded.js
index 73509bed0..f90a3250e 100755
--- a/view/frontend/web/js/view/payment/method-renderer/embedded.js
+++ b/view/frontend/web/js/view/payment/method-renderer/embedded.js
@@ -124,10 +124,13 @@ define(
              * @returns {void}
              */
             saveSessionData: function() {
+                // Get self
+                var self = this;
+
                 // Prepare the session data
                 var sessionData = {
                     saveShopperCard: $('#checkout_com_enable_vault').is(":checked"),
-                    customerEmail: checkoutData.getValidatedEmailValue()
+                    customerEmail: self.getEmailAddress()
                 };
 
                 // Send the session data to be saved
@@ -210,14 +213,13 @@ define(
                     theme: ckoTheme,
                     themeOverride: ckoThemeOverride,
                     cardTokenised: function(event) {
-
                         // Set the card token
                         self.setCardTokenId(event.data.cardToken);
 
+                        // Place order
                         if (threeds_enabled) {
                             window.location.replace(redirectUrl + '?cko-card-token=' + event.data.cardToken + '&cko-context-id=' + self.getEmailAddress());
                         } else {
-                            // Place order
                             self.placeOrder();
                         }
                     },
diff --git a/view/frontend/web/js/view/payment/method-renderer/hosted.js b/view/frontend/web/js/view/payment/method-renderer/hosted.js
index 626c51aaa..09e9a90f8 100755
--- a/view/frontend/web/js/view/payment/method-renderer/hosted.js
+++ b/view/frontend/web/js/view/payment/method-renderer/hosted.js
@@ -19,9 +19,10 @@ define(
         'Magento_Checkout/js/model/quote',
         'mage/url',
         'Magento_Checkout/js/checkout-data',
+        'Magento_Checkout/js/model/full-screen-loader',
         'Magento_Checkout/js/model/payment/additional-validators'
     ],
-    function ($, Component, VaultEnabler, CheckoutCom, quote, url, checkoutData, additionalValidators) {
+    function ($, Component, VaultEnabler, CheckoutCom, quote, url, checkoutData, fullScreenLoader, additionalValidators) {
         'use strict';
 
         window.checkoutConfig.reloadOnBillingAddress = true;
@@ -56,7 +57,7 @@ define(
             /**
              * @returns {string}
              */
-            getPaymentToken: function() {
+            getPaymentToken: function() {                
                 return CheckoutCom.getPaymentConfig()['payment_token'];
             },
 
@@ -64,7 +65,6 @@ define(
              * @returns {string}
              */
             getQuoteValue: function() {
-               //return CheckoutCom.getPaymentConfig()['quote_value'];
                return (quote.getTotals()().grand_total*100).toFixed(2);
             },
 
@@ -99,23 +99,25 @@ define(
             /**
              * @returns {void}
              */
-            saveSessionData: function() {                
-                // Prepare the session data
-                var sessionData = {
-                    saveShopperCard: $('#checkout_com_enable_vault').is(":checked"),
-                    customerEmail: checkoutData.getValidatedEmailValue()
-                };
-
+            saveSessionData: function(dataToSave) {                
                 // Send the session data to be saved
                 $.ajax({
                     url : url.build('checkout_com/shopper/sessionData'),
                     type: "POST",
-                    data : sessionData,
+                    data : dataToSave,
                     success: function(data, textStatus, xhr) { },
                     error: function (xhr, textStatus, error) { } // todo - improve error handling
                 });
             },
 
+            /**
+             * @returns {string}
+             */
+            proceedWithSubmission: function() {
+                // Submit the form
+                $('#checkout_com-hosted-form').submit();
+            },
+
             /**
              * @returns {string}
              */
@@ -125,11 +127,68 @@ define(
 
                 // Validate before submission
                 if (additionalValidators.validate()) {
-                    // Set the save card option in session
-                    self.saveSessionData();
-
-                    // Submit the form
-                    $('#checkout_com-hosted-form').submit();
+                    // Payment action
+                    if (CheckoutCom.getPaymentConfig()['order_creation'] == 'before_auth') {
+
+                        // Start the loader
+                        fullScreenLoader.startLoader();
+
+                        // Prepare the vars
+                        var ajaxRequest;
+                        var orderData = {
+                            "cko-card-token": null, 
+                            "cko-context-id": self.getEmailAddress(),
+                            "agreement": [true]
+                        };
+                        
+                        // Avoid duplicate requests
+                        if (ajaxRequest) {
+                            ajaxRequest.abort();
+                        }
+
+                        // Send the request
+                        ajaxRequest = $.ajax({
+                            url: url.build('checkout_com/payment/placeOrderAjax'),
+                            type: "post",
+                            data: orderData
+                        });
+
+                        // Callback handler on success
+                        ajaxRequest.done(function (response, textStatus, jqXHR){
+
+                            // Save order track id response object in session
+                            self.saveSessionData({
+                                saveShopperCard: $('#checkout_com_enable_vault').is(":checked"),
+                                customerEmail: self.getEmailAddress(),
+                                orderTrackId: response.trackId
+                            });
+
+                            // Proceed with submission
+                            fullScreenLoader.stopLoader();
+                            self.proceedWithSubmission();
+                        });
+
+                        // Callback handler on failure
+                        ajaxRequest.fail(function (jqXHR, textStatus, errorThrown){
+                            // Todo - improve error handling
+                        });
+
+                        // Callback handler always
+                        ajaxRequest.always(function () {
+                            // Stop the loader
+                            fullScreenLoader.stopLoader();
+                        });
+                    }
+                    else if (CheckoutCom.getPaymentConfig()['order_creation'] == 'after_auth') {
+                        // Save the session data
+                        self.saveSessionData({
+                            saveShopperCard: $('#checkout_com_enable_vault').is(":checked"),
+                            customerEmail: self.getEmailAddress()
+                        });
+
+                        // Proceed with submission
+                        self.proceedWithSubmission();
+                    }
                 }
             }
         });

From 3db346a8af0d8e5466e7d3b539e0d105eed9f280 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Wed, 8 Nov 2017 18:15:24 +0000
Subject: [PATCH 05/12] Email order adjustments

Removed transaction info from new order email.
---
 Observer/AddExtraDataToTransport.php | 32 ++++++++++++++++++++++++++++
 etc/di.xml                           |  1 -
 etc/events.xml                       |  3 +++
 3 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100755 Observer/AddExtraDataToTransport.php

diff --git a/Observer/AddExtraDataToTransport.php b/Observer/AddExtraDataToTransport.php
new file mode 100755
index 000000000..6dd613aec
--- /dev/null
+++ b/Observer/AddExtraDataToTransport.php
@@ -0,0 +1,32 @@
+<?php
+/**
+ * Checkout.com Magento 2 Payment module (https://www.checkout.com)
+ *
+ * Copyright (c) 2017 Checkout.com (https://www.checkout.com)
+ * Author: David Fiaty | integration@checkout.com
+ *
+ * License GNU/GPL V3 https://www.gnu.org/licenses/gpl-3.0.en.html
+ */
+
+namespace CheckoutCom\Magento2\Observer;
+
+use Magento\Framework\Event\ObserverInterface;
+use Magento\Framework\Event\Observer;
+use Magento\Framework\App\Config\ScopeConfigInterface;
+
+class AddExtraDataToTransport implements ObserverInterface {
+
+    public function __construct(ScopeConfigInterface $scopeConfig)
+    {
+        $this->scopeConfig = $scopeConfig;
+    }
+
+    public function execute(Observer $observer)
+    {
+        // Get the email content
+        $transport = $observer->getEvent()->getTransport();
+
+        // Override the payment information block
+        $transport['payment_html'] = $this->scopeConfig->getValue('payment/checkout_com/title');
+    }
+}
diff --git a/etc/di.xml b/etc/di.xml
index 58dddade0..ca571a520 100755
--- a/etc/di.xml
+++ b/etc/di.xml
@@ -1,6 +1,5 @@
 <?xml version="1.0"?>
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
-
     <!-- Payment Method Facade configuration -->
     <virtualType name="CheckoutComFacade" type="Magento\Payment\Model\Method\Adapter">
         <arguments>
diff --git a/etc/events.xml b/etc/events.xml
index d214069fe..19a2da817 100755
--- a/etc/events.xml
+++ b/etc/events.xml
@@ -3,4 +3,7 @@
     <event name="payment_method_assign_data_checkout_com">
         <observer name="checkout_com_gateway_data_assign" instance="CheckoutCom\Magento2\Observer\DataAssignObserver" />
     </event>
+    <event name="email_order_set_template_vars_before">
+        <observer name="add_extra_data_to_transport" instance="CheckoutCom\Magento2\Observer\AddExtraDataToTransport" />
+    </event>
 </config>

From a89724b4fb8d6f70433edd13e0b10fbc17838809 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Wed, 8 Nov 2017 18:47:34 +0000
Subject: [PATCH 06/12] Paypal integration

Added the Paypal Alternative Payment integration.
---
 Model/Service/PaymentTokenService.php | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/Model/Service/PaymentTokenService.php b/Model/Service/PaymentTokenService.php
index f99f77f1a..f0098474d 100755
--- a/Model/Service/PaymentTokenService.php
+++ b/Model/Service/PaymentTokenService.php
@@ -82,19 +82,26 @@ public function __construct(
      * @throws \Exception
      */
     public function getToken() {
+        // Get the quote object
+        $quote = $this->checkoutSession->getQuote();
+
+        // Get the reserved track id
+        $trackId = $quote->reserveOrderId()->save()->getReservedOrderId();
+
         // Get the quote currency
         $currencyCode = $this->storeManager->getStore()->getCurrentCurrencyCode();
 
         // Get the quote amount
-        $amount       =  ChargeAmountAdapter::getPaymentFinalCurrencyValue($this->checkoutSession->getQuote()->getGrandTotal());
+        $amount =  ChargeAmountAdapter::getPaymentFinalCurrencyValue($quote->getGrandTotal());
 
         // Prepare the amount 
-        $value        = ChargeAmountAdapter::getGatewayAmountOfCurrency($amount, $currencyCode);
+        $value = ChargeAmountAdapter::getGatewayAmountOfCurrency($amount, $currencyCode);
 
         // Prepare the transfer data
         $transfer = $this->transferFactory->create([
             'value'   => $value,
-            'currency'   => $currencyCode
+            'currency'   => $currencyCode,
+            'trackId' => $trackId
         ]);
 
         // Get the token

From b7c77075a8f3a4dfb6a4478381eeae44a1536fed Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Thu, 9 Nov 2017 10:47:07 +0000
Subject: [PATCH 07/12] New order email trigger fix

Moved new order email trigger to after payment authorisation only.
---
 Controller/Payment/PlaceOrder.php | 19 ++++---------------
 Controller/Payment/Verify.php     |  6 ------
 Model/Service/CallbackService.php | 13 ++++++++++++-
 Model/Service/OrderService.php    | 14 +-------------
 4 files changed, 17 insertions(+), 35 deletions(-)

diff --git a/Controller/Payment/PlaceOrder.php b/Controller/Payment/PlaceOrder.php
index 798032c50..cdc3f8a2c 100755
--- a/Controller/Payment/PlaceOrder.php
+++ b/Controller/Payment/PlaceOrder.php
@@ -21,7 +21,6 @@
 use Magento\Sales\Model\Order\Payment\Transaction;
 use Magento\Sales\Model\Order\Payment\Transaction\BuilderInterface;
 use CheckoutCom\Magento2\Model\Service\TokenChargeService;
-use Magento\Sales\Model\Order\Email\Sender\OrderSender;
 
 class PlaceOrder extends AbstractAction {
 
@@ -50,11 +49,6 @@ class PlaceOrder extends AbstractAction {
      */
     protected $customerSession;
 
-    /**
-     * @var OrderSender
-     */
-    private $orderSender;
-
     /**
      * PlaceOrder constructor.
      * @param Context $context
@@ -72,8 +66,7 @@ public function __construct(
         OrderService $orderService,
         OrderInterface $orderInterface,
         CustomerSession $customerSession,
-        TokenChargeService $tokenChargeService,
-        OrderSender $orderSender
+        TokenChargeService $tokenChargeService
     ) {
         parent::__construct($context, $gatewayConfig);
 
@@ -82,7 +75,6 @@ public function __construct(
         $this->orderService           = $orderService;
         $this->orderInterface         = $orderInterface;
         $this->tokenChargeService     = $tokenChargeService;
-        $this->orderSender            = $orderSender;
     }
 
     /**
@@ -120,12 +112,6 @@ public function updateOrder($params, $order) {
 
         // Update payment data
         $order = $this->updatePaymentData($order);
-
-        // Send email
-        if ($updateSuccess) {
-            $order->setEmailSent(1)->save();
-            $this->orderSender->send($order);
-        }
         
         // 3D Secure redirection if needed
         if($this->gatewayConfig->isVerify3DSecure()) {
@@ -172,7 +158,10 @@ public function createOrder($params) {
     }
 
     public function updatePaymentData($order) {
+        // Load payment object
         $payment = $order->getPayment();
+
+        // Set the payment method, previously "substitution" for pre auth order creation
         $payment->setMethod(ConfigProvider::CODE); 
         $payment->save();
         $order->save();
diff --git a/Controller/Payment/Verify.php b/Controller/Payment/Verify.php
index e9e5cd624..a35cd0a1c 100755
--- a/Controller/Payment/Verify.php
+++ b/Controller/Payment/Verify.php
@@ -240,14 +240,8 @@ public function placeLocalPaymentOrder() {
                 // Update order status
                 $order->setStatus($this->gatewayConfig->getOrderStatusCaptured());
 
-                // Set email sent
-                $order->setEmailSent(1);
-
                 // Save the order
                 $order->save();
-
-                // Send email
-                $this->orderSender->send($order);
             }
             
             // Redirect to the success page
diff --git a/Model/Service/CallbackService.php b/Model/Service/CallbackService.php
index ce21d7d67..cde948f82 100755
--- a/Model/Service/CallbackService.php
+++ b/Model/Service/CallbackService.php
@@ -21,6 +21,7 @@
 use Magento\Sales\Api\InvoiceRepositoryInterface;
 use Magento\Customer\Model\CustomerFactory;
 use Magento\Store\Model\StoreManagerInterface;
+use Magento\Sales\Model\Order\Email\Sender\OrderSender;
 use CheckoutCom\Magento2\Model\Adapter\CallbackEventAdapter;
 use CheckoutCom\Magento2\Model\Adapter\ChargeAmountAdapter;
 use CheckoutCom\Magento2\Model\GatewayResponseHolder;
@@ -83,6 +84,11 @@ class CallbackService {
      */
     protected $storeManager;
 
+    /**
+     * @var OrderSender
+     */
+    private $orderSender;
+
     /**
      * CallbackService constructor.
      * @param CallbackMethod $callbackMethod
@@ -100,7 +106,8 @@ public function __construct(
         InvoiceRepositoryInterface $invoiceRepository,
         StoreCardService $storeCardService,
         CustomerFactory $customerFactory,
-        StoreManagerInterface $storeManager
+        StoreManagerInterface $storeManager,
+        OrderSender $orderSender
     ) {
         $this->callbackMethod   = $callbackMethod;
         $this->eventAdapter     = $eventAdapter;
@@ -112,6 +119,7 @@ public function __construct(
         $this->storeCardService    = $storeCardService;
         $this->customerFactory = $customerFactory;
         $this->storeManager = $storeManager;
+        $this->orderSender          = $orderSender;
     }
 
     /**
@@ -156,6 +164,9 @@ public function run() {
                 // Update order status
                 $order->setStatus($this->gatewayConfig->getOrderStatusAuthorized());
 
+                // Send the email
+                $this->orderSender->send($order);
+
                 // Set email sent
                 $order->setEmailSent(1);
 
diff --git a/Model/Service/OrderService.php b/Model/Service/OrderService.php
index e5489a926..34da6a95c 100755
--- a/Model/Service/OrderService.php
+++ b/Model/Service/OrderService.php
@@ -21,7 +21,6 @@
 use CheckoutCom\Magento2\Model\Ui\ConfigProvider;
 use CheckoutCom\Magento2\Observer\DataAssignObserver;
 use Magento\Sales\Model\Order;
-use Magento\Sales\Model\Order\Email\Sender\OrderSender;
 
 class OrderService {
 
@@ -50,11 +49,6 @@ class OrderService {
      */
     private $orderManager;
 
-    /**
-     * @var OrderSender
-     */
-    private $orderSender;
-
     /**
      * OrderService constructor.
      * @param CartManagementInterface $cartManagement
@@ -69,15 +63,13 @@ public function __construct(
         AgreementsValidatorInterface $agreementsValidator,
         Session $customerSession,
         Data $checkoutHelper,
-        Order $orderManager,
-        OrderSender $orderSender
+        Order $orderManager
     ) {
         $this->cartManagement       = $cartManagement;
         $this->agreementsValidator  = $agreementsValidator;
         $this->customerSession      = $customerSession;
         $this->checkoutHelper       = $checkoutHelper;
         $this->orderManager         = $orderManager;
-        $this->orderSender          = $orderSender;
     }
 
     /**
@@ -113,10 +105,6 @@ public function execute(Quote $quote, $cardToken, array $agreement) {
         // Place the order
         $orderId = $this->cartManagement->placeOrder($quote->getId());
 
-        // Send email
-        $order = $this->orderManager->load($orderId);
-        $this->orderSender->send($order);
-
         return $orderId;
     }
 

From c656d04422adf63722a7a7f3fcb58ca2ee0520a0 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Thu, 9 Nov 2017 13:48:41 +0000
Subject: [PATCH 08/12] Vault Card Autosave

Added on option to save cards automatically without requesting approval
from the user.
---
 Gateway/Config/Config.php                     | 12 +++++++++-
 Gateway/Request/VaultRequest.php              | 15 ++++++++++++-
 Model/Ui/ConfigProvider.php                   |  1 +
 etc/adminhtml/system.xml                      | 22 ++++++++++++++-----
 etc/config.xml                                |  1 +
 .../js/view/payment/method-renderer/hosted.js |  7 ++++++
 .../frontend/web/template/payment/hosted.html |  2 +-
 7 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/Gateway/Config/Config.php b/Gateway/Config/Config.php
index 82cb2524e..a90644a9f 100755
--- a/Gateway/Config/Config.php
+++ b/Gateway/Config/Config.php
@@ -59,7 +59,6 @@ class Config extends BaseConfig {
     const KEY_EMBEDDED_CSS = 'embedded_css';
     const KEY_CUSTOM_CSS = 'custom_css';
     const KEY_CSS_FILE = 'css_file';
-    const KEY_VAULT_TITLE = 'checkout_com_cc_vault/title';
     const KEY_ORDER_COMMENTS_OVERRIDE = 'order_comments_override';
     const KEY_ORDER_CREATION = 'order_creation';
 
@@ -97,6 +96,17 @@ public function getVaultTitle() {
         return (string) $scopeConfig->getValue('payment/checkout_com_cc_vault/title');
     }
 
+    /**
+     * Returns the vault card autosave state.
+     *
+     * @return bool
+     */
+    public function isCardAutosave() {
+        $objectManager = \Magento\Framework\App\ObjectManager::getInstance();
+        $scopeConfig = $objectManager->create('Magento\Framework\App\Config\ScopeConfigInterface');     
+        return (bool) $scopeConfig->getValue('payment/checkout_com_cc_vault/autosave');
+    }
+
     /**
      * Returns the payment mode.
      *
diff --git a/Gateway/Request/VaultRequest.php b/Gateway/Request/VaultRequest.php
index 183fb4805..161b1afb9 100755
--- a/Gateway/Request/VaultRequest.php
+++ b/Gateway/Request/VaultRequest.php
@@ -12,6 +12,7 @@
 
 use Magento\Payment\Gateway\Request\BuilderInterface;
 use Magento\Customer\Model\Session as CustomerSession;
+use Magento\Framework\App\Config\ScopeConfigInterface;
 
 class VaultRequest implements BuilderInterface {
 
@@ -31,12 +32,18 @@ class VaultRequest implements BuilderInterface {
      */
     protected $customerSession;
 
+    /**
+     * @var ScopeConfigInterface
+     */
+    protected $scopeConfig;
+
     /**
      * VaultRequest constructor.
      * @param CustomerSession $customerSession
      */
-    public function __construct(CustomerSession $customerSession) {
+    public function __construct(CustomerSession $customerSession, ScopeConfigInterface $scopeConfig) {
         $this->customerSession = $customerSession;
+        $this->scopeConfig = $scopeConfig;
     }
 
     /**
@@ -54,10 +61,16 @@ public function getVaultSaveInfo() {
         // Get the checkout session data
         $checkoutSessionData = $this->customerSession->getData('checkoutSessionData');
 
+        // Get the auto save card config
+        $isAutoSave = $scopeConfig->getValue('payment/checkout_com_cc_vault/autosave');
+
         // Check if save card is requested
         if (isset($checkoutSessionData['saveShopperCard'])) {
             return filter_var($checkoutSessionData['saveShopperCard'], FILTER_VALIDATE_BOOLEAN);
         }
+        else if ($isAutoSave) {
+            return true;
+        }
 
         return false;
     }
diff --git a/Model/Ui/ConfigProvider.php b/Model/Ui/ConfigProvider.php
index 5d89d1188..1ed5d84e9 100755
--- a/Model/Ui/ConfigProvider.php
+++ b/Model/Ui/ConfigProvider.php
@@ -97,6 +97,7 @@ public function getConfig() {
                     'custom_css' => $this->config->getCustomCss(),
                     'vault_title' => $this->config->getVaultTitle(),
                     'order_creation' => $this->config->getOrderCreation(),
+                    'card_autosave' => $this->config->isCardAutosave(),
                 ],
             ],
         ];
diff --git a/etc/adminhtml/system.xml b/etc/adminhtml/system.xml
index 4bc22072b..260cccd3f 100755
--- a/etc/adminhtml/system.xml
+++ b/etc/adminhtml/system.xml
@@ -128,19 +128,31 @@
                         </depends>
                     </field>
 
-                    <field id="useccv" translate="label" type="select" sortOrder="30" showInDefault="1" showInWebsite="1" showInStore="0">
+                   <field id="checkout_com_cc_vault_autosave" translate="label" type="select" sortOrder="30" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Save cards automatically</label>
+                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                        <config_path>payment/checkout_com_cc_vault/autosave</config_path>
+                        <depends>
+                            <field id="checkout_com_cc_vault_active">1</field>
+                        </depends>
+                        <comment>
+                            If set to "No", customers will be asked during checkout if the card used for payment should be stored. If set to "Yes", the card will be saved automatically without requesting agreement.
+                        </comment>
+                    </field>
+
+                    <field id="useccv" translate="label" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>CVV Verification</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/useccv</config_path>
                     </field>
 
-                    <field id="verify_3dsecure" translate="label" sortOrder="40" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="verify_3dsecure" translate="label" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>3D Secure Verification</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/verify_3dsecure</config_path>
                     </field>
 
-                    <field id="attemptN3D" translate="label comment" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="attemptN3D" translate="label comment" sortOrder="60" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Attempt Non 3D Secure</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/attemptN3D</config_path>
@@ -152,13 +164,13 @@
                         </comment>
                     </field>
 
-                    <field id="auto_capture" translate="label" sortOrder="60" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="auto_capture" translate="label" sortOrder="70" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Auto Capture</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/auto_capture</config_path>
                     </field>
 
-                    <field id="auto_capture_time" translate="label comment" sortOrder="70" type="text" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="auto_capture_time" translate="label comment" sortOrder="80" type="text" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Auto Capture Time</label>
                         <config_path>payment/checkout_com/auto_capture_time</config_path>
                         <validate>validate-required validate-digits validate-zero-or-greater</validate>
diff --git a/etc/config.xml b/etc/config.xml
index 95d271520..084edea87 100755
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -64,6 +64,7 @@
             <checkout_com_cc_vault>
                 <model>CheckoutComCreditCardVaultFacade</model>
                 <title>Stored Cards (Checkout.com)</title>
+                <autosave>1</autosave>
             </checkout_com_cc_vault>
         </payment>
     </default>
diff --git a/view/frontend/web/js/view/payment/method-renderer/hosted.js b/view/frontend/web/js/view/payment/method-renderer/hosted.js
index 09e9a90f8..b88037cf7 100755
--- a/view/frontend/web/js/view/payment/method-renderer/hosted.js
+++ b/view/frontend/web/js/view/payment/method-renderer/hosted.js
@@ -75,6 +75,13 @@ define(
                 return CheckoutCom.getPaymentConfig()['quote_currency'];
             },
 
+            /**
+             * @returns {bool}
+             */
+            isCardAutosave: function() {
+                return CheckoutCom.getPaymentConfig()['card_autosave'];
+            },
+
             /**
              * @returns {string}
              */
diff --git a/view/frontend/web/template/payment/hosted.html b/view/frontend/web/template/payment/hosted.html
index 07abc51f7..70689dd88 100755
--- a/view/frontend/web/template/payment/hosted.html
+++ b/view/frontend/web/template/payment/hosted.html
@@ -53,7 +53,7 @@
             <!--/ko-->
         </div>
 
-        <!-- ko if: (isVaultEnabled())-->
+        <!-- ko if: ((isVaultEnabled()) && !isCardAutosave()) -->
         <div class="field choice">
             <input type="checkbox" name="vault[is_enabled]" class="checkbox" data-bind="attr: {'id': getCode() + '_enable_vault'}, checked: vaultEnabler.isActivePaymentTokenEnabler" />
             <label class="label" data-bind="attr: {'for': getCode() + '_enable_vault'}">

From 0ddf8bf7e46a1cc6f5794d9301e38687a38b752d Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Thu, 9 Nov 2017 13:53:41 +0000
Subject: [PATCH 09/12] Embedded card autosave

Added the vault card auto save feature to the embedded integration.
---
 .../web/js/view/payment/method-renderer/embedded.js        | 7 +++++++
 view/frontend/web/template/payment/embedded.html           | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/view/frontend/web/js/view/payment/method-renderer/embedded.js b/view/frontend/web/js/view/payment/method-renderer/embedded.js
index f90a3250e..8f94a8f5c 100755
--- a/view/frontend/web/js/view/payment/method-renderer/embedded.js
+++ b/view/frontend/web/js/view/payment/method-renderer/embedded.js
@@ -113,6 +113,13 @@ define(
                 return CheckoutCom.getPaymentConfig()['quote_currency'];
             },
 
+            /**
+             * @returns {bool}
+             */
+            isCardAutosave: function() {
+                return CheckoutCom.getPaymentConfig()['card_autosave'];
+            },
+            
             /**
              * @returns {string}
              */
diff --git a/view/frontend/web/template/payment/embedded.html b/view/frontend/web/template/payment/embedded.html
index cd1eae1b6..2d4e8b205 100644
--- a/view/frontend/web/template/payment/embedded.html
+++ b/view/frontend/web/template/payment/embedded.html
@@ -42,7 +42,7 @@
             <!--/ko-->
         </div>
 
-        <!-- ko if: (isVaultEnabled())-->
+        <!-- ko if: ((isVaultEnabled()) && !isCardAutosave()) -->
         <div class="field choice">
             <input type="checkbox" name="vault[is_enabled]" class="checkbox" data-bind="attr: {'id': getCode() + '_enable_vault'}, checked: vaultEnabler.isActivePaymentTokenEnabler" />
             <label class="label" data-bind="attr: {'for': getCode() + '_enable_vault'}">

From bfd251d0b93b7029bdd67d7fdfd0b2f40bd8bf49 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Thu, 9 Nov 2017 16:20:27 +0000
Subject: [PATCH 10/12] Card storage link

Added an option to show/hide card storage link in customer account.
---
 Block/Customer/CardRenderer.php             |  9 ++++-
 Model/Service/CallbackService.php           |  2 +-
 Plugin/CustomerDashboardLinksManagement.php | 42 +++++++++++++++++++++
 etc/adminhtml/system.xml                    | 19 +++++++---
 etc/config.xml                              |  1 +
 etc/di.xml                                  |  6 +++
 6 files changed, 71 insertions(+), 8 deletions(-)
 create mode 100755 Plugin/CustomerDashboardLinksManagement.php

diff --git a/Block/Customer/CardRenderer.php b/Block/Customer/CardRenderer.php
index 67e1a4c3e..effd249f7 100755
--- a/Block/Customer/CardRenderer.php
+++ b/Block/Customer/CardRenderer.php
@@ -11,10 +11,10 @@
 namespace CheckoutCom\Magento2\Block\Customer;
 
 use Magento\Payment\Model\CcConfigProvider;
-use CheckoutCom\Magento2\Model\Ui\ConfigProvider;
 use Magento\Framework\View\Element\Template;
 use Magento\Vault\Api\Data\PaymentTokenInterface;
 use Magento\Vault\Block\AbstractCardRenderer;
+use CheckoutCom\Magento2\Model\Ui\ConfigProvider;
 use CheckoutCom\Magento2\Gateway\Config\Config as GatewayConfig;
 
 class CardRenderer extends AbstractCardRenderer {
@@ -31,7 +31,12 @@ class CardRenderer extends AbstractCardRenderer {
      * @param GatewayConfig $gatewayConfig
      * @param array $data
      */
-    public function __construct(Template\Context $context, CcConfigProvider $iconsProvider, GatewayConfig $gatewayConfig, array $data) {
+    public function __construct(
+        Template\Context $context,
+        CcConfigProvider $iconsProvider,
+        GatewayConfig $gatewayConfig,
+        array $data
+    ) {
         parent::__construct($context, $iconsProvider, $data);
 
         $this->gatewayConfig = $gatewayConfig;
diff --git a/Model/Service/CallbackService.php b/Model/Service/CallbackService.php
index cde948f82..1c2c822e5 100755
--- a/Model/Service/CallbackService.php
+++ b/Model/Service/CallbackService.php
@@ -87,7 +87,7 @@ class CallbackService {
     /**
      * @var OrderSender
      */
-    private $orderSender;
+    protected $orderSender;
 
     /**
      * CallbackService constructor.
diff --git a/Plugin/CustomerDashboardLinksManagement.php b/Plugin/CustomerDashboardLinksManagement.php
new file mode 100755
index 000000000..ba1611b00
--- /dev/null
+++ b/Plugin/CustomerDashboardLinksManagement.php
@@ -0,0 +1,42 @@
+<?php
+
+namespace CheckoutCom\Magento2\Plugin;
+
+use Closure;
+use Magento\Framework\View\Element\Html\Links;
+use Magento\Framework\View\Element\AbstractBlock;
+use Magento\Framework\App\Config\ScopeConfigInterface;
+
+/**
+ * Class CustomerDashboardLinksManagement
+ */
+class CustomerDashboardLinksManagement
+{
+    /**
+     * @var ScopeConfigInterface
+     */
+    protected $scopeConfig;
+
+
+    public function __construct (ScopeConfigInterface $scopeConfig) {
+        $this->scopeConfig = $scopeConfig;
+    }
+
+    public function aroundRenderLink(Links $subject, Closure $proceed, AbstractBlock $link)
+    {
+        // Get the output   
+        $output = $proceed($link);
+
+        // If it's the dashboard menu
+        if ($subject->getNameInLayout() == 'customer_account_navigation') {
+            // If it's the stored payment cards lenu link
+            if ($link->getNameInLayout() == 'customer-account-navigation-my-credit-cards-link') {
+                if ((bool) $this->scopeConfig->getValue('payment/checkout_com_cc_vault/hide_card_storage')) {
+                    return '';
+                }
+            }
+        }
+
+        return $output;
+    }
+}
diff --git a/etc/adminhtml/system.xml b/etc/adminhtml/system.xml
index 260cccd3f..6ce9bb1c3 100755
--- a/etc/adminhtml/system.xml
+++ b/etc/adminhtml/system.xml
@@ -140,19 +140,28 @@
                         </comment>
                     </field>
 
-                    <field id="useccv" translate="label" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="checkout_com_cc_vault_hide_storage" translate="label" type="select" sortOrder="40" showInDefault="1" showInWebsite="1" showInStore="0">
+                        <label>Hide card storage</label>
+                        <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                        <config_path>payment/checkout_com_cc_vault/hide_card_storage</config_path>
+                        <comment>
+                            If set to "Yes", customers will not be able to access the stored payment methods links from the account.
+                        </comment>
+                    </field>
+
+                    <field id="useccv" translate="label" type="select" sortOrder="50" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>CVV Verification</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/useccv</config_path>
                     </field>
 
-                    <field id="verify_3dsecure" translate="label" sortOrder="50" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="verify_3dsecure" translate="label" sortOrder="60" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>3D Secure Verification</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/verify_3dsecure</config_path>
                     </field>
 
-                    <field id="attemptN3D" translate="label comment" sortOrder="60" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="attemptN3D" translate="label comment" sortOrder="70" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Attempt Non 3D Secure</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/attemptN3D</config_path>
@@ -164,13 +173,13 @@
                         </comment>
                     </field>
 
-                    <field id="auto_capture" translate="label" sortOrder="70" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="auto_capture" translate="label" sortOrder="80" type="select" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Auto Capture</label>
                         <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                         <config_path>payment/checkout_com/auto_capture</config_path>
                     </field>
 
-                    <field id="auto_capture_time" translate="label comment" sortOrder="80" type="text" showInDefault="1" showInWebsite="1" showInStore="0">
+                    <field id="auto_capture_time" translate="label comment" sortOrder="90" type="text" showInDefault="1" showInWebsite="1" showInStore="0">
                         <label>Auto Capture Time</label>
                         <config_path>payment/checkout_com/auto_capture_time</config_path>
                         <validate>validate-required validate-digits validate-zero-or-greater</validate>
diff --git a/etc/config.xml b/etc/config.xml
index 084edea87..8bea2c7b6 100755
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -65,6 +65,7 @@
                 <model>CheckoutComCreditCardVaultFacade</model>
                 <title>Stored Cards (Checkout.com)</title>
                 <autosave>1</autosave>
+                <hide_card_storage>0</hide_card_storage>
             </checkout_com_cc_vault>
         </payment>
     </default>
diff --git a/etc/di.xml b/etc/di.xml
index ca571a520..8255eb7ac 100755
--- a/etc/di.xml
+++ b/etc/di.xml
@@ -433,6 +433,12 @@
     </type>
     <!-- END Around Payments Plugin -->
 
+    <!-- Accound dashboard plugin -->
+    <type name="Magento\Framework\View\Element\Html\Links">
+        <plugin sortOrder="1" name="CkoCustomerDashboardLinksManagement" type="CheckoutCom\Magento2\Plugin\CustomerDashboardLinksManagement"/>
+    </type>
+    <!-- END account dashboard plugin -->
+
     <!-- Plans grid listing -->
     <virtualType name="CheckoutCom\Magento2\Model\ResourceModel\Plan\Collection" type="Magento\Framework\View\Element\UiComponent\DataProvider\SearchResult">
         <arguments>

From ad73fe0b5bc11edd36b85d4d335accabb6dbc8b7 Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Thu, 9 Nov 2017 18:06:00 +0000
Subject: [PATCH 11/12] Vault request but fix

Fixed a missing $this preventing the vault request to run.
---
 Gateway/Request/VaultRequest.php |  2 +-
 Observer/OrderCancelObserver.php | 46 ++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100755 Observer/OrderCancelObserver.php

diff --git a/Gateway/Request/VaultRequest.php b/Gateway/Request/VaultRequest.php
index 161b1afb9..885319c50 100755
--- a/Gateway/Request/VaultRequest.php
+++ b/Gateway/Request/VaultRequest.php
@@ -62,7 +62,7 @@ public function getVaultSaveInfo() {
         $checkoutSessionData = $this->customerSession->getData('checkoutSessionData');
 
         // Get the auto save card config
-        $isAutoSave = $scopeConfig->getValue('payment/checkout_com_cc_vault/autosave');
+        $isAutoSave = $this->scopeConfig->getValue('payment/checkout_com_cc_vault/autosave');
 
         // Check if save card is requested
         if (isset($checkoutSessionData['saveShopperCard'])) {
diff --git a/Observer/OrderCancelObserver.php b/Observer/OrderCancelObserver.php
new file mode 100755
index 000000000..213462db7
--- /dev/null
+++ b/Observer/OrderCancelObserver.php
@@ -0,0 +1,46 @@
+<?php
+/**
+ * Checkout.com Magento 2 Payment module (https://www.checkout.com)
+ *
+ * Copyright (c) 2017 Checkout.com (https://www.checkout.com)
+ * Author: David Fiaty | integration@checkout.com
+ *
+ * License GNU/GPL V3 https://www.gnu.org/licenses/gpl-3.0.en.html
+ */
+
+namespace CheckoutCom\Magento2\Observer;
+
+use Magento\Framework\Event\Observer;
+use Magento\Framework\Event\ObserverInterface;
+use Magento\Framework\App\Request\DataPersistorInterface;
+use Magento\Sales\Api\Data\OrderInterface;
+
+class OrderCancelObserver implements ObserverInterface {
+
+    /**
+     * @var OrderInterface
+     */
+    protected $orderInterface;
+
+    public function __construct(OrderInterface $order) {
+         $this->orderInterface = $orderInterface;    
+    }
+
+    /**
+     * Handles the observer for order cancellation.
+     *
+     * @param Observer $observer
+     * @return void
+     */
+    public function execute(Observer $observer) {
+   
+        $orderids = $observer->getEvent()->getOrderIds();     
+
+        echo "<pre>";
+        var_dump($orderids); 
+        echo "</pre>";
+
+        exit();
+    }
+
+}

From dc43fe2f7c2b7f086f9a9f42ae184548a048566c Mon Sep 17 00:00:00 2001
From: david-fiaty-cko <david.fiaty@checkout.com>
Date: Thu, 9 Nov 2017 18:14:00 +0000
Subject: [PATCH 12/12] Version update

Updated version to 1.0.11 in composer.json.
---
 composer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index 56cbbdee7..21d71315e 100755
--- a/composer.json
+++ b/composer.json
@@ -11,7 +11,7 @@
         "magento/module-vault": "100.2.*"
     },
     "type": "magento2-module",
-    "version": "1.0.10",
+    "version": "1.0.11",
     "autoload": {
         "files": [
             "registration.php"