gbg-loqate / loqate-integration

gbg-loqate/loqate-integration

Performs address capture and data validation (email, phone number and address) using Loqate API.

Henry Thomas

magento2-module Compatibility: 2.4.7-2.4.9 Code Quality: Fail Tests: N/A Security: Pass

Get this package

Free

Install

Add the repository once:

composer config repositories.packagento composer https://packagento.com/

Then require:

composer require gbg-loqate/loqate-integration:^2.0.10

Details

Latest version: 2.0.10
Released: 2026-06-05 14:51:44
Downloads: 0

Own this package?

Are you the maintainer? Create an account and link the source repository to claim this package and register a webhook so new versions publish automatically.

Claim this Package

Report this package

Seeing license violations, malicious code, IP infringement, or spam? Let our moderation team know.

Readme

Loqate Magento 2 API Integration

What is the Loqate API Integration?

Performs address capture and data validation (email, phone number and address) using Loqate API.

Download

Download via composer

Request composer to fetch the module:

composer require loqate-integration/adobe

Manual Download

Download & copy the git content to /app/code/Loqate/ApiIntegration.

Install

Please run the following commands after you download the module.

php bin/magento module:enable Loqate_ApiIntegration
php bin/magento setup:upgrade
php bin/magento setup:di:compile

Configuration Instructions

The configuration for the module is located under Stores -> Configuration -> Loqate.

Magento 2 DevContainer Setup

This repository includes a devcontainer for rapid Magento 2 extension development.

Quick Start

Create a devcontainer.env: Before opening the devcontainer you will need to create a devcontainer.env file which you can copy from devcontainer.env.example.
Open in VS Code: Use the "Reopen in Container" command (requires the Remote - Containers extension).
Wait for Setup: The devcontainer will build, install dependencies, and set up Magento 2 automatically.
Access Magento:
- Storefront: http://localhost:8080
- Admin: http://localhost:8080/admin
- Default admin user: admin / admin123
Live Extension Development: Your extension source is mounted into the running Magento instance. Changes are reflected immediately after running bin/magento setup:upgrade and clearing cache.

Services

PHP-FPM (8.1)
Nginx
MySQL 8
Opensearch
Redis

Notes

The first startup may take several minutes (Magento install, Composer, DB setup).
The extension is symlinked into app/code/Loqate/ApiIntegration.
To re-run setup, use .devcontainer/setup-magento.sh inside the container.
If you have any DNS issues, you will need to copy your Zscaler certificate into the PHP container - see the Zscaler workaround comment in the Dockerfile.

Useful helpers

php -r '$e=include "app/etc/env.php"; $d=$e["db"]["connection"]["default"]; printf("mysql -h%s -u%s -p%s %s\n",$d["host"],$d["username"],$d["password"],$d["dbname"]);' Will extract the command to access mysql within the devcontainer, currently that command is mysql -hdb -umagento -pmagento magento
bin/magento config:show will list all of the config currently set in the instance, this can be set with bin/magento config:set <PATH> <VALUE>

Testing

Automated unit tests

Unit tests live under Test/Unit and run with Magento's unit test suite. From the Magento root of an instance that has the module installed:

# Module installed via composer:
vendor/bin/phpunit -c dev/tests/unit/phpunit.xml.dist \
  vendor/gbg-loqate/loqate-integration/Test/Unit

# Module installed under app/code:
vendor/bin/phpunit -c dev/tests/unit/phpunit.xml.dist \
  app/code/Loqate/ApiIntegration/Test/Unit

Test/Unit/Helper/ValidatorTest.php covers the captured-address (Loqate lookup) bypass: array-street parsing, that a looked-up address is recognised across countries (e.g. UK province-name vs region, US CA vs California), case/whitespace tolerance, and the guards that a different or empty address is not bypassed.

Manual testing (checkout flow)

Prerequisites (Admin → Stores → Configuration → Loqate, or bin/magento config:set):

loqate_settings/settings/api_key — a valid Loqate API key
loqate_settings/address_settings/enable_checkout = 1 (verification enabled at checkout)
Capture/lookup enabled on checkout
Optional: set strict thresholds under loqate_settings/verify_threshold_settings so a hand-typed address would be rejected, making the bypass behaviour obvious

Verify a looked-up address is accepted (the main regression):

Go to checkout (guest or logged-in).
Use the Loqate lookup and select a suggested address from the dropdown — do not hand-type it.
Proceed through shipping / place order. The address should be accepted and checkout should proceed (the selected address bypasses re-verification).

Different-country checks (the bypass is locale-agnostic):

US — lookup returns the state as a full name (e.g. California) while Magento stores the region as CA; the address should still be accepted.
UK — lookup an address with no region; should be accepted.

Guard checks (verification is still active):

Hand-type an invalid address without using the lookup → verification still fires and rejects it.
Select a lookup address, then edit a field (e.g. the street) → it is re-verified, since it no longer matches the captured address.

Observe via logs — a bypassed (captured) address makes no verify API call, whereas a hand-typed one does:

tail -f var/log/loqate*.log

Deployment

Releasing a new version requires two separate deployments: one to the Adobe Marketplace and one via Composer. Before proceeding with either, update the version number in both composer.json and etc/module.xml to reflect the new release, then commit and push the change.

Note that the Git tag for the Composer release is created automatically when changes are merged to master — see the Composer section below.

Adobe Marketplace

Create a zip of the whole repository. Ensure that .devcontainer, .git and .gitignore are excluded, as the Magento malware scan does not allow them to be uploaded. The following command will produce a clean archive:
```
zip -r loqate-integration.zip . -x "*.git*" -x "*.devcontainer*"
```
Log in to your Adobe account at account.magento.com.
Navigate to the extension versions page on the Adobe Commerce Developer Portal.
Upload the zip archive.
Adobe will automatically process and scan the submission. This can take up to 15 business days if a manual approval is required.
- If the scan fails, review the provided feedback, address the reported issues, and resubmit.
- If the scan passes, the extension will be published to the marketplace within the hour.

Composer

The Git tag for a Composer release is created automatically. When changes are merged to master, the auto-tag.yml GitHub Action analyses the commits since the previous tag and creates a new version tag based on Conventional Commits:

feat: commits → MINOR bump (e.g. v2.0.4 → v2.1.0)
fix: commits → PATCH bump (e.g. v2.0.4 → v2.0.5)
feat!: or BREAKING CHANGE: → MAJOR bump (e.g. v2.0.4 → v3.0.0)
Other types (docs:, style:, refactor:, etc.) → no bump (no tag created)

If no conventional commit is found, the action defaults to a PATCH bump. The workflow also publishes a GitHub release with an auto-generated changelog. Once the new tag is pushed, Composer will automatically detect it and make the release available on packagist.

To ensure a release is tagged correctly, make sure your commit messages follow the Conventional Commits format.

Changelog

No changelog yet

The vendor hasn't published a changelog. Tagged releases appear in the Versions tab.

Versions 15

Versions
Version	Stability	QA Status	Compatibility	Released
2.0.10	stable	Fail	Magento 2.4.7-2.4.9 Details	2026-06-05 14:51:44
2.0.9	stable	Not tested	Not yet tested Details	2026-06-04 14:23:07
2.0.4	stable	Not tested	Not yet tested Details	2026-05-05 09:01:54
2.0.3	stable	Not tested	Not yet tested Details	2026-01-21 10:27:55
2.0.2	stable	Not tested	Not yet tested Details	2025-12-10 11:04:56
2.0.1	stable	Not tested	Not yet tested Details	2025-10-21 07:31:15
2.0.0	stable	Not tested	Not yet tested Details	2025-09-23 12:18:58
1.1.16	stable	Not tested	Not yet tested Details	2025-08-12 13:50:00
1.1.14	stable	Not tested	Not yet tested Details	2025-02-28 09:16:33
1.1.13	stable	Not tested	Not yet tested Details	2025-02-26 09:45:06
1.1.12	stable	Not tested	Not yet tested Details	2025-02-17 14:47:14
1.1.11	stable	Not tested	Not yet tested Details	2025-01-29 11:23:31
1.1.10	stable	Not tested	Not yet tested Details	2024-12-06 13:18:53
1.1.8	stable	Not tested	Not yet tested Details	2024-11-22 13:15:48
1.1.7	stable	Not tested	Not yet tested Details	2024-11-22 13:06:25

Dependencies 1

Requires 1

Package	Constraint
lqt/api-connector	*

Quality 12

Compatibility

Each Magento release line is installed on its supported PHP versions, then the module is built (DI compilation + static-content deploy) and its unit and integration suites are run. The matrix shows the lines and PHP versions the module is confirmed to install and run on. Code-quality results further down (phpstan, phpcs, …) are reported separately and never affect compatibility.

Compatibility matrix (Magento × PHP)
Magento	PHP 8.2	PHP 8.3	PHP 8.4	PHP 8.5
2.4.7	Pass	Pass
2.4.8		Pass	Pass
2.4.9			Pass	Pass

Code Quality

Advisory checks against the module's source. Static analysis runs once across the whole module; PHPStan re-runs per Magento + PHP version because resolvable symbols differ between releases. These NEVER affect the Compatibility badge — a phpcs finding can't make a module incompatible.

Static analysis

Coding standards (phpcs), mess detection (phpmd), copy-pasted code (cpd), PHP cross-version compatibility, composer.json validity. Each runs once for the whole module.

Static analysis results
Tool	Status	Findings	Summary
PHPCS	Warning	91	91 warnings (ruleset: Magento2) — 39 auto-fixable with phpcbf
PHPMD	Warning	27	27 rule violations (UnusedFormalParameter:8, IfStatementAssignment:8, UndefinedVariable:5, CyclomaticComplexity:3, NPathComplexity:2)
Cpd	Warning	1	1 duplicated chunk spanning 33 total lines (min-lines=5, min-tokens=70)
Composer validate	Info	3	valid; 3 advisory notes (composer validate --strict)

PHPStan

Type-checks the module's PHP against a real Magento install at the configured gate level. Re-runs per Magento and PHP version because resolvable symbols differ between releases. Cell → details modal.

PHPStan results by Magento and PHP version
Magento	PHP 8.2	PHP 8.3	PHP 8.4	PHP 8.5
2.4.7	26	26
2.4.8		27	27
2.4.9			27	27

Tests

Unit and integration suites, run for each applicable Magento and PHP version. A test failure speaks to the module's behaviour, not its compatibility with a Magento line, so it is reported here separately and never reddens the compatibility matrix.

Unit tests

Unit tests results by Magento and PHP version
Magento	PHP 8.2	PHP 8.3	PHP 8.4	PHP 8.5
2.4.7	N/A	N/A
2.4.8		N/A	N/A
2.4.9			N/A	N/A

Integration tests

Integration tests results by Magento and PHP version
Magento	PHP 8.2	PHP 8.3	PHP 8.4	PHP 8.5
2.4.7	N/A	N/A
2.4.8		N/A	N/A
2.4.9			N/A	N/A

Security

Security checks run directly against the module: an audit of its declared dependencies for known vulnerabilities (composer audit) and a scan of its source for malware and web-shell signatures. Each runs once. A malware detection fails the version outright.

Security results
Tool	Status	Findings	Summary
Composer audit	Pass	0
Malware scan	Pass	0

License

Authors

Henry Thomas — Developer

Make it pay

Turn an existing module into recurring revenue.

If you already maintain a Magento 2 module on GitHub or GitLab, listing it on Packagento takes about five minutes. We mirror your tags, handle distribution signing, and route paid licenses through Stripe Connect, so you can keep shipping the way you already do.

List your module