- This topic has 7 replies, 2 voices, and was last updated 1 year, 4 months ago by
.
-
Posts
-
-
Hello. I’ve seen two issues pop up with Stripe Marketplace. We are using MVX Pro 1.3.3
The first is if a payment requires 3D Secure. When your plugin creates a PaymentIntent, and then update that PaymentIntent once again, it normally returns a status of ‘success’ and the payment process is over. However, if 3D Secure is required, the update to PaymentIntent returns ‘requires_action’ and a ‘next_step’ tag that describes what to do next. From what I’ve seen, there is no code in the plugin to deal with that, and the client from then on is in an invalid state in their order.
The second is if a user clicks on the checkbox to save their credit card info. The Customer creation code is different. The plugin first send a user description with name and username to create the Customer (instead of ‘Name, Guest’). It then uses the customer/CUSTOMER_ID/source endpoint to create a source, with a ‘source’ parameter that contains the id of a PaymentMethod, which is invalid (invalid_request_error
You cannot use a PaymentMethod as a source for Customers. Instead, use the PaymentMethods API to Attach a Customer to a PaymentMethod. See https://stripe.com/docs/api/payment_methods/attach).By the way, this sequence of creating a Customer and updating it with a source happened after the purchase was made (the plugin went through the process of creating a PaymentMethod, a Customer and a PaymentIntent, and updating that PaymentIntent to receive a success), which means the client was charged despite receiving an error message for failed purchase, and then paid us again using a different payment method, unaware that they had already paid us. That’s unacceptable. To be fair, the purchase process takes a long time (up to 20-30 seconds). It’s possible that the user refreshed the page, checked the save box and tried to send a purchase again, and that new customer creation was part of the next purchase attempt. We don’t have server logs due to misconfigured log rotation to confirm what the user tried to do and the user was so mad with being double charged that they were not cooperative for investigation. All we have is the timeline of event from Stripe’s POV (linked in the attachment)
Attachments:
-
@Crisim, the latest version of MultiVendorX Pro is 1.3.13. Could you kindly confirm if you are still encountering the mentioned issue with this updated version?
-
We don’t get enough to traffic in sale that we can reliably test those things, and at this point, the site is kind of ready for the heavy season. Updating the plugin is an unknown we can’t really afford, unless we have confirmation that at least issue number 1 is fixed. Issue number 2 we circumvented for now by removing the save card checkbox. I suppose I could download the code and check if you added support for ‘requires_action’.
Which I just did. So, I was mistaken, and 1.3.3 does have support for ‘requires_action’, but it’s only checked like this while processing payment.
if( $this->sca_enabled ) {
// Checked in here
}So I assume that if we enable the option for 3D Secure & SCA check on the backend of the plugin, that it will fix that, and when it’s turned off like right now, and stripe requires it, the order will fail, like it did, because no code catches that status. Now… I could turn that option on, but what exactly does it do? I can see there’s a lot of code in there, and it changes the flow of the purchase if 3D Secure / SCA is needed.
-
@Crisim, please allow us some time to review this, and we will get back to you shortly.
Kindly note that our responses may be delayed as our offices will be closed from the 9th to the 13th. We appreciate your understanding. -
-
-
-
Sorry for the delay in addressing your mentioned issue. This got delayed as our team was occupied with some preassigned development work.
But not to worry.I have already informed the dev team about this and also filed the same in our GitHub and hopefully soon we be able to add a fix for the same accordingly.
Thanks for your understanding and cooperation so far.
-
- You must be logged in to reply to this topic.
