Open wannevancamp opened 5 months ago
candemiralp
commented
5 months ago Hello @wannevancamp,
Thank you for creating this issue with the details. We've created an internal ticket to handle this case and our support team is also investigating the issue as you have an active support ticket.
You will be informed when we conclude the investigation.
Best regards, Can
wannevancamp
commented
3 months ago @candemiralp, meanwhile I have some more information about this issue.
When you place an order on mobile, you are redirected to the mobile app. In the background, a popup in the checkout remains open and continues to poll for the payment status. Once the payment response isFinal, the popup closes, and you are redirected to the return URL. Simultaneously, you may be redirected to the return URL from the payment app. The return URL can only be accessed once with the same token. If you visit the return URL (/payment/finalize-transaction) a second time with the same token, an error, TokenInvalidatedException, is thrown.
Solution:
Update from Shopware:
candemiralp
commented
3 months ago Hello @wannevancamp,
Thank you for this detailed explanation. It shed lots of light on to the investigation and I've added those points to the ticket. You will be updated soon.
Best Regards, Can
candemiralp
commented
3 months ago Hello @wannevancamp,
We've been working on this issue and realised couple of points after reproducing the issue with the steps you've described.
The proposed solution On mobile, the popup should not trigger a redirect. can't be implemented as it will fail if the mobile device doesn't have an application and the payment is completed with another mobile device (Tablet for shopping + phone for scanning QR with Payconiq app).
Return to Shop button is only shown on the Payconiq application if the payment is opened in the application directly but not with scanning the QR code. Since, there won't be a Return to Store button on the application on QR code scanning scenario, the shopper will be stuck on the checkout page with an open pop-up.
We're still investigating some alternatives. Mainly, storing the token at somewhere else and creating a proxy controller (which will be used as returnUrl) in the plugin to finalise the payment. So that, multiple attempts to the same URL can be handled elegantly. We don't know the consequences on headless integration and the possibility of releasing it as a non-breaking change, yet.
Please feel free to share your opinion and I'll also update you once we have a concrete solution.
Best regards, Can
wannevancamp
commented
3 months ago Hi @candemiralp, using a proxy controller (own endpoint) seems a valid solution. You're right, on mobile the redirect flow still needs to exist in case the payment is completed with another mobile device.
candemiralp
commented
3 months ago Hello @wannevancamp,
Thank you for your input. I will keep you updated during the investigation period.
Best regards, Can
wannevancamp
commented
1 month ago @candemiralp, I saw your draft PR https://github.com/Adyen/adyen-shopware6/pull/535. Any update on this one?
candemiralp
commented
1 month ago Hello @wannevancamp,
Using a proxy controller didn't solve the issue and introduced more problems as the token is validated in many places. Besides that, by-passing the token validation will make the success page accessible every time even with an invalidated token. Considering the success page contains PII data (order details, personal details and shipping information), we understand Shopware's concern about introducing a token.
Our next step is discussing Adyen's Bancontact implementation in the backend to see if there is a place for the improvement. We will try to find a solution to the root cause of the issue.
We will keep you updated as we finalised the discussion internally.
Best Regards, Can
candemiralp
commented
3 weeks ago Hello @wannevancamp,
Thank you for your patience during the investigation. We have found a way to make /payments/details call to Adyen Checkout API to obtain the payment status and order transaction ID without by-passing the token validation mechanism of Shopware 6.
Currently, we are refining our approach internally about the implementation. I just wanted to inform you that this issue will be solved soon.
Best Regards, Can
Describe the bug
The payment method
Bancontact mobilegives the following error after you pay the order.Versions Shopware version: all Plugin version: all
To Reproduce Steps to reproduce the behavior:
Bancontact mobileBancontact mobileappTokenInvalidatedExceptionExpected behavior When returning back to the shop after a successful payment the order finish page must be shown.