Is this compatible with PayumBundle ?

[jimiero]

Hello,

Is your plugin compatible with https://github.com/Payum/PayumBundle? I see they don't have any Stripe with sca currently, if yes, do you have some more detailed documentation?

[Prometee]

Hi @jimiero,

This library can be use with payum/payum-bundle check the bundle related to this library if you want to use it : https://github.com/Prometee/PayumStripeCheckoutSessionBundle. payum/payum-bundle is just an helper for payum/payum to ease the integration with symfony.

Also into payum/payum there is multiple packages, there is for example payum/core and payum/stripe. This last package payum/stripe is not well updated and is not allowing (right now) to use "Stripe Checkout Session". That's why I decided to make my own implementation of Stripe gateways and right now there is only one gateway available "Stripe Checkout Session" supporting :

• SCA (working since the creation of this library)
• subscription and card saving (working if you use dev-master of this library, will be released soon)

I'm also wanting to support "Stripe JS" shortly.

[jimiero]

@Prometee I see you have a min php version set to 7.3, is this on purpose?

[Prometee]

@jimiero it's just because 7.2 will fall into "end of life" in the end of the year, but I think the requirement could removed if tests are ok then.

[jimiero]

I'll try to test https://github.com/Prometee/PayumStripeCheckoutSessionBundle will keep you updated, hopefully the documentation you have will help me the read the finish line :)

Thanks for your work btw!

[Prometee]

Thanks 😉 Don't hesitate to post another issue if doc is not enough, the Payum doc is not very useful sometime so maybe I could help fill in the blank.

[Prometee]

@jimiero I just test the removing of php minimum version requirement and add php 7.2 to the travis build, it could work with php 7.2 if you need to. https://travis-ci.org/github/Prometee/PayumStripe/builds/680706058

[jimiero]

Thanks,

I just made a quick test, not sure If I did it correctly, here is my webhook setting

And the test payment seems went fine, hurray! :) spend almost 2 days searching for sca solution for Stripe.

[Prometee]

I updated the README on the bundle : https://github.com/Prometee/PayumStripeCheckoutSessionBundle

The url you set for the webhook won't work because it's a local one and also because I think you are using symfony and this Notify url already exists, check my updated README on the bundle to get what is wrong ;)

This bundle will work even if the webhook is not set, but for production env you will need it. If you want to capture webhook events en your local dev env you can install stripe cli and then execute :

stripe login #only needed every 90days
stripe listen --events checkout.session.completed,payment_intent.canceled \
    --forward-to https://my-local.com/payment/notify/unsafe/stripe_checkout_session

Replace the --forward-to argument value with the right one you need.

Doing this you won't have to create

[jimiero]

Thanks the update, would it be possible to update the composer php version to ^7.2 as I have some others packages which require 7.2 :(

Or somehow to not force having php7.3 installed

Regards

[Prometee]

@jimiero I just publish a new release with php min version removed and other stuff : https://github.com/Prometee/PayumStripe/releases/tag/v1.1.1

[jimiero]

Thanks! I'll give a try and let you know how it goes.

[jimiero]

Hello @Prometee I just tried to make a live payment with success, but here is an error in the logs, probably related with webhooks:

request.CRITICAL:` Uncaught PHP Exception Payum\Core\Exception\RequestNotSupportedException:
"Request ResolveWebhookEvent is not supported.
Make sure the gateway supports the requests and there is an action which supports this request (The method returns true).
There may be a bug, so look for a related issue on the issue tracker."
at vendor/payum/payum/src/Payum/Core/Exception/RequestNotSupportedException.php line 57 
{"exception":"[object] (Payum\\Core\\Exception\\RequestNotSupportedException(code: 0): Request ResolveWebhookEvent is not supported.
Make sure the gateway supports the requests and there is an action which supports this request (The method returns true).
There may be a bug, so look for a related issue on the issue tracker.
at vendor/payum/payum/src/Payum/Core/Exception/RequestNotSupportedException.php:57)"} []

[Prometee]

This means that an webhook event has been catched but no handler is there to consume it. Do you restrict the webhook key to the 2 events required ?

[jimiero]

Yes, this is the setting for the webhook

( i replaced my domain in the image )

and 'stripe' is how I named the gateway

[Prometee]

Are you sure that your gateway is named "stripe" ?

[jimiero]

yes, but maybe I'm wrong

stripe:
            factory: stripe_checkout_session
            publishable_key: '%publishable_key%'
            secret_key: '%stripe_secret_key%'
            webhook_secret_keys: ['my-webhook-key']

[Prometee]

Your gateway name is stripe so your webhook url is ok. Can you check the logs of you Stripe account and check the failed webhook call or check the webhook logs ?

[jimiero]

What to look exactly for, the webhook says

<?xml version="1.0"?>

https://tools.ietf.org/html/rfc2616#section-10500Internal Server Error

which is caused by that error I get on my site, the one mentioned about

[Prometee]

I was talking about the Stripe logs on the Stripe website.

Edit your Stripe webhook and then you will see "Webhook attempts" list

[jimiero]

here it is

 "id": "evt_1GdXdPHQU2SYnXWXN9RYVMXV",
  "object": "event",
  "api_version": "2019-03-14",
  "created": 1588234843,
  "data": {
    "object": {
      "id": "cs_live_wbNF1RyQtoTnPhvE1IdXJvKYDdoZ6U9gRwx6prUkrw4arNXXXXXX",
      "object": "checkout.session",
      "billing_address_collection": null,
      "cancel_url": "https://www.domain.com/payment/capture/GXpq7nhhqRVfp3jzBC9XiJr4PX0_M9HcpS1RKcY5G50",
      "client_reference_id": null,
      "customer": "cus_HBvXXXXXVpGaH",
      "customer_email": "email@gmail.com",
      "display_items": [
        {
          "amount": 595,
          "currency": "eur",
          "custom": {
            "description": null,
            "images": null,
            "name": "Payment on Domain.com"
          },
          "quantity": 1,
          "type": "custom"
        }
      ],
      "livemode": true,
      "locale": null,
      "metadata": {
        "token_hash": "r4p5ZrBwqHmmvjs4vIWQefuBenJ9sk0T4Zjw-XXXXX"
      },
      "mode": "payment",
      "payment_intent": "pi_1GdXcfHQU2SYnXWXgYXXXXX",
      "payment_method_types": [
        "card"
      ],
      "setup_intent": null,
      "shipping": null,
      "shipping_address_collection": null,
      "submit_type": null,
      "subscription": null,
      "success_url": "https://www.domain.com/payment/capture/GXpq7nhhqRVfp3jzBC9XiJr4PX0_M9HcpS1RKcY5G50"
    }
  },
  "livemode": true,
  "pending_webhooks": 1,
  "request": {
    "id": null,
    "idempotency_key": null
  },
  "type": "checkout.session.completed"
}

[Prometee]

All seems to be OK, so the log you show here is affected to the same webhook key you set in the config right ? Because the error can only happen when the webhook content (this json you pasted) can't be identified by a signature checking using the webhook key and this json.

[jimiero]

Yes it is.

[Prometee]

It could be the fact that the required STRIPE_SIGNATURE header is not accessible, are you using a proxy between Stripe and your server ?

This is how the webhook signature is checked : https://stripe.com/docs/webhooks/signatures

[Prometee]

In this library the signature header is retrieved by this method

[jimiero]

Not using a proxy, not sure what I can do.

Does this failing event brakes the sca of Stripe?

[Prometee]

Not it won't affect at all the SCA flow, but the webhook is here to make a double check of the payment status.

[Prometee]

@jimiero I push some updates to get more info about your signature error, if you want to get more details about it, add this line to your composer.json (section require) :

"prometee/payum-stripe": "dev-master",

Run a new test payment and then you will get more info on the reason of why the webhook can't be verified.

[jimiero]

phew thanks @Prometee that helped, ended up finding that the server time was not synced to an online time clock server.

Fixing the server time, solved the issue and webhook succeeded!

Appreciate your assitance!

[Prometee]

@jimiero Perfect ! Thanks you too for bringing those cases. I will add some notes in the doc about it and the other signature issues which could happen too.