Handling Failed Payment from checkout.session.async_payment_failed Webhook

[solverat]

Hi there,

first of all - thanks for this awesome payum extension! I'm using it in a different framework than Sylius and therefor I'm running into a conceptional issue. Since this project does not provide a discussion section, I've opened an issue.

In short: If a payment (SOFORT) fails later on, stripe fires checkout.session.async_payment_failed via webhook. The payment status is set to requires_payment_method.

Within this extension, the payment stays in processing which is something I can't handle. The payment state should change to failed so we can inform the customer to try again with a new payment or just to inform him that something went wrong.

What's the best way to achieve this? I also have to be sure that the state of my payment only changes to failed if it comes from the checkout.session.async_payment_failed webhook, since requires_payment_method is a valid state when a PaymentIntent gets created, for example.

Should I create a custom StatusAction and define my logic in isMarkedStatus()?

Any help or just a quick point in the right direction would be awesome. Thanks!

[Prometee]

Hello @solverat !

Thank you very much to bring this issue here and to take time to investigate about it.

I think I understand the issue here, but I will need an extract of the object sent by Stripe within the checkout.session.async_payment_failed event as well as an extract of the same object retrieved via the API. The important fields I would need are:

• id
• object name
• all status fields

• and if present the updated at field

  Normally the status should be set to a failed status, and the code double check it by retrieving the newest version of the object contained in the event payload.

I try to trust the Stripe API all the time but here I can think about a cache issue or a Stripe internal multi servers calls problem. It can be anything but what you and I expect is that this event must in all case mark the payment as fail event if the object contained doesn't have a failed status.

I will think about a workaround to see how to counter this issue.

[Prometee]

@solverat I will also need what you have into your database especially the Payment->details with the same extracted fields.

[solverat]

Hey @Prometee Thanks for your detailed response!

First of all, my detail response:

{
  "id": "pi_3OMzWOAbCpXpuEGn3TiQMt8M",
  "object": "payment_intent",
  "amount": 3740,
  "amount_capturable": 0,
  "amount_details": {
    "tip": []
  },
  "amount_received": 0,
  "application": null,
  "application_fee_amount": null,
  "automatic_payment_methods": null,
  "canceled_at": null,
  "cancellation_reason": null,
  "capture_method": "automatic",
  "client_secret": "pi_3OMzWOAbCpXpuEGn3TiQMt8M_secret_S2ZkJFlms66hUcZEXbKfZ6Iw7",
  "confirmation_method": "automatic",
  "created": 1702501152,
  "currency": "eur",
  "customer": null,
  "description": "387282_822463157761621",
  "invoice": null,
  "last_payment_error": {
    "code": "payment_intent_authentication_failure",
    "decline_code": "generic_decline",
    "doc_url": "https://stripe.com/docs/error-codes/payment-intent-authentication-failure",
    "message": "The provided PaymentMethod has failed authentication. You can provide payment_method_data or a new PaymentMethod to attempt to fulfill this PaymentIntent again.",
    "payment_method": {
      "id": "pm_1OMzYfAbCpXpuEGnFrEG0yRf",
      "object": "payment_method",
      "billing_details": {
        "address": {
          "city": null,
          "country": "AT",
          "line1": null,
          "line2": null,
          "postal_code": null,
          "state": null
        },
        "email": "***",
        "name": "tester",
        "phone": null
      },
      "created": 1702501293,
      "customer": null,
      "livemode": false,
      "metadata": [],
      "sofort": {
        "country": "AT"
      },
      "type": "sofort"
    },
    "type": "card_error"
  },
  "latest_charge": "py_3OMzWOAbCpXpuEGn3ufeiKIL",
  "livemode": false,
  "metadata": {
    "token_hash": "O8R3SHEAt3VaNYimOTDA_F-EztuyKXs2VDg_qKhpMss"
  },
  "next_action": null,
  "on_behalf_of": null,
  "payment_method": null,
  "payment_method_configuration_details": null,
  "payment_method_options": {
    "sofort": {
      "preferred_language": "de"
    }
  },
  "payment_method_types": [
    "sofort"
  ],
  "processing": null,
  "receipt_email": null,
  "review": null,
  "setup_future_usage": null,
  "shipping": null,
  "source": null,
  "statement_descriptor": null,
  "statement_descriptor_suffix": null,
  "status": "requires_payment_method",
  "transfer_data": null,
  "transfer_group": null
}

This response comes from the strapi sandbox, which looks like this (I've selected "Authorize Test Payment with Delayed Failure", if I'm selecting "Authorize Test Payment" everything works fine => the payment gets confirmed after some delay)

As you can see the status is requires_payment_method.

I don't think there is any cache or race condition issue. Stripe exactly descripes it in the documentation "livecycle":

https://stripe.com/docs/payments/paymentintents/lifecycle

See section after "processing". If it fails, it changes to "requires_payment_method". Interessting sidenode: In the Stripe backoffice, I'm not able to do anything with this order, it's just closed.

[Prometee]

Ok ! I can see clearly the issue here, a Payum extension is required here to detect the incoming webhook and mark the payment as failed instead of processing.

[Prometee]

@solverat can you test the master branch in your own environement ? I'm pretty sure it will fix this issue.

https://github.com/FLUX-SE/PayumStripe/compare/v2.0.13...master