Also, the authorizePayment method is currently fetching from Razorpay's ORDER API via getStatus method
I think the getStatus method should first verify the signature, fetch from Razorpay's PAYMENT API instead of ORDERS API and then set the medusa status accordingly.
After a successful payment, we update the payment session's data using the
updatePaymentData
with the following values we get back from razorpay -The second-last mandatory step in Razorpay's checkout flow requires signature verification using the above data. This step is currently missing in the
authorizePayment
method of the plugin. (https://razorpay.com/docs/payments/payment-gateway/web-integration/standard/build-integration/#15-verify-payment-signature)Also, the
authorizePayment
method is currently fetching from Razorpay's ORDER API viagetStatus
methodI think the
getStatus
method should first verify the signature, fetch from Razorpay's PAYMENT API instead of ORDERS API and then set the medusa status accordingly.Let me know if this is the right approach or not