HTTP endpoint for payment handling

[fhaertig]

As a CTP user I want to send the id of a payment object to the integration service to trigger the processing of pending transactions.

Find API specification here or view in Swagger editor.

Server Response Status Code

• [x] 200
• [x] 202
• [x] 400
• [x] 404
• [x] 500

  Response body

• [x] return empty body
• returning a non-empty body was postponed (checkout will be possible w/o as well), see issue #50

  Concurrent Modification Handling

• [x] implement retry logic for handle/payments/{id} in case of ConcurrentModificationException
• [x] explicit handling of NotFoundException (get rid separate NoCartLikeFoundException) -> NotFoundEx doesn't allow a message, so we stay with our custom NoCartLikeFoundEx

Response status 403 (Forbidden) is out of scope - implementation extracted to issue #45 because there is no optional ip whitelist and the like, yet.

[sesamzoo]

@nkuehn Is status code 403

The configuration of the service does not allow this request (e.g. not on optional IP whitelist, optional required authentication not passed).

in the scope of the first milestone? If yes (and in general), what is the exact list of conditions to be checked?

http://editor.swagger.io/#/?import=https://raw.githubusercontent.com/nkuehn/payment-integration-specifications/master/Payment-Integration-Api.swagger.yml

[sesamzoo]

@nkuehn According to the specification the response for status code 200 or 202 does not contain any data.

Could you please confirm that in case of redirect (credit card, Paypal,...) the client/checkout implementation has to get the redirect URL from the payment object by itself?

[nkuehn]

about 403: No, we don't have IP whitelisting or other auth on the MVP list and that means 403 will not occur until that changes (that's why the "Optional" in the description).

about 202: thanks for the reminder, @cneijenhuis have forgotten to agree on the response structure. My proposal is in this branch: https://github.com/nkuehn/payment-integration-specifications/blob/full-api-with-responses/Payment-Integration-Api.swagger.yml

[nkuehn]

update: I have now done a minimal response object for the 200x cases in the master branch of the payment-specs. If, then it may need to be extended but these three fields are safe as a status description that does not leak relevant info (which the full redirectUrl would have done).

[sesamzoo]

@nkuehn Regarding the 20X response body:

handledTransactionState: If a Transaction was handled, the value of the state field of the Transaction that was handled.

Please specify "If a Transaction was handled".

Scenarios that come to my mind (and influence implementation to detect handled transaction(s)):

• payment has no transaction
• payment has Pending transaction when the request is started to be handled and transaction is still Pending when handling the request finishes
  • interaction was added
  • no interaction was added
• payment has Pending transaction at the beginning of the request handling and transaction has state Success or Failure when handling the request finishes
  • the service itself modified the payment
  • the payment was changed by a concurrent modification
• payment has only transactions with status Success or Failure at the beginning of the request handling
  • :warning: The scheduled job or a notification processor could have handled the payment just between sending the request to handle the payment and the service receiving it.
• the payment has a transaction at the beginning of the request handling and has additional transactions when handling the request finishes
  • transactions added via CT project
  • transactions added by a notification processor

Or would the following approach be sufficient:

• report status (from snapshot at the end of handling the request) of first Pending transaction (from snapshot at the beginning of the request)
• if no Pending (from snapshot at the beginning of the request) transaction found, pick state of transaction with latest modified at attribute

[cneijenhuis]

@nkuehn I have said it before: I still have not heard an argument that invalidates what we had defined back in November (3 possible return types, configured on server side: None, Transaction State, Payment). Therefore I don't see a need to re-do/decide for something else.

@sesamzoo The use case is: The client adds a transaction (so, at the end of the array) and calls handle. The transactionState returned should be of that transaction. So in all cases except that someone else (CTP API client or notification processor) adds another transaction, using the last transaction would be fine. Maybe a good approach is to force the client to send the id of the transaction he wants to know the state of. So, if a notification comes in, he will still get the state he is interested in.

[sesamzoo]

@nkuehn I like the idea of @cneijenhuis to require the transaction ID in the request. Would be clear and simple to implement. May I assume that the transaction ID gets added as mandatory query parameter? Or could another path like /handle/payments/{paymentId}/transactions/{transactionId} be an alternative?

cc @fhaertig

[sesamzoo]

@nkuehn Would return type none as mentioned above be sufficient for the MVP?

[fhaertig]

@sesamzoo we could also provide only the path '/handle/transactions/{transactionId}', just as an addition

I'm not against the idea behind that, but in fact it would transfer a whole lot of logic out of the adapter and increases the effort for the shop, because it needs to handle the correct sequence of transactions then. Depends on how "convenient" the adapter should be...

[cneijenhuis]

I don't understand - the correct sequence is always "handle the oldest transaction in state Pending".

The client can not force the adapter to work on a different transaction - but he'll get the status of that transaction back. I.e. if the client first does Authorization and then Charge while the Auth is still pending (e.g. waits for a notification from the PSP), he will get Pending back for the Charge as it can not yet be processed. But he will not be able to trigger the Charge transaction with that.

[sesamzoo]

@cneijenhuis please see 4.2.7 Sample: preauthorization/capture, REC with credit note from the PAYONE server API documentation where "handle the oldest transaction in state Pending" is not correct: The Charge transaction of the invoice is still Pending (buyer hasn't paid anything, yet) while a Refund transaction (credit note issued by merchant) is requested (and completed).

Another scenario (although not that common) that comes to my mind: multi-capture because shipment was split -> the merchant probably wouldn't want the 2nd Charge transaction to be blocked until the 1st Charge transaction is completed, i.e. paid.

[sesamzoo]

@fhaertig I don't think that it would move any more logic to the shop, because the shop has to create the transactions in proper order anyway. As I see it, there is no real difference in logic but in explicitness

create payment P -> create transaction A -> handle payment P (to process transaction A) -> create transaction B -> handle payment P (to process transaction B)

vs.

create payment P -> create transaction A -> handle transaction A of payment P -> create transaction B -> handle transaction B of payment P

[fhaertig]

@sesamzoo the scenarios you described are exactly the ones I had in mind. The thing I got wrong was: if we only get the transaction id, we could validate the basics and directly fire the request from it. If there's an error - not our fault. But a more fail-fast approach makes certainly more sense, e.g. checking the other transactions in the payment.

[nkuehn]

Given that "handle" is defined as just speeding up what would have happened on a Message at the Message Endpoint anyways the question whether moving to "Handle by transaction" would help depends on what happens on a Transaction-Related Message (e.g. new payment transaction).

[cneijenhuis]

@sesamzoo While Payone may support that scenario, other PSPs don't (e.g. this specific scenario is not supported by Stripe).

We want to ease the implementation for the client/shop and offer an abstraction from the specifics of PSPs. "Handle the oldest transaction in state Pending" will be supported by all PSPs (if the transactions make sense).

That Payone supports Refund before Charge may be a nasty surprise when a shop switches from a Stripe adapter to the Payone adapter.

Therefore, the correct sequence - as specified by CT, not by Payone, and as I have implemented it - is "handle the oldest transaction in state Pending" :wink:

[sesamzoo]

@nkuehn The transaction ID is required for the HTTP endpoint only. The scheduled job would not need to care about the transaction because it doesn't have to notify anyone about which transaction was processed.

[nkuehn]

@cneijenhuis in Credit Card (=Stripe's functional scope) you're right that "only the oldest pending" is enough.

But in Invoice or Cash Advance (Vorkass) it is a real-world process that the merchant e.g. triggers a refund before the money has arrived (i.e. the initial Charge is still Pending when the Refund is triggered because the Invoice has not been paid yet).

There is a related issue with #42 , but there it is an edge case (two capture transactions done in very quick order).

[nkuehn]

@sesamzoo OK, i.e. the design of the mini-API of the service does impact the implementation quite a bit here.

I talked to Christoph today and he agrees that it's okay now for the service to just implement the "NONE" case on its one API (no response body). We also considered dropping the "STATUS" variant in the requirements in favor of "all or nothing".

[sesamzoo]

We finally found the reason why concurrent modification isn't reliably handled, yet.

The following scenario (starting with a payment with a Pending Authorization transaction) leads to incorrect behavior and response status code in case of a handle payment request that interferes with a ScheduledJob run:

Time	Payment Version	TransactionState	Action by ScheduledJob	Action by HTTP endpoint
0	1	Pending	fetch payment	-
1	1	Pending	-	fetch payment
2	1	Pending	try to add interaction request, because no recent interaction response/redirect in payment	-
3	1	Pending	-	try to add interaction request, because no recent interaction response/redirect in payment
4	2	Pending	receive updated payment	-
5	2	Pending	-	receive concurrent modification exception
6	2	Pending	send request to PAYONE	-
7	2	Pending	-	fetch payment again, report status code 200 assuming payment already properly handled concurrently, because version is greater than that of initial fetch result due to adding the interaction request
20	2	Pending	process response APPROVED from PAYONE -> try to add interaction response and change state to Success and set amountPlanned as a bundle of update actions	-
23	4	Pending	-	-
25	5	Success	-	-

If a client (f.i. the Authorization test) fetches the payment (after response status OK for the request to handle it) sometime between

• 7 < t < 23, it will report expected status code (false positive) but unexpected amountPlanned and unexpected transaction state
• 22 < t < 25, it will report expected status code (false positive), expected amountPlanned but unexpected transaction state

Update: I am not sure whether the state at time 23 could actually be fetched by a client. Probably not, according to statements of @cneijenhuis. But the issue remains if the line with time 23 wouldn't exist: If a client fetches the payment (after response status OK for the request to handle it) sometime between 7 < t < 25, it will report/receive expected status code (false positive) but unexpected amountPlanned and unexpected transaction state.

Good news is, that we (believe to) have found a solution that we are implementing right now.

cc @nkuehn @cneijenhuis @fhaertig

[cneijenhuis]

My original implementation: https://github.com/commercetools/commercetools-payone-integration/commit/2a9f760b21c62b3ecaab3aad3e7aa40f077d9632#diff-a684bbe1ce55a8f4dea792d69dd8397aR62 did not return 200 but run the processing again. It also made a difference between the java.util.ConcurrentModificationException and the sphere.sdk.ConcurrentModificationException.

By switching to the SDK CME, you are now returning 200 where before you would have failed/500. Anyway, in 5 the correct action for the HTTP endpoint when receiving the sphere.sdk.ConcurrentModificationException (was not there in my implementation yet) is fetch payment again, run processor again. Then 7 would have thrown what was the java.util.ConcurrentModificationException, and the HTTP endpoint would have looped until either the timeout was over or the payment was finalized (was there in my implementation).

[sesamzoo]

@cneijenhuis ok, your intend was to process again, but the ResultProcessor was supposed to just extract the response status code from the handled payment, i.e. your solution also had the same problem (because the result processor simply returned 200 by default). The dispatcher has to be invoked again.

What was the reason to mix java.util's and the SDK's ConcurrentModificationException?

Returning 500 in case the SDK reports another concurrent modification while the dispatcher tries to process the payment (again), doesn't feel right.

For the ResultProcessor which would just have checked the latest payment version whether the transaction (which exactly? would be the question, again) was handled that would probably have been reasonable. But we skipped the ResultProcessor due to extra effort to

• either propagate handled transaction(s) to IntegrationService or
• find the transaction(s) of interest when processing a handled request in a payment

We (lacking the ResultProcessor, anyway) think that re-invoking the PaymentDispatcher is the solution. The logic to find out which (if any) transaction shall be handled is already implemented there. I know you suggested to let the *Executor classes also implement the ResultProcessor interface, but the extra information/logic that would have been required to find the transaction of interest is already there in the PaymentDispatcher.

cc @fhaertig

[sesamzoo]

@cneijenhuis we switched back to throw/catch java.util.CME because the SDK-CME seems to make more sense when thrown with the respective HTTP request/response.

If a SDK-CME is thrown during payment dispatching/handling, it will be wrapped in a java.util.CME so that another dispatch attempt is possible.

[cneijenhuis]

Ok, https://github.com/commercetools/commercetools-payone-integration/commit/b7d578d4f0a3c48d8fda6660a36d22ac5479b79a LGTM.

What was the reason to mix java.util's and the SDK's ConcurrentModificationException?

Because it's a different type of error, the SDKs exception is specific for failing updates (which is not what happened). Using java.util.CME is probably not fitting here as well, I just used it for my prototype as it was somewhat related... It's probably better to use a domain specific exception.

[sesamzoo]

I guess, meanwhile we got to the same conclusion. step 1 was to not misuse the SDK-CME and finally we should replace the java.util.CME as well. and either introduce a third option to choose when looking up ConcurrentModificationException or find a different name that says the same...

(When I was just replacing the import and could still use the default constructor I thought that it would be ok. After having a look at the SDK's exception implementations, we decided to switch back.)