Webhook calls fail

[tomdeleu]

We are using Commerce 2.1.13 (Craft 3.3.4.1) with the Mollie plugin(2.1.0.1)

And every order, when we check in Mollie, the webhook calls all fail. (every order, every webhook) Orders are registered in Commerce as paid though, and the transaction tab is populated.

This is on a public facing production server, not a local dev environment.

(But some order numbers go missing, but thats for another issue)

See screenshot on the right: https://cl.ly/6af79facc644

Any thoughts? Is this a bug, or am I doing something wrong?

[bartrylant]

This is an issue I've brought up several times already. No real solution from Pixel&Tonic yet. Maybe the P&T guys could check the Mollie Payments plugin? It had the same issue on first release, however, it was solved by the developer.

[janhenckens]

Hey everyone, I'm the developer Bart mentioned in the comment above. In my plugin the issue was a simple typo on my part so that won't be the problem here.

However, could you have a look at your logs at times when the webhook is happening? Knowing the error Craft is throwing makes this much much easier to debug for the Craft team, as they probably don't have testing setups readily available for each of the payment providers they support.

[bartrylant]

This is in the logs at the time of the first webhook error:

2019-12-05 20:53:22 [-][-][j8dqdqbujifk66g9jlkerfm7jb][error][yii\web\HttpException:400] yii\web\BadRequestHttpException: Unable to verify your data submission. in /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/yiisoft/yii2/web/Controller.php:166
Stack trace:
#0 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/craftcms/cms/src/web/Controller.php(143): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))
#1 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/craftcms/cms/src/controllers/TemplatesController.php(72): craft\web\Controller->beforeAction(Object(yii\base\InlineAction))
#2 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/yiisoft/yii2/base/Controller.php(155): craft\controllers\TemplatesController->beforeAction(Object(yii\base\InlineAction))
#3 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/craftcms/cms/src/web/Controller.php(187): yii\base\Controller->runAction('render', Array)
#4 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/yiisoft/yii2/base/Module.php(528): craft\web\Controller->runAction('render', Array)
#5 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/craftcms/cms/src/web/Application.php(299): yii\base\Module->runAction('templates/rende...', Array)
#6 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/yiisoft/yii2/web/Application.php(103): craft\web\Application->runAction('templates/rende...', Array)
#7 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/craftcms/cms/src/web/Application.php(284): yii\web\Application->handleRequest(Object(craft\web\Request))
#8 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/yiisoft/yii2/base/Application.php(386): craft\web\Application->handleRequest(Object(craft\web\Request))
#9 /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/web/index.php(21): yii\base\Application->run()
#10 {main}
2019-12-05 20:53:22 [-][-][j8dqdqbujifk66g9jlkerfm7jb][info][application] $_GET = [
    'step' => 'done'
    'number' => '72d6ba19495e45880e895e16f636f256'
]

$_POST = []

$_FILES = []

$_COOKIE = []

$_SESSION = [
    'bd62416aa8538ede709019a5e113eea5__flash' => []
    'commerce_cart' => '3f2c72f5c0e79ef680905601f795777c'
    'commerce_customer' => 1225209
]

$_SERVER = [
    'USER' => 'user-xxxxxxxxxxxx'
    'HOME' => '/home/user-xxxxxxxxxxxx'
    'HTTP_USER_AGENT' => 'Mollie.nl HTTP client/1.0'
    'HTTP_ACCEPT_ENCODING' => 'deflate, gzip'
    'HTTP_ACCEPT' => '*/*'
    'HTTP_HOST' => 'www.xxxxxxxxxxxx.nl'
    'REDIRECT_STATUS' => '200'
    'SERVER_NAME' => 'xxxxxxxxxxxx.nl'
    'SERVER_PORT' => '443'
    'SERVER_ADDR' => '136.244.107.129'
    'REMOTE_PORT' => '58304'
    'REMOTE_ADDR' => '87.233.229.27'
    'SERVER_SOFTWARE' => 'nginx/1.17.6'
    'GATEWAY_INTERFACE' => 'CGI/1.1'
    'HTTPS' => 'on'
    'REQUEST_SCHEME' => 'https'
    'SERVER_PROTOCOL' => 'HTTP/1.1'
    'DOCUMENT_URI' => '/index.php'
    'REQUEST_URI' => '/wedstrijdsport/xxxxxxx?step=done&number=72d6ba19495e45880e895e16f636f256'
    'SCRIPT_NAME' => '/index.php'
    'CONTENT_LENGTH' => ''
    'CONTENT_TYPE' => ''
    'REQUEST_METHOD' => 'POST'
    'QUERY_STRING' => 'step=done&number=72d6ba19495e45880e895e16f636f256'
    'DOCUMENT_ROOT' => '/home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/web'
    'SCRIPT_FILENAME' => '/home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/web/index.php'
    'FCGI_ROLE' => 'RESPONDER'
    'PHP_SELF' => '/index.php'
    'REQUEST_TIME_FLOAT' => 1575575602.9138
    'REQUEST_TIME' => 1575575602
    'ENVIRONMENT' => 'production'
    'SECURITY_KEY' => '••••••••••••••••••••••••••••••••'
    'DB_DRIVER' => 'mysql'
    'DB_SERVER' => 'localhost'
    'DB_USER' => 'xxxxxxxxxxxx_db_user'
    'DB_PASSWORD' => '••••••••••••••••••••••••••••••••'
    'DB_DATABASE' => 'xxxxxxxxxxxx_live'
    'DB_SCHEMA' => 'public'
    'DB_TABLE_PREFIX' => ''
    'DB_PORT' => ''
]
2019-12-05 20:57:03 [-][-][9ckh92ga7v3it8bmrjp9auf0kd][error][yii\web\HttpException:503] craft\web\ServiceUnavailableHttpException in /home/user-xxxxxxxxxxxx/webapps/app-xxxxxxxxxxxx-live/vendor/craftcms/cms/src/web/Controller.php:163

[janhenckens]

Mollie's webhook is posting to /index.php?p=actions/commerce/payments/complete-payment&commerceTransactionHash=xxxxxxxxxxxxxxxxxxxxxxxxxxxx.

Just had a look on one of our Commerce sites and I'm seeing the same thing, even thought the controller has CSRF disabled to that function (see here https://github.com/craftcms/commerce/blob/develop/src/controllers/PaymentsController.php#L41).

I'll try to investigate a bit further.

[janhenckens]

@bartrylant What version of craftcms/commerce do you have installed on the site that is having this issue?

[bartrylant]

Craft 3.3.17 Craft Commerce 2.2.8

[nfourtythree]

Hey all

Thank you for bringing this to our attention. On the face of it, it appears to be an issue with the URLs being used for webhooks/complete payments.

We will investigate this and look to get a solution out as soon as we can.

Thanks

[janhenckens]

@nfourtythree I have a couple of installs hooked up to Mollie's test payment system if you need someone to help test things, feel free to ping me!

[nfourtythree]

Thanks @janhenckens will let you know if I need to take you up on that!

[tomdeleu]

Any progress on this one?

[nfourtythree]

Hi all

I have pushed an update for this and it would be great if we could get some feedback on if this resolves the issues.

You can include the update in your project by updating your composer.json with the following and running composer update.

"require": {
  "craftcms/commerce-mollie": "dev-master#659339fa1eaa671584ff23f6373b065bbc4afb3d as 2.1.0.1",
  "...": "..."
}

If everything looks ok I can get a release out and you will be able to update as normal.

Thanks for the input!

[lukeholder]

@tomdeleu @janhenckens @bartrylant Can anyone confirm the above fixes the issue before we cut a release?

[tomdeleu]

@lukeholder @nfourtythree I'm sorry. Didn't have the time yet. Hectic week due to illness of a colleague.

I'll look into it and try out on a site this weekend!

[bartrylant]

When I try to install through composer I get

The requested package craftcms/commerce-mollie dev-mastes#659339fa1eaa671584ff23f6373b065bbc4afb3d as 2.1.0.1 exists as craftcms/commerce-mollie[1.0.0, 1.0.0.1, 1.1.0, 1.1.1, 2.0.0, 2.0.1, 2.1.0, 2.1.0.1, dev-master] but these are rejected by your constraint.

[nfourtythree]

Hi @bartrylant

My apologies there was a typo in my comment, have updated it now. It should have been:

"require": {
  "craftcms/commerce-mollie": "dev-master#659339fa1eaa671584ff23f6373b065bbc4afb3d as 2.1.0.1",
  "...": "..."
}```

Thanks!

[bartrylant]

@lukeholder @nfourtythree I tested it and can confirm it now works as it should work.

[tomdeleu]

Just tested it, and I can also confirm the issue is fixed with this version.

Is this version safe to use in production while waiting for release?

[nfourtythree]

Hi All,

Have just cut a 2.1.1 release for the plugin.

You should be able to go ahead and update as normal.

Thanks!