thephpleague / omnipay-sagepay

Sage Pay driver for the Omnipay PHP payment processing library
MIT License
55 stars 78 forks source link

V4 direct upgrade - Client IP Address missing #187

Closed RicLeP closed 2 years ago

RicLeP commented 2 years ago

After upgrading to version 4.01 I am getting the following error when creating a purchase:

3333 : The ClientIPAddress is missing.

The IP address is being passed to the purchase and I can dump it out at various stages but somewhere it gets lost.

If I dump the Omnipay\SagePay\Message\DirectPurchaseRequest I get and the client IP is missing (just a thought - is it because it’s in test mode?):

#parameters: array:25 [▼
      "vendor" => "xxxxxx"
      "testMode" => true
      "referrerId" => null
      "language" => null
      "useOldBasketFormat" => false
      "exitOnResponse" => false
      "apply3DSecure" => null
      "useAuthenticate" => null
      "accountType" => null
      "billingForShipping" => true
      "amount" => "115.00"
      "currency" => "GBP"
      "card" => Omnipay\Common\CreditCard {#1546 ▶}
      "transactionId" => 817
      "description" => "xxxxx"
      "returnUrl" => "xxxxxx"
      "BrowserJavascriptEnabled" => 1
      "BrowserJavaEnabled" => "false"
      "BrowserColorDepth" => "24"
      "BrowserScreenHeight" => "1200"
      "BrowserScreenWidth" => "1920"
      "BrowserTZ" => "-60"
      "BrowserLanguage" => "en-GB"
      "ThreeDSNotificationURL" => "xxxxxx"
      "ChallengeWindowSize" => "05"
    ]

Here’s my purchase.

$gateway->purchase([
            'amount' => $totalPrice,
            'currency' => 'GBP',
            'card' => $card,
            'transactionId' => $transaction->id,
            'description' => substr($description, 0, 90),

            // If 3D Secure is enabled, then provide a return URL for
            // when the user comes back from 3D Secure authentication.

            'returnUrl' => $returnUrl,

            'ClientIPAddress' => $ip,

            // Version 4 additions
            'BrowserJavascriptEnabled' => 1,
            'BrowserJavaEnabled' => $request->get('javaenabled'),
            'BrowserColorDepth' => $request->get('colordepth'),
            'BrowserScreenHeight' => $request->get('browserscreenheight'),
            'BrowserScreenWidth' => $request->get('browserscreenwidth'),
            'BrowserTZ' => $request->get('browsertz'),
            'BrowserAcceptHeader' => isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : null,
            'BrowserLanguage' => $request->get('browserlanguage'),
            'BrowserUserAgent' => $request->get('browseruseragent'),
            'ThreeDSNotificationURL' => $returnUrl, // is this correct?
            'ChallengeWindowSize' => '05',
        ]);
judgej commented 2 years ago

The error isn't listed on the Opayo help page, unfortunately, so there is no explanation there. This is where it should be listed: https://www.opayo.co.uk/search/all?keyword=ClientIPAddress

I would go with your assumption, and include an IPv4 address with the payment request. It was never mandatory in the past, but the latest 3DS changes a lot of that.

benjam-es commented 2 years ago

Ensure the IP passed is not IPV6

RicLeP commented 2 years ago

My IP is IPV4 - I can see it’s being passed correctly but then vanishes when it reaches Omnipay\SagePay\Message\DirectPurchaseRequest.

I tried hard coding an IP in purchase and the same result happens. I’ve not been able to identify exactly when I loose the IP from the array.

RicLeP commented 2 years ago

Sorry, this was my fault, I was using ClientIPAddress but it should be clientIp:

'ClientIPAddress' => $ip, //// wrong

'clientIp' => $ip, //// correct