Page 1 of 1
Redirect loop with payment forms to payment.url-self
Posted: 08 May 2017, 20:58
by pdanzinger
I'm using aimeos 2017.04 (with current composer patches, e.h. client-html 2017.04.6) with TYPO3 7.6.
My aim is to create a custom payment provider that displays a payment form after the customer clicks on "buy now" on the summary page. The form should then be processed by the payment provider and sent to an external API.
I'm displaying the form like this:
Code: Select all
public function process(\Aimeos\MShop\Order\Item\Iface $order, array $params = [])
{
$payconfig = [
'someInput' => [
'code' => 'someInput',
'internalcode' => 'someInput',
'label' => 'Stripe Token',
'type' => 'string',
'internaltype' => 'string',
'default' => '',
'required' => true,
'public' => true,
],
];
foreach( $payconfig as $key => $config ) {
$attr[$key] = new \Aimeos\MW\Criteria\Attribute\Standard( $config );
}
return new \Aimeos\MShop\Common\Item\Helper\Form\Standard($this->getConfigValue('payment.url-self'), 'POST', $attr, false);
}
The problem is, once the form is filled out, the customer is redirected to [checkout-page]/co/process/?ai
Code: Select all
=Provider&ai[orderid]=42 and the form seems to be discarded. The page says "You will now be forwarded to the next step" and contains a form without an action, so the "Proceed"-button just refreshes the page.
The same happens when I try the Stripe gateway from ai-payments.
After the form is sent, the cs_order parameter is empty, causing Aimeos\Client\Html\Checkout\Standard\Process\Standard::process() to exit right away. Is this desired behavior, or am I missing something?
Re: Redirect loop with payment forms to payment.url-self
Posted: 09 May 2017, 09:10
by aimeos
Did you try the Stripe service provider in the ai-payments extension?
https://aimeos.org/docs/User_Manual/Adm ... ist#Stripe
Re: Redirect loop with payment forms to payment.url-self
Posted: 09 May 2017, 09:15
by pdanzinger
Yes, that was the one I was referring to at the end. It results in a redirect loop too (and as far as I can see it sends credit card information to the shop server, which would complicate PCI compliance).
Re: Redirect loop with payment forms to payment.url-self
Posted: 09 May 2017, 09:49
by pdanzinger
I just reproduced it with a blank setup:
- Windows 7, php 7.0.8
- Download TYPO3 8 LTS (aimeos distribution installation throws an error on 7.6)
- Install aimeos distribution 2017.04 and aimeos payments (16.10, but whatever) from TER
- Add stripe payment:
- Create order and fill in payment info: [host]/index.php?id=11&ai[controller]=Checkout&ai[action]=index&ai[c_step]=process
- Click on "Pay now", enter redirect loop: [host]/index.php?id=11&ai[controller]=Checkout&ai[action]=index&ai
Code: Select all
=Stripe&ai[orderid]=2&ai[c_step]=process [img]https://i.imgur.com/U61dNZl.png[/img]
Re: Redirect loop with payment forms to payment.url-self
Posted: 10 May 2017, 08:47
by aimeos
Seems like the URL is empty and therefore it stays on the "process" page while the JS for that page posts the form over and over.
Can you add a few debug statements to
-
https://github.com/aimeoscom/ai-payment ... y.php#L820 (why the URL is empty)
-
https://github.com/aimeoscom/ai-payment ... y.php#L651 (if the URLs are available in principle)
Re: Redirect loop with payment forms to payment.url-self
Posted: 10 May 2017, 11:23
by pdanzinger
OmniPay::processOrder() is never called.
When the form is displayed, process() calls getPaymentForm() instead of processOrder(). When the payment form is submitted, the payment provider isn't called at all.
If my understanding is correct, OmniPay::process() should be called that way:
https://github.com/aimeos/ai-client-htm ... d.php#L279
https://github.com/aimeos/ai-client-htm ... d.php#L346
https://github.com/aimeos/ai-controller ... d.php#L112
When the form is submitted, none of these methods are called. Instead the html client exists prematurely at because the param 'cs_order' is empty.
https://github.com/aimeos/ai-client-htm ... d.php#L261
This is how it looks in the debugger:
Re: Redirect loop with payment forms to payment.url-self
Posted: 10 May 2017, 11:32
by pdanzinger
"Faking" the cs_order parameter seems to fix it, so that's probably the issue.
It seems to work fine when I replace
Code: Select all
'payment.url-self' => $this->getUrlSelf( $view, $args + array( 'c_step' => 'process' ), [] ),
with
Code: Select all
'payment.url-self' => $this->getUrlSelf( $view, $args + array( 'c_step' => 'process' ) + array('cs_order' => 1), [] ),
in
https://github.com/aimeos/ai-client-htm ... d.php#L333
Re: Redirect loop with payment forms to payment.url-self
Posted: 11 May 2017, 07:39
by aimeos
Thank you for debugging! That seems to be a side effect of merging the order and process step together in the last version.
Yes, adding the cs_order parameter should fix the problem but a second record in mshop_order is created as far as I can see. We have to find a way to avoid this.
Re: Redirect loop with payment forms to payment.url-self
Posted: 11 May 2017, 10:41
by pdanzinger
Yeah, that's right. The problem is, I'm not really sure how it is supposed to work.
As far as I can tell, the additional order is generated in
https://github.com/aimeos/ai-client-htm ... d.php#L273. But the only call to the process method of the payment provider seems to be a few lines below at
https://github.com/aimeos/ai-client-htm ... d.php#L273.
The only way to solve this I can currently think of is to add a hidden input to
https://github.com/aimeos/ai-client-htm ... efault.php and then add functionality to the Checkout\Standard\Process\Standard component to process the payment provider without storing the basket in the database, trying to create a new account, etc..
For example, this works fine for me, but I don't know if it breaks anything else (also github seems to have messed up the indents a bit):
https://github.com/pdanzinger/ai-client ... ba62fca4a7
https://github.com/pdanzinger/ai-client ... 53e6435b9f
Re: Redirect loop with payment forms to payment.url-self
Posted: 11 May 2017, 10:51
by aimeos
I think so too. If you rename the new parameter to "cp_payment" to be consistent and fix the formatting (no spaces, only tabs), we will be glad to merge your PR
