-
Notifications
You must be signed in to change notification settings - Fork 142
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Token not invalidated when using a ReplyInterface #529
Comments
That is expected behavior. When a gateway uses the If the token is invalidated, when the user returns from the payment gateway, the token won't be valid anymore and the payment won't be able to complete. So in the case where you use a |
The fact is, when you generate a capture token you will generate two tokens, one will be used for the
What if the Let me know if I'm clear enough @pierredup 😉 |
I just double-checked in both a Symfony application, and standard setup, and in both cases, the tokens get removed as expected. I tested with Stripe, and Paypal REST. In the case with stripe, after completing the payment, the capture page loads again, but this time it finalizes the payment and doesn't throw any exception that causes a redirect. In this case, the capture token is invalidated. @Prometee Do you have any custom actions that execute? Can you perhaps share some details of what your controller action looks like? |
@pierredup the old I made a completely different gateway here : flux-se/payum-stripe using Stripe Checkout Session instead of legacy Stripe Charge. You will found that I'm using the after url instead of the target url to avoid repeating a capture action : https://github.com/FLUX-SE/PayumStripe/blob/master/src/Action/StripeCheckoutSession/CaptureAction.php#L20 |
@pierredup am I wrong using the capture token |
Writing some Behat tests for a Stripe gateway, I found that each generated capture tokens were never been invalidated.
Reading the documentation of
payum/payum
aboutcapture.php
and howpayum/payum-bundle
is handling a capture : https://github.com/Payum/PayumBundle/blob/master/Controller/CaptureController.php#L42-L44It appears that if a gateway is using a
ReplyInterface
then the invalidation of the capture token is not made.Is it a mistake or something wanted ?
The text was updated successfully, but these errors were encountered: