SimplCommerce icon indicating copy to clipboard operation
SimplCommerce copied to clipboard

Published 20 hours ago verified publisher icon simplcommerce

Contribution of new Stripe module supporting Apple Pay, Google Pay, SCA (incl. 3D Secure)

Open fhebel opened this issue 4 years ago • 15 comments

Ciao ragazzi,

for my own purposes I had to develop a new Stripe module, which supported SCA (Strong Customer Authentication) because of the European Union PSD2 (Payments Service Directive 2). The new module is based on PaymentIntent and as a nice add-on it comes with Apple Pay and Google Pay.

Is there any interest in the new module and if so, should it replace the old Stripe module or should it be an entirely new module?

I'm looking forward to receiving your comments.

Tanti saluti

Florian

fhebel avatar Jun 10 '20 07:06 fhebel

A new module for Stripe is preferred. Really looking forward to your PR

thiennn avatar Jun 10 '20 08:06 thiennn

@thiennn Any suggestions for the name?

fhebel avatar Jun 10 '20 08:06 fhebel

SimplCommerce.Module.PaymentStripeV2 ?

thiennn avatar Jun 10 '20 08:06 thiennn

SimpleCommerce.Module.PaymentStripeRev

tavershimafx avatar Jul 12 '20 17:07 tavershimafx

Short update on this issue: The module will be called SimplCommerce.Module.PaymentStripeV2 as suggested by thienn. In the meantime I added already the persistence layer for the stripe session-ids. The only part still missing is the PaymentBackgroundService, which will finalize the payment, if the call-back is not triggered by the user's browser.

Hopefully I will have some time these days to finish the development ...

fhebel avatar Jul 13 '20 10:07 fhebel

@fhebel Thanks for doing this. I have noticed Stripe are sending out email warnings for using the existing payment module.

horseyhorsey avatar Jul 19 '20 07:07 horseyhorsey

Hi @horseyhorsey,

would you be willing to help me testing the new module once I finished coding? You know, I believe the developer is the worst tester for his own code.

Thanks in advance.

Best regards,

Florian

fhebel avatar Jul 19 '20 09:07 fhebel

@fhebel Yes sure, I would need to test before going live anyway, no problem.

horseyhorsey avatar Jul 19 '20 17:07 horseyhorsey

One issue has still to be solved: for registration of Apple Pay one needs to provide a url like e.g. https://demo.simplcommerce.com/.well-known/apple-developer-merchantid-domain-association (.well-known/apple-developer-merchantid-domain-association in the root path) containing some kind of guid.

Unfortunately the .Net Core PhysicalFileProvider interprets the full stop in ".well-known" as hidden file or directory and doesn't offer it for download.

Advice is welcome!

fhebel avatar Jul 22 '20 20:07 fhebel

@horseyhorsey Ready for testing (#928)

fhebel avatar Jul 22 '20 20:07 fhebel

Sorry, only just caught this message last night. Looks like September 14th is deadline for SCA.

This is too hard for me to test without making work. Spent a good hour or so trying to build it then I decided to roll my own. There are changes to the database and additions I don't the see the point of when already has a payment table that can deal with "Failed attempts".

Personally for me StripeV2 is very much like the module we have but we will create order after payment and cater for some webhook to create the order.

horseyhorsey avatar Jul 29 '20 17:07 horseyhorsey

Hi @horseyhorsey,

actually the deadline for SCA was already on 14th of September 2019 ...

The implementation of the StripeV2 module is totally different because it's based on Stripe.net version 37.8.0 using Sessions and PaymentAttempts.

The need for the additional table comes from the fact that the new process is divided into the following steps:

  1. We create a so-called Session server-side (with call-back urls for success & failure)
  2. The user is redirected to the stripe.com site specifying the Id of the previously created session
  3. If we're lucky we get a call-back to handle the status of the payment

So it's really important to keep track of that session otherwise our customer might have paid and SimplCommerce is not aware and doesn't create an order for the customer. This is the job of the background service.

Regarding the db schema changes it's really easy. If you use mssql then a simple "dotnet ef database update" will do the trick, otherwise you have to issue the command "dotnet ef migrations add AddPaymentAttempts" first.

I hope that helps.

Best regards,

Florian

fhebel avatar Jul 29 '20 18:07 fhebel

Oh, Thought it was this year, better get it finished tonight then! I forgot to point out we're using MySql for the database work I'd have to do.

My implementation is a simple migration using their checkout page and webhooks which developed locally using the new session. I can create the order / payment before the user is directed to the success page

horseyhorsey avatar Jul 29 '20 19:07 horseyhorsey

I voluntarily chose the client-and-server approach (https://github.com/stripe-samples/checkout-one-time-payments) for two reasons:

  • It offers the complete functionality
  • It is less prone to be tampered with (successful checkout without having received the payment)

@horseyhorsey Anyway, you might want to share your solution as well?

fhebel avatar Jul 30 '20 09:07 fhebel

Sorry. We dumped Stripe last night and just use Paypal now.

horseyhorsey avatar Jul 30 '20 14:07 horseyhorsey