Some gateways want the gateway order_id to be consistent for transactions on the same order

[RyanofWoods]

Issue When a payment gets processed it provides an order-id in the gateway_options to go to the gateway. Because of issue, https://github.com/spree/spree/issues/1998 the sent order-id was changed to be unique for each transaction. For some gateways this is important so multiple transactions against the order do not get rejected as a duplicate. (see issue.)

https://github.com/solidusio/solidus/blob/f4b6de0872e1d2270d17671c7f1632d5bb33ee47/core/app/models/spree/payment/processing.rb#L124-L127

However, for solidus_paypal_braintree this is a problem. Because they offer velocity checks, where for example you can set up a rule to reject the transaction if so many have been made with the same order-id.

We had a problem with credit card attacks and couldn't use this rule because the order-id was different even though the transactions belonged to the same order.

---

Would it be best for gateways/payment methods just to override this param themselves or have a configuration method?

module Spree
  class Payment < Spree::Base
    module Processing
        # The unique identifier to be passed in to the payment gateway
        def gateway_order_id
           if payment_method&.consistent_gateway_order_id?
             order.number
           else
             "#{order.number}-#{number}"
           end
        end
    end
  end
end

module SolidusPaypalBraintree
  class Gateway < ::Spree::PaymentMethod
    def consistent_gateway_order_id?
      true
    end
  end
end

Additional context I am writing this as part of the bigger issue on solidus_paypal_braintree: https://github.com/solidusio/solidus_paypal_braintree/issues/309

[jarednorman]

We could make the gateway order ID logic configurable, or perhaps a more sensible thing could be to delegate to the gateway for it.