omnipay-sagepay icon indicating copy to clipboard operation
omnipay-sagepay copied to clipboard

Published 20 hours ago verified publisher icon thephpleague

Error on completeAuthorize after 3D Secure Auth

Open OccultScientist opened this issue 3 years ago • 7 comments
trafficstars

Hi,

After receiving response from the 3DS Notification, I am running the following code:

$gateway = $this->fetchGateway(); $completeRequest = $gateway->completeAuthorize([ 'transactionId' => $payment->transaction_id ]); $completeResponse = $completeRequest->send(); print "<pre>"; print_r($completeResponse);

and receiving the following message:

[data:protected] => Array ( [VPSProtocol] => 3.00 [Status] => ERROR [StatusDetail] => 3377 : The ACS has provided an Erro message. CReq validation failure. )

I've tried also including a CRes and CReq in the $gateway->completeAuthorize() function with no luck.

Any ideas?

OccultScientist avatar Mar 09 '22 14:03 OccultScientist

For completeness I have also tried:

$completeRequest = $gateway->completeAuthorize([ 'VPSTxId' => $three_ds_session_data, 'CRes' => $cres, ]);

OccultScientist avatar Mar 09 '22 14:03 OccultScientist

Anyone have any clue on this?

The protocol 4 documentation states:

This POST needs to contain the VPSTxId (or MD) and CRes (or PARes).

but as above, it doesn't seem to work and returns a CReq validation error

Not sure if this could be relevant? https://dijitul.uk/payment-gateway-3d-secure-timing-out-huge-issue/#comment-121740

I read somewhere that the {} around the threeDSSessionData could be causing a problem but removing them has no effect.

Bit worried that the deadline for this is the 14th March :(

OccultScientist avatar Mar 10 '22 11:03 OccultScientist

OK, so an update. In the redirect form from my site, I changed the threeDSSessionData to be my own transaction id and now the challenge is displaying correctly.

However,

$completeRequest = $gateway->completeAuthorize([ 'transactionId' => $payment->transaction_id, //original transaction_id e.g. TEST123 ]); $completeResponse = $completeRequest->send();

Gives me the following error:

5083 : VpsTxId provided in callback does not match transaction in CRes

OccultScientist avatar Mar 11 '22 10:03 OccultScientist

I managed to fix this by stripping the parentheses "{}" from the vpsTxId before returning the form.

For completeness the code I ended up using for the threeDSSessionData field on the return form was:

<input type="hidden" name="threeDSSessionData" value="' . str_replace(array("{", "}"), "", $data['threeDSSessionData']) . '" />

The really important part here is: str_replace(array("{", "}"), "", $data['threeDSSessionData'])

I really hope this helps somebody else out!

OccultScientist avatar Mar 11 '22 11:03 OccultScientist

Thank you for taking us through this. Is this the master branch you are working from, or a 3DSv4 branch?

judgej avatar Mar 11 '22 12:03 judgej

Thanks @judgej The master branch

OccultScientist avatar Mar 11 '22 12:03 OccultScientist

Hi, Just had the same problem on v4.0.1

ryssbowh avatar Sep 21 '22 13:09 ryssbowh