Skip to content
Snippets Groups Projects
Commit 33c99b15 authored by mattwire's avatar mattwire
Browse files

Provide a more helpful reason instead of 'Bad Request' when payment fails due... 

Provide a more helpful reason instead of 'Bad Request' when payment fails due to expired CSRF token from firewall
parent 6569bf0f
No related branches found
No related tags found
1 merge request!176Release 6.7
Hide whitespace changes
Inline Side-by-side
CRM/Stripe/Check.php
+ 1
1
View file @ 33c99b15
...@@ -26,7 +26,7 @@ class CRM_Stripe_Check { ...@@ -26,7 +26,7 @@ class CRM_Stripe_Check {
* @var string * @var string
*/ */
const MIN_VERSION_MJWSHARED = '1.1'; const MIN_VERSION_MJWSHARED = '1.1';
const MIN_VERSION_FIREWALL = '1.2.1'; const MIN_VERSION_FIREWALL = '1.3';
/** /**
* @var array * @var array
......
api/v3/StripePaymentintent.php
+ 12
6
View file @ 33c99b15
...@@ -9,6 +9,7 @@ ...@@ -9,6 +9,7 @@
+--------------------------------------------------------------------+ +--------------------------------------------------------------------+
*/ */
use Civi\Firewall\Firewall;
use CRM_Stripe_ExtensionUtil as E; use CRM_Stripe_ExtensionUtil as E;
/** /**
...@@ -31,8 +32,9 @@ function civicrm_api3_stripe_paymentintent_create($params) { ...@@ -31,8 +32,9 @@ function civicrm_api3_stripe_paymentintent_create($params) {
*/ */
function civicrm_api3_stripe_paymentintent_createorupdate($params) { function civicrm_api3_stripe_paymentintent_createorupdate($params) {
if (class_exists('\Civi\Firewall\Firewall')) { if (class_exists('\Civi\Firewall\Firewall')) {
if (!\Civi\Firewall\Firewall::isCSRFTokenValid(CRM_Utils_Type::validate($params['csrfToken'], 'String'))) { $firewall = new Firewall();
_civicrm_api3_stripe_paymentintent_returnInvalid(); if (!$firewall->checkIsCSRFTokenValid(CRM_Utils_Type::validate($params['csrfToken'], 'String'))) {
_civicrm_api3_stripe_paymentintent_returnInvalid($firewall->getReasonDescription());
} }
} }
if (!empty($params['stripe_intent_id'])) { if (!empty($params['stripe_intent_id'])) {
...@@ -156,8 +158,9 @@ function _civicrm_api3_stripe_paymentintent_process_spec(&$spec) { ...@@ -156,8 +158,9 @@ function _civicrm_api3_stripe_paymentintent_process_spec(&$spec) {
*/ */
function civicrm_api3_stripe_paymentintent_process($params) { function civicrm_api3_stripe_paymentintent_process($params) {
if (class_exists('\Civi\Firewall\Firewall')) { if (class_exists('\Civi\Firewall\Firewall')) {
if (!\Civi\Firewall\Firewall::isCSRFTokenValid(CRM_Utils_Type::validate($params['csrfToken'], 'String'))) { $firewall = new Firewall();
_civicrm_api3_stripe_paymentintent_returnInvalid(); if (!$firewall->checkIsCSRFTokenValid(CRM_Utils_Type::validate($params['csrfToken'], 'String'))) {
_civicrm_api3_stripe_paymentintent_returnInvalid($firewall->getReasonDescription());
} }
} }
$paymentMethodID = CRM_Utils_Type::validate($params['payment_method_id'] ?? '', 'String'); $paymentMethodID = CRM_Utils_Type::validate($params['payment_method_id'] ?? '', 'String');
...@@ -302,7 +305,10 @@ function civicrm_api3_stripe_paymentintent_process($params) { ...@@ -302,7 +305,10 @@ function civicrm_api3_stripe_paymentintent_process($params) {
/** /**
* Passed parameters were invalid * Passed parameters were invalid
*/ */
function _civicrm_api3_stripe_paymentintent_returnInvalid() { function _civicrm_api3_stripe_paymentintent_returnInvalid($message = '') {
http_response_code(400); if (empty($message)) {
$message = E::ts('Bad Request');
}
header("HTTP/1.1 400 {$message}");
exit(1); exit(1);
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment