Fixes to confirmation js

35eadf83 · mattwire · 4d392838 · 35eadf83 · 35eadf83 · 35eadf83
Commit 35eadf83 authored 4 years ago by mattwire
--- a/CRM/Core/Payment/Stripe.php
+++ b/CRM/Core/Payment/Stripe.php
@@ -378,7 +378,9 @@ class CRM_Core_Payment_Stripe extends CRM_Core_Payment {
      'locale' => CRM_Core_I18n::getLocale(),
      'apiVersion' => CRM_Stripe_Check::API_VERSION,
      'csrfToken' => class_exists('\Civi\Firewall\Firewall') ? \Civi\Firewall\Firewall::getCSRFToken() : NULL,
+      'country' => CRM_Core_BAO_Country::defaultContactCountry(),
    ];
+
    \Civi::resources()->addVars(E::SHORT_NAME, $jsVars);
    // Assign to smarty so we can add via Card.tpl for drupal webform because addVars doesn't work in that context
    $form->assign('stripeJSVars', $jsVars);

--- a/CRM/Stripe/AJAX.php
+++ b/CRM/Stripe/AJAX.php
@@ -47,17 +47,21 @@ class CRM_Stripe_AJAX {
    (CRM_Utils_Request::retrieveValue('reset', 'String') === NULL) ?: self::returnInvalid();

    if (class_exists('\Civi\Firewall\Firewall')) {
-      if (!\Civi\Firewall\Firewall::isCSRFTokenValid(CRM_Utils_Request::retrieveValue('csrfToken', 'String'))) {
+      if (!\Civi\Firewall\Firewall::isCSRFTokenValid(CRM_Utils_Request::retrieveValue('csrfToken', 'String') ?? '')) {
        self::returnInvalid();
      }
    }
    $paymentMethodID = CRM_Utils_Request::retrieveValue('payment_method_id', 'String');
    $paymentIntentID = CRM_Utils_Request::retrieveValue('payment_intent_id', 'String');
+    $capture = CRM_Utils_Request::retrieveValue('capture', 'Boolean', FALSE);
    $amount = CRM_Utils_Request::retrieveValue('amount', 'String');
-    if (empty($amount)) {
+    // $capture is normally true if we have already created the intent and just need to get extra
+    //   authentication from the user (eg. on the confirmation page). So we don't need the amount
+    //   in this case.
+    if (empty($amount) && !$capture) {
      self::returnInvalid();
    }
-    $capture = CRM_Utils_Request::retrieveValue('capture', 'Boolean', FALSE);
+
    $title = CRM_Utils_Request::retrieveValue('description', 'String');
    $confirm = TRUE;
    $currency = CRM_Utils_Request::retrieveValue('currency', 'String', CRM_Core_Config::singleton()->defaultCurrency);
@@ -150,7 +154,7 @@ class CRM_Stripe_AJAX {
    }
    else {
      // Invalid status
-      CRM_Utils_JSON::output(['error' => ['message' => 'Invalid PaymentIntent status']]);
+      CRM_Utils_JSON::output(['error' => ['message' => 'Invalid PaymentIntent status: ' . $intent->status]]);
    }
  }


--- a/stripe.php
+++ b/stripe.php
@@ -207,7 +207,11 @@ function stripe_civicrm_buildForm($formName, &$form) {
          'paymentIntentStatus' => $intent->status,
          'paymentIntentMethod' => $intent->confirmation_method,
          'publishableKey' => CRM_Core_Payment_Stripe::getPublicKeyById($form->_paymentProcessor['id']),
+          'locale' => CRM_Core_I18n::getLocale(),
+          'apiVersion' => CRM_Stripe_Check::API_VERSION,
          'jsDebug' => (boolean) \Civi::settings()->get('stripe_jsdebug'),
+          'csrfToken' => class_exists('\Civi\Firewall\Firewall') ? \Civi\Firewall\Firewall::getCSRFToken() : NULL,
+          'country' => CRM_Core_BAO_Country::defaultContactCountry(),
        ];
        \Civi::resources()->addVars(E::SHORT_NAME, $jsVars);
      }