#Hels

Could you capture a screenshot?

Yeah one second

https://js.stripe.com/v3/three-ds-2-fingerprint-4a5ca188aba1c4323b8c660b1a891bc8.html#intentId=seti_1MqqngAYpbkd4Lryb8lxZ3s0&locale=en&hosted=false&referrer=https%3A%2F%2Fwateraura.net%2Fitem%2F6c4d1b34959c700afa60cc1bbac3c0d3ec9bf0719c0424060c40fb6a07a4e0f3&controllerId=__privateStripeController0931 That's the link from the error

Do you need anything else @rare flame

hmm is there a specific URL I can look into?

Any Payment Intent Id pi_xxx ?

Let me see

The payment is failing since the 3DS thing is never getting shown

I think my issue is FE not BE

Sorry for the delays

pi_3MqrEfAYpbkd4Lry3JsdrS8A

@rare flame I had to add some logs lol

Hmm I see the Payment Method was confirmed successfully with seti_1MqrDyAYpbkd4LryYwdeXTme via 3DS

meaning your handleNextAction() has been succeeded

but I never was given the pop up?

Can you double check which Id you pass into handleCardAction? The PaymentIntent Id above doesn't seem to be

I think I'm passing in the clientSecret for that not the paymentIntentId

The issue is with the setupIntent not prompting the user the pop up

Let me see if I can send code snippet

yes the clientSecret should start with the Id

like seti_xxx_secret_yyy

or pi_xxx_secret_yyy

So on the backend I do this:

// create the setup intent for the customer
const setupIntent = await stripe.setupIntents.create({
    customer: customer.id,
    payment_method_options: {
        card: {
            request_three_d_secure: "any"
        },
    },
    payment_method_types: ['card'],
});

return {
    clientSecret: setupIntent.client_secret,
    customerId: setupIntent.customer
};

Then on the frontend I do this:

const options = {
  clientSecret,
};

return (
  <Elements stripe={stripePromise} options={options}>
    <StripeCheckoutForm
      onStripeToken={onStripeToken}
      stripeFormRef={stripeFormRef}
      stripeCustomer={stripeCustomer}
    />
  </Elements>
);

When we get a response for the handleActions I do this: (I dropped the whole stripeToken function for context)

const onStripeToken = async (error, stripeToken, stripe, email) => {
  if (error) {
    setPaymentError(error.message);
    dispatch({
      type: "SET_LOADING",
      payload: false,
    });
  } else if (stripeToken.status === "requires_action") {
    const { error: handleNextActionError, setupIntent } =
      await stripe.handleNextAction({
        clientSecret,
      });

    // call self to check if the next action was handled successfully
    await onStripeToken(
      handleNextActionError,
      { ...stripeToken, status: setupIntent.status },
      stripe,
      email
    );
  } else {
    paymentMethod.data.paymentMethodId = stripeToken.id;
    paymentMethod.data.customer = stripeToken.customer;
    proceedWithPayment(paymentMethod, stripe, email);
  }
};

In the last bit of the code, when the handleNextAction is run it's giving me the original error I showed

@rare flame What do ya think

Um it looks fine to me. You see the error on browser console correct? What does it show on the page?

On the page it just continues to the call and proceedWithPayment is run so it'll load then process the payment

Then the error is just red herring and you have the function worked correctly

My concern is that I'm never getting the 3DS pop up and the charge is failing for the payment id that follows. I'm confused why it says that it succeeded for you

Cuz I see this for it

^these are logs from when I printed out the error earlier

for this paymentIntent

https://dashboard.stripe.com/logs/req_UxEM2C5zxzOvpD

That PaymentIntent was created and confirmed on backend and be declined. It has nothing to do with handleCardAction

hmm so MY backend declined it or Stripe BE?

This is my code for the payment intent part and the error response I was getting (which is the StripeCardError)

let paymentIntent;
try {
    paymentIntent = await stripe.paymentIntents.create({
        payment_method: paymentMethodId,
        amount: Math.floor(invoiceObject.amount * 100),
        currency: 'usd',
        off_session: true,
        confirm: true,
        customer,
    });
} catch (error) {
    if (error.type === 'StripeCardError') {
        return new ApolloError(error.message, 'STRIPE_ERROR');
    } else {
        Sentry.captureException(error);
        return new ApolloError(
            'There was an issue processing your payment on our end. Please try again later.',
            'STRIPE_ERROR'
        );
    }
}

I attached screenshot of error response from BE

*Note: If I get rid of the 3DS check requirement it purchases it as expected but otherwise it does not

Stripe declined it from a request directly from your backend, and handleCardAction is a frontend method and is unrelated here

Hmm, is there any way to get more insight into why it declined?

https://dashboard.stripe.com/payments/pi_3MqrEfAYpbkd4Lry3JsdrS8A

Hmm I see

but I was never prompted for 3d_secure which is why I think the issue is that one I sent on the frontend

No I think :is_3d_secure: means this transaction (the PI creation) didn't involve to create 3D Secure. Not sure why you have such a rule, it will block everything is exempted by 3DS off_session like this PI

Is there a rule that will trigger 3d secure instead of just blocking it?

I thought that block rule would trigger 3DS on the frontend and that's why I enabled it

The default rules will do that. The rule above is a custom rule on Dashboard that someone on your account has been put on

I see you have a lot of custom rules

Yeah there are a lot

Is there a way to trigger/force the 3DS to show through the setup intent always?

Yep here: https://stripe.com/docs/payments/3d-secure#manual-three-ds

So I'm doing that here

And this rule should trigger the 3d secure I think?

Ah sorry yeah you are already doing this yes, and the SetupIntent triggered it as expected. But the Payment Intent didn't

The payment intent is charging a saved customer though so I'm not sure I can show it at that point

https://stripe.com/docs/api/payment_intents/confirm#confirm_payment_intent-payment_method_options-card-request_three_d_secure
Have you tried passing in the payment_method_options here?

If off_session is true will that be an issue?

Trying it now anyways

The issue being given is the following now:

This PaymentIntent requires an on-session action. Please get your customer back on session and re-confirm the PaymentIntent with a payment method when the customer is on session.

I'm going to call it a night since it's late but thanks for the help so far and hopefully I can pick this problem up tomrrow and figure it out

I think teh issue is something to do with CSP