K.Danz | Stripe Developers | Page 1

onyx auroraBOT Sep 15, 2023, 1:30 PM

#

gloomy palm Sep 15, 2023, 1:31 PM

#

Hello, tarzan had to step out, can you tell me more about this error?

reef maple Sep 15, 2023, 1:32 PM

#

Here is the original question `i use nuxt-stripe-module and i add to module in nuxt.config.js . Here is code, works on local both 3ds & non-3ds but not on live. const { data } = await this.$services.payment.subscribe(
this.product.id,
this.selectedPaymentMethod!
);

  if (data.client_secret) {
    //require 3d secure
    const result = await this.$stripe!.confirmCardPayment(data.client_secret, {
      payment_method: this.selectedPaymentMethod!,
    });

}` i tried to implement confirmPayment and i still get the same errors in console.

#

sorry here is the original: Hello, i'm still having issue with 3ds modal not showing on my Nuxt 2 app. From this discussion: #dev-help message I added content security policy for stripe.js from here: https://stripe.com/docs/security/guide#content-security-policy and these error messages still appear. Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. and 400 error when POST to https://api.stripe.com/v1/3ds2/authenticate From this address: https://js.stripe.com/v3/three-ds-2-fingerprint...

Integration security guide

Ensure PCI compliance and secure customer-server communications.

gloomy palm Sep 15, 2023, 1:38 PM

#

Can you send a screenshot of that error in the developer console?

#

And is the Payment Element showing up at all or is it not even rendering?

reef maple Sep 15, 2023, 1:39 PM

#

not loading at all. This works on local using test cards but not in live environment i get these errors

gloomy palm Sep 15, 2023, 1:44 PM

#

Gotcha thank you. Not immediately sure what is causing this though I think I have seen it before

#

I will call in a colleague to help with this

#

Ah, wait, are you even showing a Stripe Element here?

#

I reread the code and see you are just passing in a payment method ID

#

Actually taking a step back, can you send me the ID of a payment intent that you saw this error with? We can look in to what happened with the 3DS with it

#

(pi_123)

reef maple Sep 15, 2023, 1:49 PM

#

ok, just a minute. this how 3ds settings in dashboard btw

#

here is one using stripe.confirmCardPayment: pi_3NqYILHdPey4WSeA0zxbeKIH and this is one using stripe.confirmPayment: pi_3Nqbz7HdPey4WSeA0VhuGhkp

gloomy palm Sep 15, 2023, 1:54 PM

#

Ah, it looks like your code is deleting these subscriptions which voids the invoice and invalidates the payment intent

#

Do you potentially have a webhook listener that is making delete calls like this?

reef maple Sep 15, 2023, 1:58 PM

#

No, here is the code on the API

`const expand = ['latest_invoice.payment_intent'];

const subscription = await StripeHelper.createSubscription(
user.customer_id,
price_id,
tmpPaymentMethod,
expand,
);

const latest_invoice = subscription.latest_invoice as Stripe.Invoice;
const payment_intent = latest_invoice.payment_intent as Stripe.PaymentIntent;

if(payment_intent.status === 'requires_action') {
clientSecret = payment_intent.client_secret; //3d secure
}

const { id } = subscription;

await this.SubscriptionModel.create({
subscription_id: id,
user_id: user.id,
});

}

user.type = 'Plus';
await user.save();

return { client_secret: clientSecret };`

And here is the Nuxt app code

`const { data } = await this.$services.payment.subscribe(
this.product.id,
this.selectedPaymentMethod!
);

if (data.client_secret) {
const route = this.$router.resolve('/thankyou');
const returnURL = new URL(route.href, window.location.href).href;
const $this = this;

await this.$stripe!.confirmPayment({clientSecret: data.client_secret,
confirmParams: {
return_url: returnURL,
}
}).then(async function(result) {

if (result.error) {
$this.$snackbar({
type: SnackbarType.Success,
text: $this.$tc('dashboard.paymentFailed'),
});

await $this.$auth.fetchUser();
$this.$emit('paymentFailed');
}
});
}`

gloomy palm Sep 15, 2023, 2:00 PM

#

Interesting, I am seeing your integration make calls to delete these subscriptions shortly after you confirm the intent. For example for pi_3NqYILHdPey4WSeA0zxbeKIH there was a confirm call and then the delete a second later
https://dashboard.stripe.com/logs/req_hsLcF8eFOhatY5
https://dashboard.stripe.com/logs/req_d99vcibnsy6YJY

Stripe Login | Sign in to the Stripe Dashboard

Sign in to the Stripe Dashboard to manage business payments and operations in your account. Manage payments and refunds, respond to disputes and more.

Stripe Login | Sign in to the Stripe Dashboard

Sign in to the Stripe Dashboard to manage business payments and operations in your account. Manage payments and refunds, respond to disputes and more.

#

Can you search your code general for subscription deletion?

reef maple Sep 15, 2023, 2:02 PM

#

isn't the delete because 3ds popup didn't show?

gloomy palm Sep 15, 2023, 2:04 PM

#

Stripe wouldn't do the delete automatically. Does your code automatically delete the subscription when there is a 3DS error?

reef maple Sep 15, 2023, 2:05 PM

#

I'm checking

#

yes, seems to be , this line await cancelSubscription(invoice.subscription.toString()); if the invoice payment failed.

switch (event.type) { case 'invoice.payment_failed': console.log(Event type ${event.type}.`);
const invoice: Stripe.Invoice = event.data.object;

    if (
      invoice.subscription &&
      invoice.subscription !== null &&
      invoice.customer &&
      invoice.customer !== null
    ) {
      const subscriptionRelation = await this.SubscriptionModel.findOne({
        where: { subscription_id: invoice.subscription.toString() },
      });

      if (!subscriptionRelation) {
        console.log('Subscription not found', invoice.subscription.toString());
        break;
      }

      const user = await this.ProfileModel.findOne({
        where: { id: subscriptionRelation.user_id, isDeleted: false },
      });

      if (!user) {
        console.log('User not found', subscriptionRelation.user_id);
        break;
      }

      await cancelSubscription(invoice.subscription.toString());
      await subscriptionRelation.destroy();

      await this.Mailer.subFail(user.email, `${user.first_name} ${user.last_name}`);
      console.log(
        `Event type ${event.type}. Deleted user's (id: ${user.id}) subscription: ${invoice.subscription}`,
      );
    }

    break;`

gloomy palm Sep 15, 2023, 2:12 PM

#

Do you have similar logic for requires_action as well?

#

For debugging purposes would you mind commenting out your handlers for those two events and trying this payment again on your frontend to see if 3DS pops up?

reef maple Sep 15, 2023, 2:14 PM

#

ok, i'll try and back to you

onyx auroraBOT Sep 15, 2023, 2:16 PM

#

reef maple Sep 15, 2023, 2:21 PM

#

it worked!! pi_3NqcrxHdPey4WSeA0ltbPb3A

#

why is the invoice.payment_failed event when doing 3ds?

winter berry Sep 15, 2023, 2:26 PM

#

Hello

#

We send invoice.payment_failed when 3ds is required because we first attempt payment. The bank will get back to us if 3ds is required, so we send an invoice.payment_failed event because the payment did not succeed.

reef maple Sep 15, 2023, 2:30 PM

#

Hi, can you link me to this information in documentation?

winter berry Sep 15, 2023, 2:33 PM

#

I don't know that we explicitly state that

#

But that's just how 3ds works

#

We won't know a payment requires it until we attempt payment

#

Because it's the bank that requests it

#K.Danz