#Mathieu Ducrot-confirm-setup

Hey! You want to force a failure for confirmSetup? Is that right?

Are you not able to force a failure in the auth/3DS prompt?

Which test card are you currently using?

I had been using the one from this guide https://stripe.com/docs/payments/save-and-reuse?platform=web#web-test-the-integration

So 4000 0027 6000 3184 (with auth/3ds prompt) if i click on fail authentication i stay on setup page and payment element display the error.
And with 4000 0000 0000 9995 i got the same behavior with the "insufficient funds" error message.

The question is with this JS on my page :

// just the same as the documentation
const form = document.getElementById('payment-form');

form.addEventListener('submit', async (event) => {
  event.preventDefault();

  const {error} = await stripe.confirmSetup({
    //`Elements` instance that was used to create the Payment Element
    elements,
    confirmParams: {
      return_url: 'https://my-site.com/account/payments/setup-complete',
    }
  });

  if (error) {
    // This point will only be reached if there is an immediate error when
    // confirming the payment. Show error to your customer (e.g., payment
    // details incomplete)
    const messageContainer = document.querySelector('#error-message');
    messageContainer.textContent = error.message;
  } else {
    // Your customer will be redirected to your `return_url`. For some payment
    // methods like iDEAL, your customer will be redirected to an intermediate
    // site first to authorize the payment, then redirected to the `return_url`.
  }
});

Is there some test card that will pass the confirmSetup (so the last else case provocing redirection to the return_url) that will lead to that page with a redirect_status different that "succeeded" ?

I'm asking this because it's not that mention here but it's really about the redirect_status available values (and not about the setupIntent.status) ?

redirect_status? Where is that from?

It is a url query param that is passed to the targetted return_url. I've been searching back this param in the doc but can't find it.
We are using the stripe-php lib

My "guess" is that this has always the value "succeeded" has it's been indeed redirected

But just to be sure i came here to ask about that

to clarify we are using stripe-php for our backend, but it is stripe.js that call confirmSetup which when the form pass submission redirect to return_url

does that makes sens to you ?

ynoj had to step out, checking in to this

It looks like the status can also be fail, I am having trouble finding exactly what causes it though

So the main question is if you will ever see fail in the code above?

The code above was to clarify what is our js code that payment element trigger when submitting but the question is about the redirect_status value.
And so can it have this fail status ?
If yes what should i do on my end to replicate and test this behavior on the redirect to have it cover for our custom integration ?

It looks like this may be more from a payment failing for payment methods that require a redirect

Looking in to how this may be achieved, or if it is different than other payment failures

Will try to reproduce, but it looks like status of a redirect to authorize payment methods that need it. It seems like an auth failure should return failed

It seems like in client side scenarios with failed will be covered by checking the setup_intent's status itself.

Yeah client side stripe.js happen catch a good amount of them, maybe there is one test case that pass client side but failed at backend stage during redirection to return_url

I'm gonna do a complete test on my side about strong authentication. Which doc is the best place to start testing this with all scenario for card and SEPA debit ?

We have test account numbers by country here https://stripe.com/docs/testing#sepa-direct-debit

ok thanks

do you have also any good doc recommendation for 3dsecure ?

For testing 3DSecure?

does testing this https://stripe.com/docs/testing#three-ds-cards is enough or is there some best practice describe somewhere else that i need to check ?

Yes that is enough to test that your integration reacts properly

ok thanks again !