"Synchronize Order Status" - is failing for merchant codes other than the default one in multistore setup

[obsergiu]

The Order Sync process is failing for merchant codes other than the default one. Upon investigation, it has been found that the \Sapient\Worldpay\Model\Request\PaymentServiceRequest::inquiry function in the codebase does not utilize the $storeId parameter though is defined. This leads to incorrect retrieval of usernames and passwords per store scope.

[2024-03-23T07:47:41.971028+00:00] WorldPay.INFO: ########## Submitting order inquiry. OrderCode: (30000000062-17000084623) ########## [] []
[2024-03-23T07:47:41.971093+00:00] WorldPay.INFO: ## Interaction TypeECOM [] []
[2024-03-23T07:47:41.971268+00:00] WorldPay.INFO: Setting destination URL: https://secure.worldpay.com/jsp/merchant/xml/paymentService.jsp [] []
[2024-03-23T07:47:41.971322+00:00] WorldPay.INFO: Initialising request [] []
[2024-03-23T07:47:41.971413+00:00] WorldPay.INFO: Sending XML as: 
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay/DTD WorldPay PaymentService v1//EN" "http://dtd.worldpay.com/paymentService_v1.dtd">
<paymentService merchantCode="EUR" version="1.4">
    <inquiry>
        <orderInquiry orderCode="30000000062-17000084623"/>
    </inquiry>
</paymentService> [] []
[2024-03-23T07:47:42.332781+00:00] WorldPay.INFO: Request successfully sent [] []
[2024-03-23T07:47:42.332862+00:00] WorldPay.INFO: HTTP/2 200 
content-security-policy-report-only: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri https://secure.worldpay.com/public/CspReport
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: No-cache
cache-control: no-store
content-length: 344
p3p: CP="NON"
content-type: text/plain
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cnection: close
date: Sat, 23 Mar 2024 07:47:42 GMT
set-cookie: machine=0a844053;Secure;path=/
strict-transport-security: max-age=31536000 ; includeSubDomains

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN" "http://dtd.worldpay.com/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="GBP">
    <reply>
        <error code="4"><![CDATA[Security violation]]></error>
    </reply>
</paymentService>
 [] []
[2024-03-23T07:47:42.332941+00:00] WorldPay.INFO: Cookie Get: machine=0a053;Secure;path=/ [] []
[2024-03-23T07:47:42.333080+00:00] WorldPay.ERROR: An error occurred while sending the request [] []
[2024-03-23T07:47:42.333143+00:00] WorldPay.ERROR: Error (code 4): Security violation [] []
[2024-03-23T07:47:42.333264+00:00] WorldPay.ERROR: Security violation [] []
[2024-03-23T07:47:42.333321+00:00] WorldPay.ERROR: Synchronising Payment Status failed: Security violation [] []

You can potentially utilize the "Merchant Profile Override Configuration," but it's important to note that there are two issues:

1. You can use only a single merchant code, as the payment method serves as the key and other merchant codes with the same key will overwrite the first one.
2. The payment method designated for HPP is set to online while the currently available methods do not include "online".

Proposed Solution:

• Update the inquiry function to properly utilize the $storeId parameter for retrieving the correct authentication credentials.
• Update the getXmlUsername and getXmlPassword functions within \Sapient\Worldpay\Helper\Data to include the $storeId parameter. This ensures that the functions return credentials at the store scope, facilitating seamless integration with store-specific configurations.