-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Strong Customer Authentication using Stripe with PaymentIntent #182
Conversation
Enable via payment.stripe.use_payment_intents
fbb8d6e
to
629566d
Compare
|
||
if intent.Status == stripe.PaymentIntentStatusRequiresAction { | ||
return intent.ID, payments.NewPaymentPendingError(map[string]interface{}{ | ||
"payment_intent_secret": intent.ClientSecret, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So I'd cut this. I think that anything _secret
makes me nervous. Like is it going to leak to the customer? logs? is that ok?
If you cut this then I think that you can also simplify the PaymentPendingError
b/c this is the only place I saw the metadata
field used.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is actually required behaviour for the new Stripe flow to work.
This "secret" is supposed to be passed to the client. It is not being saved to the database with the transaction because I disabled that field using sql:"-"
I'm using the metadata field so the payment provider impl stays generic.
See:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small things but generally I like it.
Fixes #179
- Summary
New payments flow
API docs for updated/new endpoints
POST /orders/:order_id/payments
(updated)Payload:
Response: Transaction object
(state if 3D secure is pending)
POST /payments/:payment_id/confirm
(new)(payment id from previous response)
Payload: none
Response:
- Test plan
TBD
- Description for the changelog
Support Strong Customer Authentication using Stripe with PaymentIntent
- A picture of a cute animal (not mandatory but encouraged)