Because of a change in magento 2.3, all post requests need a Csrftoken.
Updated the exchange controller to override this behaviour.
- Fallback to default if paymentOptionId setting is empty
- Redirecting back to cart when no order is found in session or no payment is linked to the order
- Added new payment method Alipay