Summary is failure to complete payments with 'PayPal Standard' from woocommerce wordpress site. CORS error shows on paypal sign-in page from checkout and createPayment error appears after clicking 'pay now' using all payment methods, cards, stored balance etc. Paypal said they have not blocked anything their side and it all works fine in sandbox mode.
I started with paypal for woocommerce plugin and then Angelleye's plugin for using Paypal Express checkout, those both gave the same error 10417 after clicking pay now which basically says there is no usable funding source for the account try a different payment method. This same error happens for positive paypal balance as well as debit/credit cards. The personal payer account is well established and works fine elsewhere. Both work in sandbox mode.
So I downgraded to PayPal Standard to pass more onto paypal (also works fine in sandbox). When I click proceed to PayPal on checkout I get this appear in Chrome and Edge browsers when landing on the sign in page:
hermes?country.x=AE&…useraction=commit:1 Access to XMLHttpRequest at 'https://www.paypalobjects.com/js/xo/hermes/1.9.0/framework-code-split.js' from origin 'https://www.paypal.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed.
If I click on the hermes? link the red cross in console is on the first line !DOCTYPE html
Proceeding to login ok, selecting a payment method and pressing 'pay now' I then get the following error shown in the console and the paypal page just refreshes once to the same paynow button state, ie unchanged
xhr-ads.min.js:formatted:703 POST https://www.paypal.com/webapps/hermes/api/checkout/82T95103LS393105S/session/createPayment 400
Clicking the xhr link the red cross for failed to load resource is on the line beginning n.send:
c.send = function() {
!c.xRequestWithHeaderSet && c.isPayPalRequest &&
c.setRequestHeader("X-Requested-With", "XMLHttpRequest"),
n.send.apply(n, arguments),
c.xRequestWithHeaderSet = !1
Clicking on the https link in the error highlights createPayment as the xhr problem in red which shows:
{ack: "contingency", contingency: "PAYER_CANNOT_PAY", errorData: {}, meta:
{calc: "3791667e34426",…},…}
ack: "contingency"
contingency: "PAYER_CANNOT_PAY"
errorData: {}
Pay pal say they have no issue with the payments attempted and have not blocked anything on the buyer account and the fact I get the same result on a positive preloaded balance payment as I do for cards that must rule out the banks having an issue, authorisation also seemingly returns success in the xhr list before createPayment error. They just said try a different device.
Have been trying to solve this for a couple of weeks and could really do with some help. I have asked merchant technical support but it's hit and miss on whether ever hear back from paypal support.
Is the first CORS error related to the payment failure do you think? Thanks
Edit note: Someone posted similar 2 days ago here https://github.com/paypal/paypal-checkout-components/issues/1070
Related
I have been trying to implement the OAuth v2 for Microsoft Accounts for my website. Its currently in development stage and so am testing on localhost. The Website is an ASP.NET Core MVC 5 Application.
I have followed the tutorial here to implement OAuth for Twitter, Google and Facebook accounts. I found this to be quite simple with only a few small issues that I was able to solve with simple google searches.
However I have spent several days trying to understand what is happening when trying to use Microsoft Account authentication on my site.
I have watched the video here on registering an application in the Microsoft App Registration Portal. At around minute 6 in the video a short demo shows how to set up the App. You can see my App details in the following screen shot:
In the video at about 7.5 mins in, there is a small section explaining how to test the App by building a URL string.
On submitting the query string to the browser the page is redirected as expected to my App page as you can see here:
In this instance I was all ready signed into my Microsoft Outlook account. If I wasn't signed in I would be prompted to login to a Microsoft account. Logging in, in this case choosing my already signed in Outlook account causes the page to be redirected back to my site as seen in the following screen shot but because the site didn't send the request its not expecting a token sent back for login so nothing really happens. This is expected behaviour, at this point as I was only testing that the Apps end point was working as expected.
[
The next stage is to test the functionality from my website. This is where I always have issues. To activate the OAuth functionality for Microsoft Account login requires simply un-commenting a couple of lines of code within the Startup.Auth.cs file in my websites App_Start folder and passing in the Apps ClientKey and ClientSecret values as can bee seen in the following code snippet:
app.UseMicrosoftAccountAuthentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientID"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientSecret"]);
This code basically adds a little button to the login page that allows you to choose Microsoft login as can be seen here:
[
When I click the Microsoft button I get the following error page:
And the query string returned contains the following:
https://login.live.com/err.srf?lc=2057#error=unauthorized_client&error_description=The+client+does+not+exist.+If+you+are+the+application+developer%2c+configure+a+new+application+through+the+application+management+site+at+https://apps.dev.microsoft.com/.&state=JMxMRuKaOiYWCQw_Uqkhv3gLQn3ULlkG2miM4ymcHhTK5niXVQl5n4L0a6VoWeEKmFM7T1ciU2oQAh26_Y0i2DMjdt6BOAtpjNeMaSpBq4wbCjva9lOuctOUIWwoFdTEGvxJ4M904lUsoudd9e9cYi6eiH3JF81HB5ouQSus2ddE1sVUQLw-YB1GjUL79y2muFaBFIOIOk75oCV2IxX4cFO2rJU04K9Se6gxu698WpzR8taUB2c6tK9u0dBisckhavf0IvKB9dWQq-IVwQgvaA
Anybody know why or what is happening????
Now I have read in several of my many searches while trying to understand whats happening when I try to test the App from my site rather than a URL directly in the browser that I should have
/signin-microsoft
appended to my Redirect URL in the App Portals configuration. I have Tested with my Redirect URL set like that and this does not work. I get a HTTP ERROR 500 sent back because the page signin-microsoft does not exist. So this is not my problem.
Please help if anyone has had the same issues and solved it.
EDIT: I should have mentioned that I was initially trying this using Local IISExpress but after reading some posts saying it can be done only on IIS so I published my site locally to IIS.
I am working on integrating CITRUS payment in IOS.I am almost done with the integration and also able to make payment successfully.
But I am facing one issue here and that is when I am calling the citrus page I load's the current page with my order but it look's page with some HTML tag's, please see the image :
And on this page when I click on SUBMIT button then my order get's completed successfully.
So if anybody have faced the same issue and knows any solution for this please help.
This is not an error. It is the test page showing that you need to host the page where response comes. So once you switch to the production keys, this won't be a problem.
In India, RBI (Reserver Bank of India) Mandates that all card payments should go through two-factor authentication.This means the payer will be redirected to an ACS ( Access Control Server) Page where the payer is expected to enter an OTP/Password/ ATM Pin as the case may be.
Citrus Payments have simulated a test ACS Page in their sandbox environment which is shown in the screenshot you attached with the question.
Once you click submit button on this page, you will be redirected to a "return URL" passed in the incoming request.You are required to validate the response send by Citrus once the request arrives on this URL and display the same to the customer.
I'm trying to integrate Instagram login into my app to get the logged in user's details, I've registered my app on Instagram and got my client ID, then I added a new URL Type in the project settings with the identifier: igxxxx (where xxxx is my client id), i've also set the redirect URI to be (xxxx://authorize), once I successfully log in (using a webView) Instagram displays a white blank page with (400 Bad Request) text written on top, however, when I change the redirect URI to anything else, it opens without problems after a successful login.
how can I redirect the user to the app after he logs in with Instagram.
p.s. I use this library to ease up things.
thanks in advance.
Here's what I have found so far. I have been able to resolve the issue to get the app to work on the iPhone. However, this solution doesn't allow me to submit the app on the app store as you will read ahead. I have submitted a bug with instagram, not sure how long they will take.
I would suggest everyone go to this link and "Report Issue":
https://www.instagram.com/developer/clients/manage/
I have had an app in app store for couple months without problems.
However, since June 19, all the users trying to authenticate get a white page with "400 Bad Request" after they login with their IG account.
The issue is very common as you will see on this stack overflow page:
Instagram API prevents redirection to iOS app upon successful login with 400 bad request error
And google shows the same issue with many users since June 19.
I have figured out that the old redirect URI which we were using:
myappname://
is the issue.
If we change this redirect URI to:
http://myappname
or
https://myappname
This all starts working fine and we get the access token.
However as per RFC1738, this is not a valid format for URL schemes which is used in iOS development.
So we get error when submitting our apps to app store:
ERROR ITMS-90158: "The following URL schemes found in your app are not in the correct format: [https: //myappname]. URL schemes need to begin with an alphabetic character, and be comprised of alphanumeric characters, the period, the hyphen or the plus sign only. Please see RFC1738 for more detail."
ERROR ITMS-90158: "The following URL schemes found in your app are not in the correct format: [https: //myappname]. URL schemes need to begin with an alphabetic character, and be comprised of alphanumeric characters, the period, the hyphen or the plus sign only. Please see RFC1738 for more detail."
So we can't submit to app store with this solution.
So unless instagram does something to fix this back to how it used to be, we are stuck :(
I have been trying to integrate PayPal payment with a test application I am developing. If successful, I am thinking of leveraging this on my other projects.
So far, I have been able to add the plugin, configure it for Test environment and able to complete a transaction end to end. However, I have a small issue that I want some help or clarification about. Please follow the series of images below for more details:
Button on merchant application (grails application)
Payment page on PayPal test site
Here is the paypal confirmation page for transaction:
After making the payment above, I got a successful message on paypal test site. But when I check the logs and database, there is no notification sent to the grails application at this stage. The payment transaction is still in PENDING state:
Now, when I click on the "Return to merchant" link on the paypal confirmation page, then I redirected to my grails application with a SUCCESS message:
So, the PayPal "SUCCESS" response is sent to the grails/merchant application only after the user hits that link "Return to merchant site". In real life, the users might not want to return to the merchant site everytime. Seeing the confirmation message on PayPal site, they might assume that the transaction is done and may be PayPal does the payment too. But, how do we let the merchant site i.e the grails application know that the PayPal has already shown the user a confirmation message? So that, the user doesn't have to return to merchant site after seeing the Successful message?
UPDATE:
I have tried the IPN simulator upon your advice. I am not quite sure and able to understand how I can send an IPN message to my localhost application. When I tried giving my localhost or 127.0.0.1 on the IPN simulator configuration on my sandbox account, it throws error saying unable to reach the server. I am sure many developers must have tried this using local development machine, but unable to find any resource which gives the steps to use IPN simulator or IPN sandbox response for a localhost development instancE.
You cannot rely on PDT
you have to use IPN
where PayPal send a notification to a page on your website where you have to authenticate, verify several possible issues and save the transaction details
See here fore more info
IPN
Not sure if it written at that link, but you have also to enable such function from your Paypal account indicating the target page on your website.
I'm using the Paypal Classic API via Sandbox as shown in Railscast 143 in Rails 4x and Ruby 2x deployed on Heroku.
The User should be able to add purchases to a cart, and upon clicking a button is routed to Paypal to complete the transaction. Once the purchase is completed, a payment notification is sent to the notification_url, and then the browser is redirected to the return_url, which is the same page the user was on before. I'm using Railscasts' SSL to encrypt.
Everything works except the return URL.
I've noticed that for any new browser in a new computer, after the purchase is completed on Paypal, the browser does not return to the proper URL. However, once I manually go back to the last page on my site and refresh, showing the purchase has been made properly, I can go through the process again to buy another item, and the return url works. The 2nd time around, the Paypal window looks a bit different, because it remembers the user from the last transaction.
Even if I clear cookies and all history for a browser, Paypal will still remember and the method will succeed.
When I look at my logs, I see that the difference between success and failure is that in the success, there is a POST method being sent to my return URL, which is Projects/purchase.
In the failed version, there is a GET method being sent to the return URL, which is wrong.
Here is the log of a success: https://gist.github.com/allenwlee/1f51a4dac884ba25ba5f
Here is the log of a failure: https://gist.github.com/allenwlee/dff86f7de2f16951f512
Here's all my relevant code: https://gist.github.com/allenwlee/9e24ae7384a0f5e9bff2