Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-3480

Authorize.net - Look into removing authorize option so that an authcapture occurs instead of authorize and then capture

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.7.0
    • Fix Version/s: 4.9.0
    • Component/s: Gateways
    • Labels:
      None

      Description

      In Blesta 4.7 we added Stripe 3DS which uses an authorize and then capture. Since authorize.net implements an authorize method, it's called first now but this can be problematic when a client does not proceed to do a capture and the authorized charge sits on the account as a pending transaction.

      We might want to do an authorize before capture in the future when an order is approved. But for now we should consider removing or disabling the feature for authorize.net.

      This might be best as a setting that determines whether to do authorize before capture where available. If it's a setting we would make the change to the core, and it would impact all merchant gateways that support authorize. This might be a problem for Stripe Payments though that must use the method though.

        Activity

        admin Paul Phillips created issue -
        tyson Tyson Phillips (Inactive) made changes -
        Field Original Value New Value
        Rank Ranked higher
        admin Paul Phillips made changes -
        Description In Blesta 4.7 we added Stripe 3DS which uses an authorize and then capture. Since authorize.net implements an authorize method, it's called first now but this can be problematic when a client does not proceed to do a capture and the authorized charge sits on the account as a pending transaction.

        We might want to do an authorize before capture in the future when an order is approved. But for now we should consider removing or disabling the feature for authorize.net.
        In Blesta 4.7 we added Stripe 3DS which uses an authorize and then capture. Since authorize.net implements an authorize method, it's called first now but this can be problematic when a client does not proceed to do a capture and the authorized charge sits on the account as a pending transaction.

        We might want to do an authorize before capture in the future when an order is approved. But for now we should consider removing or disabling the feature for authorize.net.

        *This might be best as a setting that determines whether to do authorize before capture where available. If it's a setting we would make the change to the core, and it would impact all merchant gateways that support authorize. This might be a problem for Stripe Payments though that must use the method though.*
        jonathan Jonathan Reissmueller made changes -
        Security Private [ 10000 ]
        jonathan Jonathan Reissmueller made changes -
        Sprint 4.10.0 Sprint 1 [ 105 ]
        jonathan Jonathan Reissmueller made changes -
        Rank Ranked lower
        jonathan Jonathan Reissmueller made changes -
        Assignee Abdy Franco [ abdy ]
        jonathan Jonathan Reissmueller made changes -
        Fix Version/s 4.10.0-b1 [ 11305 ]
        Fix Version/s Short Term [ 10800 ]
        jonathan Jonathan Reissmueller made changes -
        Rank Ranked higher
        abdy Abdy Franco made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        Hide
        admin Paul Phillips added a comment -

        No setting for now, just disable for Authorize.net for now. We can revisit a setting later.

        Show
        admin Paul Phillips added a comment - No setting for now, just disable for Authorize.net for now. We can revisit a setting later.
        Hide
        admin Paul Phillips added a comment -

        It looks like we manually did this fix for another customer.. attaching the original file, we should merge in the fix. Info I sent the customer:

        Replace /components/gateways/merchant/authorize_net/authorize_net.php

        This will disable auth and do an auth capture like it did previous to 4.7.0. The gateway was not
        changed as part of 4.7, it was a core change that performs an auth first for any merchant gateways
        that actually support it. Turns out many implement an authorization method that we just never really
        used. This was a requirement to our Stripe Payments 3DS/SCA gateway, so we started using it.

        We are evaluating which other merchant gateways may be affected by this and considering how to
        proceed. I'm not sure yet if we will merge this in, or add a setting.

        Show
        admin Paul Phillips added a comment - It looks like we manually did this fix for another customer.. attaching the original file, we should merge in the fix. Info I sent the customer: Replace /components/gateways/merchant/authorize_net/authorize_net.php This will disable auth and do an auth capture like it did previous to 4.7.0. The gateway was not changed as part of 4.7, it was a core change that performs an auth first for any merchant gateways that actually support it. Turns out many implement an authorization method that we just never really used. This was a requirement to our Stripe Payments 3DS/SCA gateway, so we started using it. We are evaluating which other merchant gateways may be affected by this and considering how to proceed. I'm not sure yet if we will merge this in, or add a setting.
        admin Paul Phillips made changes -
        Attachment authorize_net.php [ 11909 ]
        abdy Abdy Franco made changes -
        Remaining Estimate 0 minutes [ 0 ]
        Time Spent 1 hour, 23 minutes [ 4980 ]
        Worklog Id 13403 [ 13403 ]
        Automated transition triggered when Abdy Franco created pull request #9 in Stash -
        Status In Progress [ 3 ] In Review [ 5 ]
        Resolution Fixed [ 1 ]
        abdy Abdy Franco made changes -
        Time Spent 1 hour, 23 minutes [ 4980 ] 1 hour, 26 minutes [ 5160 ]
        Worklog Id 13412 [ 13412 ]
        Automated transition triggered when Jonathan Reissmueller merged pull request #9 in Stash -
        Status In Review [ 5 ] Closed [ 6 ]
        jonathan Jonathan Reissmueller made changes -
        Resolution Fixed [ 1 ]
        Status Closed [ 6 ] Reopened [ 4 ]
        Assignee Abdy Franco [ abdy ] Jonathan Reissmueller [ jonathan ]
        jonathan Jonathan Reissmueller made changes -
        Fix Version/s 4.9.0 [ 11306 ]
        Fix Version/s 4.10.0-b1 [ 11305 ]
        jonathan Jonathan Reissmueller made changes -
        Status Reopened [ 4 ] Closed [ 6 ]
        Resolution Fixed [ 1 ]

          People

          • Assignee:
            jonathan Jonathan Reissmueller
            Reporter:
            admin Paul Phillips
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Fix Release Date:
              9/Apr/20

              Time Tracking

              Estimated:
              Original Estimate - Not Specified
              Not Specified
              Remaining:
              Remaining Estimate - 0 minutes
              0m
              Logged:
              Time Spent - 1 hour, 26 minutes
              1h 26m

                Agile