Problem/Motivation

In Braintree3DSReview->validatePaneForm, When the result is returned, it is processed by ErrorHelper::handleErrors3ds.

If liabilityShifted === TRUE, the code short circuits, as this indicates a successful result.

Otherwise, several specific checks are made and an exception is thrown.

There is no final throw, though, so if a result indicates $result->liabilityShiftPossible === FALSE, this error condition is silently ignored, putting us in an indeterminate state.

Let's at least return a SoftDeclineException here.

As a future enhancement, we could handle each of the ~18 different status that return $result->liabilityShiftPossible === FALSE.

While some should still be SoftDeclineException, others should be a HardDeclineException. In one case, it should potentially be treated as a valid transaction. (That specific case is when the seller has configured a skip rule, this accepting liability.)

Steps to reproduce

1. Using the appropriate test card, perform a 3ds2 transaction that will return $result->liabilityShiftPossible === FALSE && $result->liabilityShifted === FALSE
It should throw an exception. Instead, it silently continues, possibly processing the payment with no liability shift.

Proposed resolution

Add a catch all exception, rather than a catch all pass through.

CommentFileSizeAuthor
#2 3ds2-error-helper-missing-exception-catch-all-3380937-2.patch326 bytestomtech

Comments

TomTech created an issue. See original summary.

tomtech’s picture

tomtech commented
Status: Active » Needs review
StatusFileSize
new 3ds2-error-helper-missing-exception-catch-all-3380937-2.patch326 bytes

  • TomTech authored 3676e20e on 8.x-1.x 
    Issue #3380937 by TomTech: 3ds2 Error Helper missing exception catch all
tomtech’s picture

tomtech commented
Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.