Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This patch depends on patches from the following, please apply those before this one
#2072989: Support first and last name if available
#2451301: Do not alter payment form cardonfile options for other modules
This patch adds a submodule to commerce_braintree to add the Braintree Drop-in UI (https://www.braintreepayments.com/features/drop-in) as a new payment method for Drupal Commerce.
Things to note/review:
- Setup is the same as commerce_braintree and uses the same braintree_php library
- I had to update _commerce_braintree_commerce_payment_checkout_custom_validation because it killed validation for payment methods (this might be a bug in commerce_braintree?). I default to calling the default validation callback at the end of the override.
- commerce_checkout.js disables the submit button to prevent it from being clicked multiple times. I had to add methods in commerce_braintree_dropin.js to disable this instead of unsetting the inclusion of that file incase more methods are added to it later. Duplicate submission does not appear to be an issue with the Drop-in UI
- Card on file support has not yet been added, but it should be fairly easy to add
Comments
Comment #1
rickmanelius CreditAttribution: rickmanelius commentedThanks for the heads up. By the way, there is also a lot of work going on with Commerce Stripe that looks very promising (iframe solution). See #2433257: Add Stripe Checkout (iFrame) support.
Happy to help review this as well.
Comment #2
HazaPatch seems fine. Thanks !
I am not able to test it anymore, so if someone want to test it, I'll merge it when it is RTBC.
Comment #3
andyg5000Woohoo! Now includes support for card on file! You can save any payment method that braintree supports (credit card, paypal, coinbase) and the UI is pretty awesome!
Note: Requires #2451301: Do not alter payment form cardonfile options for other modules be applied
Comment #4
rickmanelius CreditAttribution: rickmanelius commentedI really apologize for not providing a review at this time (between having a sick baby and some work deadlines, I've been slammed). That said, if this goes through and does offer card on file support, it'll be added to the PCI white paper as a recommend SAQ A gateway. Tracking here => https://github.com/rickmanelius/drupalpcicompliance/issues/39
Comment #5
nyleve101 CreditAttribution: nyleve101 commentedHi,
@andyg5000 thanks for adding card on file support, the UX is cool. It works very well when logged in as an admin but when I attempt a recurring payment as a normal authenticated user I see the error below:
Notice: Undefined index: firstName in commerce_braintree_dropin_create_cardonfile() (line 213 of /srv/bindings/43bc2c74e5bc414081797d3a93824a60/code/sites/all/modules/commerce_braintree/modules/commerce_braintree_dropin/commerce_braintree_dropin.module). Backtrace:
commerce_braintree_dropin_create_cardonfile(Object, Array, Object) commerce_braintree_dropin.module:168
commerce_braintree_dropin_submit_form_submit(Array, Array, Array, Object, Array) commerce_payment.checkout_pane.inc:261
commerce_payment_pane_checkout_form_submit(Array, Array, Array, Object) commerce_checkout.pages.inc:320
commerce_checkout_form_validate(Array, Array) form.inc:1513
form_execute_handlers('validate', Array, Array) form.inc:1453
_form_validate(Array, Array, 'commerce_checkout_form_review') form.inc:1183
drupal_validate_form('commerce_checkout_form_review', Array, Array) form.inc:889
drupal_process_form('commerce_checkout_form_review', Array, Array) form.inc:385
drupal_build_form('commerce_checkout_form_review', Array) form.inc:130
drupal_get_form('commerce_checkout_form_review', Object, Array) commerce_checkout.pages.inc:56
commerce_checkout_router(Object, Array)
call_user_func_array('commerce_checkout_router', Array) menu.inc:517
menu_execute_active_handler() index.php:21
Notice: Undefined index: lastName in commerce_braintree_dropin_create_cardonfile() (line 213 of /srv/bindings/43bc2c74e5bc414081797d3a93824a60/code/sites/all/modules/commerce_braintree/modules/commerce_braintree_dropin/commerce_braintree_dropin.module). Backtrace:
commerce_braintree_dropin_create_cardonfile(Object, Array, Object) commerce_braintree_dropin.module:168
commerce_braintree_dropin_submit_form_submit(Array, Array, Array, Object, Array) commerce_payment.checkout_pane.inc:261
commerce_payment_pane_checkout_form_submit(Array, Array, Array, Object) commerce_checkout.pages.inc:320
commerce_checkout_form_validate(Array, Array) form.inc:1513
form_execute_handlers('validate', Array, Array) form.inc:1453
_form_validate(Array, Array, 'commerce_checkout_form_review') form.inc:1183
drupal_validate_form('commerce_checkout_form_review', Array, Array) form.inc:889
drupal_process_form('commerce_checkout_form_review', Array, Array) form.inc:385
drupal_build_form('commerce_checkout_form_review', Array) form.inc:130
drupal_get_form('commerce_checkout_form_review', Object, Array) commerce_checkout.pages.inc:56
commerce_checkout_router(Object, Array)
call_user_func_array('commerce_checkout_router', Array) menu.inc:517
menu_execute_active_handler() index.php:21
Should the form collect the user's name?
Best wishes
Comment #6
andyg5000Hey @nyleve101
The notices you're seeing are caused by #2072989: Support first and last name if available.
I've updated the patch for this issue to require the patch from the one listed above. I'll also updated the issue summary to list required patches for this one.
Thanks!
Comment #7
nyleve101 CreditAttribution: nyleve101 commentedHi @andyg5000,
thanks for getting back to me- much appreciated!
Are particular permissions required for authenticated users to use the braintree card on file feature? At the moment when i checkout as an admin for a recurring product (Commerce Recurring Framework), the card is successfully charged when the recurring order time lapses. When i checkout the same recurring product as an authenticated user, the card is declined when the recurring order time passes.
The card is always successfully charged for an admin but there's always a 'hard decline' for an authenticated user. When I check the orders I noticed that the recurring order for the admin shows a 'Commerce Card on File Test Payment' but the recurring order for the authenticated user doesn't have a payment attached. Any ideas?
Thanks again for the module!
Best wishes
Evey
Comment #8
nyleve101 CreditAttribution: nyleve101 commentedJust attaching a screenshot. Any help at all is appreciated.
Comment #9
andyg5000Hey Evey,
Can you verify that a token is being saved in the commerce_cardonfile table in the database for those users from the module? I'm using this patch on a site that's running commerce recurring and it's working on my end. Can you also verify that all of the information is showing up in Braintree's website? For example the reason for the failure. There should also be a failed payment transaction on the payment tab of the order. Basically, if we're saving the correct token (line 206 in commerce_braintree_dropin.module) then this patch is doing its job and the issue is with the BT charge callback or elsewhere.
I'm including and updated patch that uses the correct message response from Braintree when there's an issue. They don't provide a message whenever the transaction is successful, so I guess we don't need to save one anyway.
Comment #10
andyg5000Comment #11
nyleve101 CreditAttribution: nyleve101 commentedHi Andy,
I've committed all your patches and I can confirm that a token is being saved in the commerce_cardonfile table for users. The transaction for the initial amount is showing on both the site and on braintree. The recurring order charge however is still a 'hard decline' on the site and doesn't appear at all on braintree. There's nothing in the site error logs either. There's just no payment raised against the recurring order.
May i know if you had to fiddle with any rules or card on file to get it working on your site?
Thanks again for your help.
Evey
Comment #12
nyleve101 CreditAttribution: nyleve101 commentedHi @andyg5000,
just wondering if this is this the BT Chargeback patch you used to get it all working https://www.drupal.org/node/2162917?
Hope you're well
Comment #13
nyleve101 CreditAttribution: nyleve101 commentedHi,
in case anyone stumbles upon my issue, these additional patches resolved it.
Not triggering paid in full: https://www.drupal.org/node/2359267#comment-9439361
Bug in code that checks Braintree hashed value: https://www.drupal.org/node/1886950#comment-7664993
Thank you for creating the Drop-in UI Andy!
Best wishes
Evey
Comment #14
verper CreditAttribution: verper commentedafter putting details about full name, address, etc,.. the next page is error? anybody?
Comment #15
Lukas von BlarerYou probably got your API keys wrong. Check the log for an error message. It looked like this when I got it:
Braintree_Exception_Authentication: in Braintree_Util::throwStatusCodeException() (line 53 of /sites/all/modules/commerce_braintree/braintree_php/lib/Braintree/Util.php).
Shouldn't we display a message instead of a WSOD?
Comment #16
verper CreditAttribution: verper commentedit only displays WSOD after the submission... instead in the page where i can see the Dropin
- my API works fine if i use "Braintree Transparent Redirect" but in "Braintree Drop-in UI" there goes the error
Comment #17
verper CreditAttribution: verper commentedhow about this error?
Braintree_Exception_SSLCertificate: in Braintree_Http::_doUrlRequest() (line 94 of D:\xampp\htdocs\sites\all\modules\commerce_braintree\braintree_php\lib\Braintree\Http.php).
update -
the Dropin UI shows in Chrome but not in Mozilla, anybody?
Comment #18
Lukas von BlarerI've been playing around with this for some time an looks good so far. Can we get this and the patches this depends on committed? Is there something missing?
Comment #19
Lukas von BlarerI re-rolled the the patch in #1900494: Multi currency support against 7.x-2.x and also added support for the Drop-in UI. I'll post a patch once it gets committed.
Comment #20
Lukas von BlarerThere is one small coding standard issue (double space):
I looked over the patch and tested it quite a lot the past few days. Looks good so far. Just one thing came up: The processing of the transaction takes very long. But I guess this is a issue on Braintree's side. If not, lets create a follow-up for this.
If the coding standrad issues is fixed, this is RTBC.
Comment #21
HazaOn my point of views, this seems OK.
The really small coding standard issues should not be a blocker (I don't want to block anything for a double space ...), and we can still fix it later.
Comment #22
Lukas von BlarerStill fixing this small coding standards issue. Please RTBC again and I'll commit it.
Comment #23
rickmanelius CreditAttribution: rickmanelius commentedHi Everyone. Unfortunately as @verper stated in #17, there is an issue with Firefox/Mozilla. Specifically, you cannot access http://js.braintreegateway.com/v2/braintree.js directly without getting a 403 error. Chrome makes allowances and redirects to the HTTPS version, but Firefox does not.
Attached in a small patch I used to get around this. However, there may be other implications as a result of this. That said it was necessary for me to do this to continue my testing (which I'm in the process of right now). I realize this patch needs to be merged into #22, but I wanted to surface this issue immediately before this issue gets closed/committed.
Comment #24
rickmanelius CreditAttribution: rickmanelius commentedHTTP/HTTPS issue aside (see #23), I can verify this does work and is compatible with card on file. AWESOME! Once we resolve that this should be RBTC and committed.
It's worth noting that I haven't reviewed the codebase from a security perspective. It might be worth creating a ticket just for that prior to an official stable release (see #2483675: [meta] 7.x-2.0 stable release).
Comment #25
Lukas von BlarerI couldn't reproduce the bug in Firefox. The redirect to HTTPS worked for me. But since the Braintree documentation instruct to include the JS file over HTTPS let's do it this way: https://developers.braintreepayments.com/javascript+php/start/hello-client
The attached patch merges the patch in #22 with #23.
Comment #26
Lukas von BlarerForgot the patch...
Comment #27
rickmanelius CreditAttribution: rickmanelius as a volunteer commentedGiven that the patch exactly matches the one change I introduced to also get this working (which was a verification from previous successful reviews in #20, #21, etc), I think we're safe to set this as RBTC :)
Comment #29
Lukas von BlarerComment #30
Lukas von BlarerThanks everyone!
Comment #32
andyg5000Comment #33
pinkonomy CreditAttribution: pinkonomy commentedI take this message on the rule after I install the dev2 version of the module
"Unknown action commerce_payment_enable_braintree_tr."
That means that the Braintree payment method is not available (I enabled both of the Braintree module and the dropin module)
Suggestions?
Comment #34
pinkonomy CreditAttribution: pinkonomy commentedOops,the Braintree module and submodle was not installed since I didn't have download the Braintree php library.
After doing this it worked with no error.
Cheers