RomanovM wrote:
This is strange, I have not seen such behavior. Perhaps some client errors (so they weren't logged) by PayPal were displayed to the customer.
The error occured when the paypal commerce plugin is handling the webhook sent from PayPal.
It can't find the order guid to proceed to insert the order notes and proceed to authorize the paypal transaction. Now this concerns me. As it happens way too often on my environment.
For the one page checkout, when I reviewed how the order guid is generated, its saved just after the payment method is selected and also when the opc order is confirmed. There is some logic in the code to keep the same order guid as long as the interval is between the SETTING 'paymentsettings.regenerateorderguidinterval'. This value is defaulted to 180 seconds.
Now the timing of how the order guid is determined whether to use the existing guid or generate a brand new one makes me nervous. I've set the regenerateorderguidinterval value very high and will keep an eye out on any further issues.
You might also want to review the code in PaymentService.cs
The line here I believe causes race conditions.
DateTime.UtcNow - previousPaymentRequest.OrderGuidGeneratedOnUtc.Value;DateTime.UtcNow relies on the webserver time, what about previousPaymentRequest.OrderGuidGeneratedOnUtc.Value? There would be more a concern if the deployment is running under a web farm.
/// <summary>
/// Generate an order GUID
/// </summary>
/// <param name="processPaymentRequest">Process payment request</param>
public virtual void GenerateOrderGuid(ProcessPaymentRequest processPaymentRequest)
{
if (processPaymentRequest == null)
return;
//we should use the same GUID for multiple payment attempts
//this way a payment gateway can prevent security issues such as credit card brute-force attacks
//in order to avoid any possible limitations by payment gateway we reset GUID periodically
var previousPaymentRequest = _httpContextAccessor.HttpContext.Session.Get<ProcessPaymentRequest>("OrderPaymentInfo");
if (_paymentSettings.RegenerateOrderGuidInterval > 0 &&
previousPaymentRequest != null &&
previousPaymentRequest.OrderGuidGeneratedOnUtc.HasValue)
{
var interval = DateTime.UtcNow - previousPaymentRequest.OrderGuidGeneratedOnUtc.Value;
if (interval.TotalSeconds < _paymentSettings.RegenerateOrderGuidInterval)
{
processPaymentRequest.OrderGuid = previousPaymentRequest.OrderGuid;
processPaymentRequest.OrderGuidGeneratedOnUtc = previousPaymentRequest.OrderGuidGeneratedOnUtc;
}
}
if (processPaymentRequest.OrderGuid == Guid.Empty)
{
processPaymentRequest.OrderGuid = Guid.NewGuid();
processPaymentRequest.OrderGuidGeneratedOnUtc = DateTime.UtcNow;
}
}