stripe, multiple requests using idempotency keys return errors

0
votes

Need assistance with Stripe error response. Everything seems to work according to stripe dashboard logs when creating a Customer and then enrolling them into a Subscription therefore generating a Charge, in the event where there are multiple requests made with idempotency keys in place. How ever in this event I get this stripe error response (capture of the exception $error6) which opens up as a page (charge.php) where the code runs, instead of sending to success page.

charge.php

\Stripe\Stripe::setApiKey('sk_live_xxxxxxxxxxx');

$POST = filter_var_array($_POST, FILTER_SANITIZE_STRING);

$email = $POST['email'];
$token = $POST['stripeToken'];
$membership_type = $POST['membership_type'];
$user_id = $POST['user_id'];
$success = 0;

try {
// Create customer in Stripe
$customer = \Stripe\Customer::create([
  "email" => $email,
  "source" => $token,
],[
  "idempotency_key" => $_SESSION['sid2'],
]);
$success = 1;
} catch(Stripe_CardError $e) {
  $error1 = $e->getMessage();
} catch (Stripe_InvalidRequestError $e) {
  // Invalid parameters were supplied to Stripe's API
  $error2 = $e->getMessage();
} catch (Stripe_AuthenticationError $e) {
  // Authentication with Stripe's API failed
  $error3 = $e->getMessage();
} catch (Stripe_ApiConnectionError $e) {
  // Network communication with Stripe failed
  $error4 = $e->getMessage();
} catch (Stripe_Error $e) {
  // Display a very generic error to the user, and maybe send
  // yourself an email
  $error5 = $e->getMessage();
} catch (Exception $e) {
  // Something else happened, completely unrelated to Stripe
  $error6 = $e->getMessage();
}

if ($success!=1)
{
    $_SESSION['error1'] = $error1;
    $_SESSION['error2'] = $error2;
    $_SESSION['error3'] = $error3;
    $_SESSION['error4'] = $error4;
    $_SESSION['error5'] = $error5;
    $_SESSION['error6'] = $error6;
    print_r($_SESSION);
}

// Add Customer to a Subscription in Stripe
$subscription = \Stripe\Subscription::create([
    'customer' => $customer->id,
    'items' => [['plan' => $membership_type]]
  ],[
    "idempotency_key" => $_SESSION['sid'],
]); 
//adding all relevent info into data base...

//send user to success page
header('Location: ../success.php?id='.$user_id.'&product='.$subscription->plan->nickname);

Could this be because each time the Stripe JS $token parameter changes? is this normal or am I doing something wrong? (I got a similar error when running idempotency only on Subscribing a Customer but then stripe creates multiple customers with the same email and payment cards but different customer->id) Can anyone kindly suggest how can I resolve this error page?

2
phpstripe-payments

2 Answers

0
votes

Could this be because each time the Stripe JS $token parameter changes?

Yes, I suspect what's happening here is that you are reusing $_SESSION['sid2'] for two separate requests with different source parameters to create a Customer. And this error in response is the expected behavior!

You should be able to see this in your Dashboard logs: Assuming this is a test mode request, https://dashboard.stripe.com/test/logs/iar_IgylJRGpbLyVb6 should tell you where the same key was originally used.

0
votes

best option i could find is disabling the button after the Stripe JS event listener

var form = document.getElementById('payment-form');
form.addEventListener('submit', function(event) {
  event.preventDefault();

$('.button').attr("disabled", true);
stripe.createToken(card).then(function(result) {...........