View Issue Details

Jump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0007784module PayPal Checkoutmodule PayPal checkout - subpublic2025-04-10 08:372025-04-17 13:57
Reporterfcos Assigned To 
PrioritynormalSeverityminorReproducibilityrandom
Status assignedResolutionopen 
Product Version2.5.2 / 3.4.0 
Summary0007784: order handling when paypal checkout order id is missing
DescriptionHello,

we had some weird order state combination and it seem that it could be a missing paypal checkout order id and the handling in
vendor/oxid-solution-catalysts/paypal-module/src/Controller/OrderController.php;:finalizepaypalsession().

The order is payed in paypal, oxtransstatus = OK. Folder is new and mail got send, but the order was automatically canceled in oxid.

We found the following in the log:
PayPal Payment Logger.ERROR: Client error: `GET https://api.paypal.com/v2/checkout/orders/` resulted in a `404 Not Found` response , wich comes from OxidSolutionCatalysts\\PayPal\\Service\\Payment->fetchOrderFields('', ''), because it got requested with an empty order id.

It seems the checkout order id from the paypal session PayPalSession::getCheckoutOrderId() was missing in finalizepaypalsession().

That triggers the following code:

````
$cancelSession = !$sessionOrderId ||
            !$sessionCheckoutOrderId ||
            ($standardRequestId !== $sessionCheckoutOrderId);
        if (!$vaulting && $cancelSession) {
            $this->getServiceFromContainer(OrderPayPalService::class)
                ->cancelPayPalSession('request to session mismatch');
        }

````

 wich calls removeTemporaryOrder() and cancels the order, but the return from cancelPayPalSession doesnt get processed in finalizepaypalsession so the code in
finalizepaypalsession continues.

Shouldnt there be a redirect for the return from cancelPayPalSession() or is the current logic correct?

At the moment we cant say why the paypal order id was missing, but it seems the oxid order id (sess_challenge) was there because we didtn see other hard faulure for not loading the order and the order state... was set.



Steps To ReproduceUnfortunately thats nothing we can reproduce under normal circumstances, to test this we just set $sessionCheckoutOrderId = '' in finalizepaypalsession ():

TagsNo tags attached.

Activities

There are no notes attached to this issue.