Skip to content

Fix(Confirm Order): handle 3DS failure

Michael Lunøe requested to merge 459980-mlunoe-handle-3ds-errors-in-confirm-order-calls into master

What does this MR do and why?

Fix(Confirm Order): handle 3DS errors

This MR applies a similar approach to handling 3DS errors in the confirm order API call as when adding a credit card.

Related issue: https://gitlab.com/gitlab-org/gitlab/-/issues/455267+

Dependent on Fix(Confirm Order): handle 3DS failure (!152209 - merged).

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
Screenshot_2024-05-07_at_15.53.29 Screenshot_2024-05-07_at_15.51.49
Screenshot_2024-05-07_at_15.52.51 Screenshot_2024-05-07_at_15.52.33
Screenshot_2024-05-08_at_16.03.40 Screenshot_2024-05-08_at_15.30.16

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Ensure you have customers.gitlab.com set up and working: https://gitlab.com/gitlab-org/customers-gitlab-com/-/blob/main/doc/setup/installation_steps.md?ref_type=heads
  2. Enable the <code data-sourcepos="47:17-47:44">gitlab_purchase_3ds_payments</code> for you local customers.gitlab.com environment (you can find your user id in the rails console by running User.find_by_username('root').id)
  3. Add the key zuora_paid_signup_flow_with_3ds_payment_page_id to the secret.yml file by copying it from here (documentation update and announcement coming in https://gitlab.com/gitlab-org/customers-gitlab-com/-/issues/9171 so that we can enable the feature flag for customers-development once the key is present for everyone).
  4. Navigate to purchase a subscription: http://localhost:3000/-/subscriptions/new?plan_id=2c92a00d76f0d5060176f2fb0a5029ff (or to a group with Compute minutes or storage, navigate to "Settings > Usage quotas" and click "Buy storage" or "Buy minutes")
  5. Enter an invalid coupon code, e.g. dummy and click apply
  6. See the Promo code is invalid form validation message
  7. Go through the flow and use the "always authenticate" card from the stripe test cards and submit the card (this will trigger the 3DS flow)
  8. Scroll down and click complete in the 3D secure flow
  9. Check "accept" and click "Confirm purchase"
  10. See the Promo code is invalid error message
  11. Remove the coupon code and click "Confirm purchase"
  12. See the 3DS error not supported displayed

Related to #459980

Edited by Michael Lunøe

Merge request reports