In early Feb 2016, We updated to the latest Windows 2012 updates and CFPayment quit working (it's actually more of an Adobe bug). We use ColdFusion 10,0,17,295085 (Java 1.8.0_66) and the latest CFPayments + Stripe and started getting this error:

I/O Exception: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

getSuccess() is false. getStatusCode() returns "99" (This status indicates an exception we don't know how to handle (yet)), but getMessage() returns an empty string... no message. So the customer (and developer) don't have any idea regarding what happened.

My personal workaround for this is going to be to rewrite base.cfc to use CFX_HTTP5 so that it will continue to work regardless of the version of ColdFusion or third-party SSL Certificate used. Let me know if you are interested and I can provide you with the modified template.

The current gateway instantiation looks like:

<cfset variables.instance.gateway = createObject("component", "gateway.#lCase(variables.instance.config.path)#").init(config = variables.instance.config, service = this) />

There are circumstances where you want to extend a gateway to override a particular method, like perhaps for error messages or custom response additions, etc. We have a working build with this instead:

<cfset variables.instance.gateway = createObject("component", variables.instance.config.path).init(config = variables.instance.config, service = this) />

That allows configuration like (coldspring example):

<bean id="cfpaymentStripe" class="cfpayment.api.core"> <constructor-arg name="config"> <map> <entry key="path"><value>stripe.stripe</value></entry> <entry key="path"><value>gateway.stripe.stripe</value></entry> <entry key="LiveSecretKey"><value>${STRIPE_LIVE_SECRET_KEY}</value></entry> <entry key="LivePublishableKey"><value>${STRIPE_LIVE_PUB_KEY}</value></entry> <entry key="TestSecretKey"><value>${STRIPE_TEST_SECRET_KEY}</value></entry> <entry key="TestPublishableKey"><value>${STRIPE_TEST_PUB_KEY}</value></entry> <entry key="GatewayID"><value>2</value></entry> <entry key="TestMode"><value>true</value></entry> </map> </constructor-arg> </bean>

But gateway.stripe.stripe could also be model.payment.customstripe which defines an alternative response.

Can

account = svc.createCreditCard().setAccount(4242424242424242).setMonth(10).setYear(year(now())+1))
             .setFirstName("John").setLastName("Doe");

be rewritten so that one line of code does 1 thing? If I were to break this down into 6 lines, I wouldn't know which one to make an assignment statement to assign account to.

In certain circumstances, the bank may return an avs or cvv response that is an empty string and our code fails.

Review of marketplace appears to have multiple highly-overlapping methods where just the arguments change:

purchase()
charge()
marketplaceDirectCharge()
marketplaceDestinationCharge()

The behavior, depending on the parameters, is quite different but this more clearly matches the Stripe API too so collapsing them into the cfpayment-standard methods makes sense.

If the address_zip_check is undefined, we fai at:

cfpayment/api/gateway/stripe/stripe.cfc (362)

Any plans to add support for the new Authorize.net API?

A response of 126 "Under Fraud Review" from payflow gives a decline from the payflowGateway. This might be better returned as a "getStatusPending".

I'm using Railo, so it might be something to do with how getGatewayURL is being called.

I am using the CFC "payflowGateway.cfc" and when I change the "partner" - "MerchantAccount" - "userName" and "userName" the answer is "INVALID AMOUNT"

I don't understand why it shows this message. I have tried with differents values but the answer always is the same.

Can someone help me please ?

All our Stripe transactions were processing, but "city" information wasn't being logged by Stripe. In the Stripe gateway CFC (/api/gateway/stripe/stripe.cfc), all address parameters are being configured except "City.

post["card[address_city]"] = arguments.account.getCity();

In post-http process(), I think we should switch from looking for keys like card or sources and instead look at the "object" value. These are valid values:

customer (with default_source and array of sources )
charge (with source )
token (with type = card|bank_account)
card
bank_account
refund
application_fee
transfer
transfer_reversal
account
list (of one of the other types)
file_upload

If I implement the example exactly "as is" on Coldfusion 8, I get the following CF error;

The names of user-defined functions cannot be the same as built-in ColdFusion functions.
The name getToken is the name of a built-in ColdFusion function.
The CFML compiler was processing:

A cffunction tag beginning on line 216, column 10.

The error occurred in C:\inetpub\wwwroot\cfpayment\api\gateway\stripe\stripe.cfc: line 216
Called from C:\inetpub\wwwroot\cfpayment\api\core.cfc: line 52

marketplaceCreateConnectedAccount() calls the above method which has hardcoded test data and will not work in real scenarios:

<cfscript>
    arguments.post["managed"] = true;
    arguments.post["country"] = 'CA';
    arguments.post["email"] = 'test#dateFormat(now(),"yyyymmdd")##timeFormat(now(),"HHmmss")#@test.tst';
    arguments.post["default_currency"] = 'CAD';
    //These properties can be set when creating the account, and changed later if the account is managed, but are only relevant if the account has charges being made directly on it:
    //arguments.post["statement_descriptor"] = '';
    //arguments.post["business_name"] = '';
    //arguments.post["support_phone"] = '';
</cfscript>

Hi
Stripe recently upgraded their APIs to be SCA-Ready. I see that the last code commit for CFPayment was December-2017, so does that mean that the code as it stands will not work with the new Stripe API?

Beta per https://stripe.com/docs/marketplaces

See differences here:

https://stripe.com/docs/upgrades

In post-http process(), I think we should switch from looking for keys like card or sources and instead look at the "object" value. These are valid values:

customer (with default_source and array of sources )
charge (with source )
token (with type = card|bank_account)
card
bank_account

Then we can pass that key to a helper function which knows how to pull out AVS/CVV/etc details.

The CFPayment library allows an empty CVV2 value to be posted to Stripe, but Stripe requires that the parameter not be passed if it's not being used. Excluding setVerificationValue() still caused an empty value to be set and passed. I added the following logic to api/gateway/base.cfc in order to exclude the empty parameter from being passed.

<CFIF NOT Findnocase("cvc", key) OR (Findnocase("cvc", key) AND LEN(trim(arguments.payload[key])))>
    <!--- CFHTTParam --->
</CFIF>