Several customers reports of issues with duplicate orders when using Vipps. The Vipps payment id the same, but two separate orders are created, both processed at the same time.
The issue seem to be caused by user loosing session cookie in redirect, ending up on other instance (which may occur on phone), ref:
"Because of this Vipps recommends a stateless approach on the website that is supposed to be the end session. An example would a polling-based result handling from a value in the redirect URL (fallback)."
What happens is that both callback (user session) and api and/or polling call from api initiates order creation.
The api and polling calls from Vipps are fallbacks to guarantee order creation (i.e. if user closes browser or navigates away too early).
Suggested solution:
Note:
This needs fix: DateTime.Now needs to be converted to UTC time:
https://github.com/Geta/vipps/blob/commerce-13/src/Vipps/Polling/VippsPollingService.cs#L78
Several customers reports of issues with duplicate orders when using Vipps. The Vipps payment id the same, but two separate orders are created, both processed at the same time.
The issue seem to be caused by user loosing session cookie in redirect, ending up on other instance (which may occur on phone), ref:
"Because of this Vipps recommends a stateless approach on the website that is supposed to be the end session. An example would a polling-based result handling from a value in the redirect URL (fallback)."
What happens is that both callback (user session) and api and/or polling call from api initiates order creation.
The api and polling calls from Vipps are fallbacks to guarantee order creation (i.e. if user closes browser or navigates away too early).
Suggested solution:
Note:
This needs fix: DateTime.Now needs to be converted to UTC time:
https://github.com/Geta/vipps/blob/commerce-13/src/Vipps/Polling/VippsPollingService.cs#L78