Profile validation email generated by authorize.net doesn't include the customer email [#3062624]

Problem/Motivation

At some point the profile validation email generated by authorize.net was including an email address but since 8.x-1.0 was released the validation email just contain email@example.com. The error looks like https://community.developer.authorize.net/t5/Integration-and-Testing/CIM... but I am not sure if it's the same.

I am wondering if it has to do with the SDK or this module. I am wondering if this has something to do with the comment at https://git.drupalcode.org/project/commerce_authnet/blob/8.x-1.x/src/Plu...

// Due to their being a possible duplicate record for the customer
      // profile, we cannot attach the payment profile in the initial request.
      // If we did, it would invalidate the token generated by Accept.js and
      // not allow us to reconcile duplicate payment methods.
      //
      // So we do not attach a payment profile and run two requests, and make
      // sure no validation mode is executed.

Cause the email get generated after the initial request at line 667. The generated email looks like:

From: Auto-Receipt <noreply@mail.authorize.net>
Sent: Friday, November 9, 2018 9:16 AM
To: CAD Payments <marchant@email.com>
Subject: Merchant Email Receipt

************* TEST MODE *************

======== SECURITY STATEMENT ==========
It is not recommended that you ship product(s) or otherwise grant services relying solely upon this e-mail receipt.

======== GENERAL INFORMATION =========
Merchant : MyMerchantName (12356789)
Date/Time : 9-Nov-2018 9:16:04 EST

======== ORDER INFORMATION =========
Invoice : none
Description : Test transaction for ValidateCustomerPaymentProfile.
Amount : 1.00 (CAD)
Payment Method: Visa xxxx1111
Transaction Type: Authorization Only

============= Line Items ===============

============= RESULTS ===============
Response : This transaction has been approved.
Auth Code : 000000
Transaction ID : 0
Address Verification : AVS Not Applicable

=== CUSTOMER BILLING INFORMATION ===
Customer ID : none
First Name : CustomerFirstName
LastName : CustomerLastName
Company : Heritage Coffee
Address : 123 Customer street
City: London
State/Province : ON
Zip/Postal Code : XXX XXX
Country : CA
Phone : 
Fax : 
E-Mail : email@example.com

=== CUSTOMER SHIPPING INFORMATION ===
First Name : 
Last Name : 
Company : 
Address : 
City : 
State/Province : 
Zip/Postal Code : 
Country :  

====== ADDITIONAL INFORMATION ======
Tax : 0.00
Duty: 0.00
Freight : 0.00
Tax Exempt : No
PO Number : none

Instead of email@example.com it use to include the proper merchant email.

Proposed resolution

Remaining tasks

User interface changes

None

API changes

Maybe the SDK need to be updated, somehow.

Data model changes

N/A

Release notes snippet

Comment	File	Size	Author
#9	commerce_authnet-anonymous_email-3062624-9.patch	1.49 KB	zengenuity
#9
#8	commerce_authnet-anonymous_email.patch	1.29 KB	v8comp
#8

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

18 June 2019 at 21:36

nikathone created an issue. See original summary.

Comment #2

nikathone

Swahili

Ontario

CreditAttribution: nikathone commented 18 June 2019 at 22:02

Issue summary:

View changes

Added an email sample.

Comment #3

mglaman

English

WI, USA

CreditAttribution: mglaman at Centarro commented 13 August 2019 at 21:13

Version:	8.x-1.1	» 8.x-1.x-dev
Category:	Support request	» Bug report

Let's mark this as a bug report for triage.

Comment #4

mglaman

English

WI, USA

CreditAttribution: mglaman at Centarro commented 26 August 2019 at 16:41

We're setting an email 🤔 https://git.drupalcode.org/project/commerce_authnet/blob/8.x-1.x/src/Plu...

      $request = new CreateCustomerProfileRequest($this->authnetConfiguration, $this->httpClient);
      if ($owner->isAuthenticated()) {
        $profile = new Profile([
          // @todo how to allow altering.
          'merchantCustomerId' => $owner->id(),
          'email' => $owner->getEmail(),
        ]);
      }
      else {
        $profile = new Profile([
          // @todo how to allow altering.
          'merchantCustomerId' => $owner->id() . '_' . $this->time->getRequestTime(),
          'email' => $payment_details['customer_email'],
        ]);
      }

I wonder if the email lives in the customer profile or BillTo in the profile.

Comment #5

mglaman

English

WI, USA

CreditAttribution: mglaman at Centarro commented 26 August 2019 at 17:45

I wonder if the email is empty and that's why?

Comment #6

mglaman

English

WI, USA

CreditAttribution: mglaman at Centarro commented 26 August 2019 at 17:50

I've been receiving some emails and I cannot reproduce this. It is working as I would expect. The email is empty if there is no email, or represents what was passed through the SDK/Module.

Comment #7

mglaman

English

WI, USA

CreditAttribution: mglaman at Centarro commented 26 August 2019 at 17:53

Status:

Active

» Postponed (maintainer needs more info)

@nikathone have you seen this occur since the original report?

Comment #8

v8comp CreditAttribution: v8comp commented 29 December 2020 at 00:18

File	Size
commerce_authnet-anonymous_email.patch	1.29 KB

I think I'm seeing the same issue with the latest dev on Drupal 9.1:

Notice: Undefined index: customer_email in Drupal\commerce_authnet\Plugin\Commerce\PaymentGateway\AcceptJs->doCreatePaymentMethod() (line 660 of /home/sitedev1/drupal9/web/modules/contrib/commerce_authnet/src/Plugin/Commerce/PaymentGateway/AcceptJs.php)

Seems to be caused by the fact that I have the contact_information and payment_information checkout panes on different steps, so the values from the first is not available in the form submit function to set the email address.

I solved this with the attached patch which loads the Order as an alternate source of email address, and always sets the 'customer_email' value in the array even if just to an empty value (which seems to be acceptable to Authorize.net since the transaction still went through).