sorentwo / braintree-elixir Goto Github PK

I am getting "Invalid request format." when trying to create a subscription with :add_ons.

add_ons = %{add: [%{inherited_from_id: "myaddon"}]}
Braintree.Subscription.create(%{plan_id: "myplan", payment_method_token: "token", add_ons: add_ons})

Am I using it right?

If I omit add_ons, subscription is created.

I am assuming the problem is in XML Encoder, but...

I might be missing something obvious, so I apologize if so, but I can't see where webhook support is implemented (if it is). If there is, can you point me in the right direction, and if not, do we have plans to add it? Thanks in advanced.

So I've noticed there is an error case not being handled in any of the Braintree modules which is the "unauthorized" case, which returns {:error, :unauthorized} this, throws an exception since there isn't a valid match for it in any of the existing case conditions.

Was wondering how you want to handle this before I submit a PR? Would you like a large PR with a simple match like this added to every request with an error message? If so what would you like the error message to say?

Or perhaps its fine to throw an exception? But maybe we could throw a nicer one, that describes the problem instead of being a CaseClauseError exception?

I'm intermittently seeing this unhandled error in my integration with this library:

(braintree 0.10.0) lib/search.ex:41: Braintree.Search.fetch_all_records/4

** (Protocol.UndefinedError) protocol Enumerable not implemented for {:error, :timeout} of type Tuple. This protocol is implemented for the following type(s): Ecto.Adapters.SQL.Stream, Postgrex.Stream, DBConnection.Stream, DBConnection.PrepareStream, Timex.Interval, Stream, Function, File.Stream, Date.Range, HashDict, HashSet, GenEvent.Stream, MapSet, IO.Stream, Range, List, Map

I'm calling Customer.search/1 with params data that looks like:

customer_ids = [1,2,3,4,5,6,7]  #Enum of real ids here obviously
search_params = %{ids: customer_ids}
case Customer.search(search_params) do
    #cases to handle return values
end

For the time being, i've reduced the occurrence of this timeout to almost none, by passing smaller batches of customer_ids to this function, but it would be nice for this to be handled properly and for Customer.search/1 to return {:error, :timeout} or something similar.

Is this function has implemented? I can not find any function in customer to get details with customer_id.

https://developers.braintreepayments.com/guides/customers/ruby#find

When calling Braintree.Webhook.Validation.validate_signature/2 I got this error because Braintree.fetch_env! doesn't exist.

     ** (UndefinedFunctionError) function Braintree.fetch_env!/1 is undefined or private. Did you mean one of:
     
           * get_env/1
           * get_env/2

Braintree.get_env actually throw error when env not found, so I think changing it to get_env/1 will fix it

In our setup, we have multiple merchant account ids for different currencies, which seems to be a general practice with Braintree for multi-currency support. If I see it right, this Braintree client doesn't support the specification of the merchant account id per transaction currently, but only one merchant account id via global configuration. Am I right? If so, how hard would it be to support that and would you be willing to accept a pull request for that?

We are in the process of implementing subscription billing in our application and I see that there was a PR merged back in May (#146) that adds the ability to create and update Braintree Plans. It would be really useful to us to be able to use that functionality but there hasn't been a new release of the Hex package since that PR was merged.

Would it be possible to make a new release sometime soon?

Failing that, we may want to reference a specific commit in our mix.exs to get this capability, but are there any reasons that we shouldn't rely on the code in master currently? Are there breaking changes in master relative to version 0.12.1?

Thanks!

Tests like

are failing because the transaction immediately gets to status settled

First of all, thank you for your library, it's working very well so far.

I'm working on an application of a white-brand marketplace and vendors can setup their own Braintree API keys in some back-office. For this application, I would like to be able to read the API keys from the database and pass them as parameters on every Braintree call instead of application-wide config.

Another developer has begun work on that here:
https://github.com/steady-media/braintree-elixir/commit/f5bf7367ad9e38acc63fe9b479cc5aab9c626811

Basically an optional opts list could be passed on every call and if it's there, it would then use the passed API keys and environment, otherwise it would then use the current behaviour of reading the application config.

What do you think of such approach? It should not break the current API...
I would gladly continue the work of @manukall and submit a PR.

Thanks.

Dialyzer complains about matching on the {:error, :not_found} response from Braintree.Search.perform/4 function because it's not in the spec. I think the spec can just be added to return this error.

Creating a merchant account always returns as 82607 - Master merchant account ID is invalid.

I brought this up previously in an unrelated GH issue, but wanted to re-surface incase anyone else using this library might have additional insight.

Every once in awhile (every few days) we'll see calls fail with a match error on:

{:error, ":closed"}

I've attempted to tune-down our pool by creating a special pool for braintree-elixir:

:hackney_pool.child_spec(:braintree_elixir_pool, [timeout: 30000, max_connections: 10])

Which I then use in this branch:

revzilla@e6c99e8

Unfortunately, we still see this error on occasion. I've reached out to Braintree support, and while they won't support an unofficial library directly, they did mention that their official braintree libraries do NOT pool connections or keep sockets open (but that if we did, they'd recommend to close after 50 seconds at most.)

Given that, should the default be to NOT pool braintree connections?

Thoughts?

I haven't been able to dive in, but we've seen a few issues with parsing the response data from Braintree. I added some additional logging, and it looks like the custom XML parsing is failing on:

<payer-first-name>Jos&#233;</payer-first-name>
<payer-last-name>Smith</payer-last-name>

To add a bit more tracing, here, the parser receives that payer-first-name field as a list:

[{:xmlText, ["payer-first-name": 20, paypal: 106, transaction: 1], 1, [], 'Jos',
  :text},
 {:xmlText, ["payer-first-name": 20, paypal: 106, transaction: 1], 2, [], [233],
  :text}]

We're using the Braintree library in our app and we're adding instrumentation. It would be really useful if the Braintree library would fire telemetry events on the http request, things like timing, repsonse code etc...

I'd be happy to whip up a PR if it would be considered for merging.

Hello!

It's been a while since 0.8.0 and some important fixes have been added. (I specifically need the binary to atom conversion for config.) I'd like to stop pointing to master in my mix file. Can we get a 0.9.0 release to hex please?

Thanks!

The only barrier to releasing 1.0 is full support for the Braintree API. Below is a list of the missing and in-progress features, according to the online reference for Ruby.

• Add-On
  • All
• Address
  • Create
  • Delete
  • Find
  • Update
• CreditCardVerification
  • Search
• Customer
  • Create
  • Update
  • Delete
  • Find
  • Search
• Discount
  • All
• Merchant Account
  • Create
  • Find
  • Update
• Settlement Batch Summary
  • Generate
• Subscription
  • Cancel
  • Create
  • Find
  • Retry Charge
  • Search
  • Update

When Transaction.sale is called and there is an error, the Braintree will return all kinds of information, including these codes: https://developers.braintreepayments.com/reference/general/processor-responses/authorization-responses

That information is available in the api_error_response here

However Error.construct(error) makes a struct that does not include that information. It would be useful if this library returned all of the information instead of throwing it away and just returning a Braintree.ErrorResponse without it.

From Braintree:

We will be updating our root SSL provider for API traffic to align with security standards starting April 1, 2020 in sandbox and May 1, 2020 in production. To avoid interruption to your processing, please update your SDK version to the appropriate minimum versions specified on this page.

Does this mean the CA cert file in this repo needs to be updated?

I haven't been able to pull a fix together yet, but I noticed the re-work for HTML entities does not take into account the &amp, as it decodes it to just & which then breaks the :xmerl_scan.string

Braintree.XML.Decoder.load("<a><b type='string'>First &amp; Last</b></a>")

Demonstrates the issues

Since we upgraded to OTP 24, we noticed doing API calls through braintree-elixir logs warnings like these:

14:22:58.995 [warn]  Description: 'Authenticity is not established by certificate path validation'
     Reason: 'Option {verify, verify_peer} and cacertfile/cacerts is missing'

I noticed that not passing the cacertfile does not generate this warning:

iex(ypsilon-prod@app01-prod)6> :hackney.request(:get, "https://api.braintreegateway.com/merchants/", [], [], [ssl_options: [cacertfile: cacertfile]])                      

14:29:21.118 [warn]  Description: 'Authenticity is not established by certificate path validation'
     Reason: 'Option {verify, verify_peer} and cacertfile/cacerts is missing'

{:ok, 302, ...}

iex(ypsilon-prod@app01-prod)7> :hackney.request(:get, "https://api.braintreegateway.com/merchants/")                                                                       
{:ok, 302,
 [

I also noticed if I pass both cacertfile (the certfile provided by braintree-elixir), and verify: verify_peer the SSL handshake fails:

{:error,
 {:tls_alert,
  {:unknown_ca,
   'TLS client: In state wait_cert_cr at ssl_handshake.erl:1988 generated CLIENT ALERT: Fatal - Unknown CA\n'}}}

This library returns the version 1 token by default while the other libraries will return version 2 by default. I ran into several issues trying to figure out why my token wasn't working since the Braintree docs are very vague and sparse.

https://github.com/braintree/braintree_ruby/blob/c35917379a33de405b7a47eb9f83b7f732255262/lib/braintree/client_token.rb#L5

https://developers.braintreepayments.com/reference/request/client-token/generate/node#version

Would you want to change the library to follow suite? I can PR if that's something that's wanted. At the least I think we should document that it defaults to version 1 of the token.

edit