I'm trying to create a custom gateway using omnipay for an unsupported payment gateway. However I'm having a difficult time creating the response class for my provider's 3D secure implementation.
I've had a look at sagepay, but the response for 3D secure seems to all be returned in 1 api request.
To complete a 3D secure payment I need to perform the following actions:
Do I need a different response classes for each api request? So VerifyEnrolledResponse, VerifySigResponse and PurchaseResponse?
or do I need something like this:
if ($response->isSuccessful()) {
// payment was successful
} elseif ($response->isRedirect()) {
// redirect to offsite payment gateway
$response->redirect();
} elseif ($response->notEnrolled() {
// User not enrolled in 3D secure - make auth or display error
} elseif ($response->3DSecureSuccess() {
// Card passed 3D secure
} else {
// payment failed: display message to customer
echo $response->getMessage();
}
Really lost here, I want to keep it abstracted with isSuccessful(), isRedirect() etc. Any help is really appreciated.
Documentation: https://resourcecentre.globaliris.com/documents/pdf.html?id=98
It looks like global iris does things differently, in that they require you to make the 3d secure request separately to the initial charge. So there are three steps (request 3dsecure, verify 3dsecure, make payment).
To keep things in line with the omnipay way of doing things I would combine the last two steps. So when you call purchase(), make the 3ds-verifyenrolled request and return a redirect response if the request is successful.
Then, when the customer returns from 3dsecure, in your completePurchase() method, first verify the 3dsecure signature, then if the signature/3dsecure was successful, make a payment request to their server and return the response.