Duplicate orders

[marijorg]

Several customers reports of issues with duplicate orders when using Vipps. The Vipps payment id the same, but two separate orders are created, both processed at the same time.

The issue seem to be caused by user loosing session cookie in redirect, ending up on other instance (which may occur on phone), ref:

"Because of this Vipps recommends a stateless approach on the website that is supposed to be the end session. An example would a polling-based result handling from a value in the redirect URL (fallback)."

What happens is that both callback (user session) and api and/or polling call from api initiates order creation.

The api and polling calls from Vipps are fallbacks to guarantee order creation (i.e. if user closes browser or navigates away too early).

Suggested solution:

• Add flag to cart object - VippsProcessedStarted and check this flag before proceeding proceeding.
• The check if flag exists should to be applied to ProcessOrder method here: https://github.com/Geta/vipps/blob/7b484f7bef2b60dbdc28edf24b9e7a81bb2ef899/src/Vipps/Services/DefaultVippsOrderProcessor.cs#L56
• Add overload to VippsOrderProcessor for ProcessOrder that works with cart/order object (to limit timing issue).
• Look at improving logic in public IPurchaseOrder GetPurchaseOrderByOrderId(string orderId) - using "LIKE" is not good for performance.

Note:
This needs fix: DateTime.Now needs to be converted to UTC time:
https://github.com/Geta/vipps/blob/commerce-13/src/Vipps/Polling/VippsPollingService.cs#L78

[cloveras]

Hello, @marijorg!

Thanks for this, I'll pass it on the the .. plugin people.

Btw: Duplicate orders may be related to the recent problems at DNB: https://www.dnbstatus.no/incidents I know we are doing some clean-up work related to that.

Christian, Vipps

[svenrog]

Is this issue still relevant after #12?

[Nikola117]

We are still having this issue, this was released in version 4.1.1 and we are on 4.1.4, I have logs if needed. Can you help with this?