1

We have an eCommerce site that is using Authorize.net as a payment gateway.

We have recently run into the issue of people submitting a payment confirmation, and then clicking submit again later on. This is resulting in a double-product situation, and/or double payment.

Some things to consider:

  • The payment confirmation page is a result of a PRG (Post-Redirect-Get) which is loaded before the user submits their payment
  • We have functionality in place that will actually act on each part of the request (see below for description of this)
  • This situation will only apply when Authorize.net transactions take longer than normal.
  • This is NOT in production yet, we are merely looking for a way to test this new functionality to prevent this behavior.

The Prevention Piece

We have a multi-step checkout form that follows the following process:

  • Product selection
  • Payment entry
  • Confirm Order / Submit Payment
  • Receipt

Each step of the process executes a call to a service that checks to see if the user has a current 'order' that has one of several statuses: started, processing or complete.

If the order is started, it will redirect them to the first page of the checkout flow. If the order is processing, it will redirect them to a placeholder page that executes an ajax request every 2 seconds to check the status of the order. When the order is complete, they are redirected to the receipt page. If the order is complete, they are redirected to the receipt page immediately.

The Problem

Since this functionality is really only valid when the processing transactions take a bit longer, it gives us problems testing it - for a few reasons:

  1. Our dev server is slow, and it is more likely than not that Authorize.net will respond to our request before the page is even rendered by the application.
  2. If we dummy the response up by using the PHP function sleep(), it blocks the thread and nothing runs, and we are in the same boat as [1].

What we hope

I do not know if there is a way to make Authorize.net respond to requests in a slower manner via some parameter, or if there is another way to accomplish this. I welcome ANY and ALL ideas!

Barry Chapman
  • 6,690
  • 3
  • 36
  • 64

1 Answers1

1

You shouldn't be testing directly against Authnet for this. Make your own Authnet "server" and have it delay its response to you. For unit test I wrote for my Authnet library I created my own fake server which sends back the appropriate response I need to test. You can do the same and have the "server" wait as long as you need to before sending back a response. The response doesn't have to be real for you to test a delay.

John Conde
  • 217,595
  • 99
  • 455
  • 496