Updates to support Commerce 3.0 (!4) · Merge requests · project / commerce_opayo_pi

Frontend (JS): js/opayo-pi-dropinform.js

Reworked processingOpayoCheckout() to detect expired MSK on load and request a fresh key via AJAX, then rebuild the Drop-in.
Added safe fallback to gatewayId refresh endpoint when orderId isn’t present.
Used encodeURIComponent on IDs in refresh URLs.
Centralized timeout handling (startMerchantSessionKeyTimeout) and ensured intervals/timeouts are cleared on refresh/submit.
Recorded refreshed MSK into hidden inputs so submit contains the latest values.

Backend (PHP): OpayoPiPaymentGateway.php

Fixed MSK invalidation to use injected privateTempStore correctly and the right key.

public function invalidateCurrentMerchantSessionKey($order_id): void { $order_id = (string) ($order_id instanceof OrderInterface ? $order_id->id() : $order_id); $key = 'merchantSessionKey-' . $order_id; $existing = $this->privateTempStore->get($key); if ($existing !== NULL) { $this->privateTempStore->delete($key); $this->logVerboseDebug('invalidateCurrentMerchantSessionKey: deleted ' . $key); } }
Left getCurrentMerchantSessionKey() and invalidateMerchantSessionKey() using the same collection/key pattern to keep behavior consistent.

Configuration (copy)

Shortened default 3DS iFrame notice to be ≤128 chars, e.g.:
One more step: click below to verify with your bank.

Edited Sep 03, 2025 by Chris Archer

Updates to support Commerce 3.0