impress-org · jonwaldstein · Apr 3, 2025 · Apr 4, 2025 · glaubersilva · Apr 7, 2025
diff --git a/src/PaymentGateways/Gateways/PayPalCommerce/payPalCommerceGateway.tsx b/src/PaymentGateways/Gateways/PayPalCommerce/payPalCommerceGateway.tsx
@@ -160,7 +160,15 @@ import createSubscriptionPlan from './resources/js/createSubscriptionPlan';
      * @unreleased
      */
     const cardFieldsOnApproveHandler: PayPalCardFieldsComponentBasics['onApprove'] = async (data) => {
-        payPalOrderId = data.orderID;
+        // @ts-ignore
+        const {orderID, liabilityShift} = data;
+        payPalOrderId = orderID
+
+        if (liabilityShift && !['POSSIBLE', 'YES'].includes(liabilityShift)) {
+            console.log('Liability shift not possible or not accepted.');
+            throw new Error(__('Card type and issuing bank are not ready to complete a 3D Secure authentication.', 'give'));
+        }
+
         return;
     };
 

diff --git a/src/PaymentGateways/PayPalCommerce/PayPalCommerce.php b/src/PaymentGateways/PayPalCommerce/PayPalCommerce.php
@@ -98,7 +98,9 @@ public function createPayment(Donation $donation, $gatewayData): GatewayCommand
 
             $transactionId = $payPalOrder->purchase_units[0]->payments->captures[0]->id;
 
-        } elseif ($payPalOrder->status === 'APPROVED') {
+        } elseif ($payPalOrder->status === 'APPROVED' || $payPalOrder->status === 'CREATED') {
+            $this->validate3dSecure($payPalOrder);
+
             if ($this->shouldUpdateOrder($donation, $payPalOrder)){
                 $payPalOrderRepository->updateApprovedOrder($payPalOrderId, $donation->amount);
             }
@@ -110,7 +112,7 @@ public function createPayment(Donation $donation, $gatewayData): GatewayCommand
 
             $transactionId  = $response->purchase_units[0]->payments->captures[0]->id;
         } else {
-            throw new PaymentGatewayException('PayPal Order status is not approved or completed.');
+            throw new PaymentGatewayException('PayPal Order status is not found.');
         }
 
         give()->payment_meta->update_meta(
@@ -332,5 +334,20 @@ private function validatePayPalOrder(object $payPalOrder): void
 
             throw new PaymentGatewayException($errorMessage);
         }
+
+        $this->validate3dSecure($payPalOrder);
+    }
+
+    /**
+     * @unreleased
+     *
+     * @throws PaymentGatewayException
+     */
+    private function validate3dSecure(object $payPalOrder): void
+    {
+        // Check if the order is not ready for 3D Secure authentication
+        if (isset($payPalOrder->payment_source->card->authentication_result->liability_shift) && !in_array($payPalOrder->payment_source->card->authentication_result->liability_shift, ['POSSIBLE', 'YES'])) {
+            throw new PaymentGatewayException('Card type and issuing bank are not ready to complete a 3D Secure authentication.');
+        }
     }
 }
diff --git a/src/PaymentGateways/PayPalCommerce/Repositories/PayPalOrder.php b/src/PaymentGateways/PayPalCommerce/Repositories/PayPalOrder.php
@@ -142,6 +142,13 @@ public function createOrder(array $array, string $intent = 'CAPTURE'): string
                     ],
                     "email_address" => $array['payer']['email'],
                 ],
+                'card' => [
+                    'attributes' => [
+                        'verification' => [
+                            'method' => 'SCA_WHEN_REQUIRED'
+                        ]
+                    ]
+                ]
             ],
             'purchase_units' => [
                 $purchaseUnits