Magento 2.3 — Invalid Form Key. Please refresh the page

Finally I got the solution

I have a custom payment method that uses the cc-form to take credit card payments with and without 3dsecure. After placing order with 3dsecure, I am re-directing to 3dsecure page as normal, but on returning from 3dsecure, I am re-directed to the home page with "Invalid Form Key. Please refresh the page why because in Magento 2.3 core payment methods are using CsrfAwareActionInterface for each controller."

So now i have implemented same thing in my custom payment method as below

use Magento\Framework\App\CsrfAwareActionInterface;
use Magento\Framework\App\Request\InvalidRequestException;
use Magento\Framework\App\RequestInterface;

class CustomPaymentResponse extends \Magento\Framework\App\Action\Action implements CsrfAwareActionInterface

/** 
 * @inheritDoc
 */
public function createCsrfValidationException(
    RequestInterface $request 
): ?InvalidRequestException {
    return null;
}

/**
 * @inheritDoc
 */
public function validateForCsrf(RequestInterface $request): ?bool
{
    return true;
}

Note : you can get reference from core module. Here is the core file path vendor\magento\module-authorizenet\Controller\Directpost\Payment\BackendResponse.php.


    use Magento\Framework\App\CsrfAwareActionInterface;
    use Magento\Framework\App\Request\InvalidRequestException;
    use Magento\Framework\App\RequestInterface;

    class CustomPaymentResponse extends \Magento\Framework\App\Action\Action implements CsrfAwareActionInterface

    /** 
     * @inheritDoc
     */
    public function createCsrfValidationException(
        RequestInterface $request 
    ): ?InvalidRequestException {
        return null;
    }

    /**
     * @inheritDoc
     */
    public function validateForCsrf(RequestInterface $request): ?bool
    {
        return true;
    }
   /**
     * Dispatch request
     *
     * @return \Magento\Framework\Controller\ResultInterface|ResponseInterface
     * @throws \Magento\Framework\Exception\NotFoundException
     */
   public function execute()
    {
    //your response check
    }

Your response controller should be like this, then only form key issue will fix.

Referrence: https://github.com/magento/magento2/issues/19712

Tags:

Upgrade

Magento2.3

Form Key

Recent Posts