Merge remote-tracking branch 'origin/release/9.8.1' into trunk

Author: diegocurbelo

changelog.txt

@@ -1,5 +1,11 @@
 *** Changelog ***
 
+= 9.8.1 - 2025-08-15 =
+* Fix - Remove connection type requirement from PMC sync migration attempt
+* Fix - Relax customer validation that was preventing payments from the pay for order page
+* Fix - Prevent the PMC migration to run when the plugin is not connected to Stripe
+* Fix - Fixes a fatal error in the OC inbox note when the new checkout is disabled
+
 = 9.8.0 - 2025-08-11 =
 * Add - Adds the current setting value for the Optimized Checkout to the Stripe System Status Report data
 * Add - A new pill to the payment methods page to indicate the credit card requirement when the Optimized Checkout feature is enabled

includes/admin/class-wc-stripe-settings-controller.php

@@ -277,7 +277,7 @@ public function admin_scripts( $hook_suffix ) {
 			'account_country'                       => $this->account->get_account_country(),
 			'are_apms_deprecated'                   => WC_Stripe_Feature_Flags::are_apms_deprecated(),
 			'is_amazon_pay_available'               => WC_Stripe_Feature_Flags::is_amazon_pay_available(),
-			'is_oc_available'                       => WC_Stripe_Feature_Flags::is_oc_available(),
+			'is_oc_available'                       => WC_Stripe_Feature_Flags::is_oc_available() && WC_Stripe_Feature_Flags::is_upe_checkout_enabled(),
 			'is_oc_enabled'                         => $is_oc_enabled,
 			'oauth_nonce'                           => wp_create_nonce( 'wc_stripe_get_oauth_urls' ),
 			'is_sepa_tokens_enabled'                => 'yes' === $this->gateway->get_option( 'sepa_tokens_for_other_methods', 'no' ),

includes/class-wc-gateway-stripe.php

@@ -1230,4 +1230,17 @@ private function validate_field( $field_key, $field_value ) {
 	public function is_payment_request_enabled() {
 		return 'yes' === $this->get_option( 'payment_request' );
 	}
+
+	/**
+	 * Checks if the Optimized Checkout setting is enabled.
+	 *
+	 * OC is not supported in the legacy gateway, so we return false here,
+	 * this method is then overridden by UPE payment gateway which extends from this class.
+	 *
+	 * @return bool Always false.
+	 */
+	public function is_oc_enabled() {
+		// Always return false here, as OC is not supported in the legacy gateway.
+		return false;
+	}
 }

includes/class-wc-stripe-customer.php

@@ -10,6 +10,24 @@
  */
 class WC_Stripe_Customer {
 
+	/**
+	 * Constant for the customer context when adding a payment method.
+	 */
+	public const CUSTOMER_CONTEXT_ADD_PAYMENT_METHOD = 'add_payment_method';
+
+	/**
+	 * Constant for the customer context when paying for an order via the "Pay for Order" page.
+	 */
+	public const CUSTOMER_CONTEXT_PAY_FOR_ORDER = 'pay_for_order';
+
+	/**
+	 * Constants for the customer contexts where minimal billing details are permitted.
+	 */
+	public const MINIMAL_BILLING_DETAILS_CONTEXTS = [
+		self::CUSTOMER_CONTEXT_ADD_PAYMENT_METHOD,
+		self::CUSTOMER_CONTEXT_PAY_FOR_ORDER,
+	];
+
 	/**
 	 * String prefix for Stripe payment methods request transient.
 	 */
@@ -209,19 +227,19 @@ protected function generate_customer_request( $args = [] ) {
 	/**
 	 * Validate that we have valid data before we try to create a customer.
 	 *
-	 * @param array $create_customer_request
-	 * @param bool  $is_add_payment_method_page
+	 * @param array       $create_customer_request The base data to build the customer request.
+	 * @param null|string $current_context         Flag to indicate whether we are in a context where limited details are permitted.
 	 *
 	 * @throws WC_Stripe_Exception
 	 */
-	private function validate_create_customer_request( $create_customer_request, $is_add_payment_method_page = false ) {
+	private function validate_create_customer_request( $create_customer_request, ?string $current_context = null ) {
 		/**
 		 * Filters the required customer fields when creating a customer in Stripe.
 		 *
 		 * @since 9.7.0
-		 * @param array $required_fields The required customer fields as derived from the required billing fields in checkout.
+		 * @param array $required_fields The required customer fields as derived from the required billing fields in checkout. In some contexts, like adding a payment method, we allow minimal details to be provided.
 		 */
-		$required_fields = apply_filters( 'wc_stripe_create_customer_required_fields', $this->get_create_customer_required_fields( $is_add_payment_method_page ) );
+		$required_fields = apply_filters( 'wc_stripe_create_customer_required_fields', $this->get_create_customer_required_fields( $current_context ) );
 
 		foreach ( $required_fields as $field => $field_requirements ) {
 			if ( true === $field_requirements ) {
@@ -258,13 +276,12 @@ private function validate_create_customer_request( $create_customer_request, $is
 	/**
 	 * Get the list of required fields for the create customer request.
 	 *
-	 * @param bool $is_add_payment_method_page
+	 * @param string|null $current_context The context we are creating the customer in.
 	 *
 	 * @return array
 	 */
-	private function get_create_customer_required_fields( $is_add_payment_method_page = false ) {
-		// If we are on the add payment method page, we need to check just for the email field.
-		if ( $is_add_payment_method_page ) {
+	private function get_create_customer_required_fields( ?string $current_context = null ) {
+		if ( in_array( $current_context, self::MINIMAL_BILLING_DETAILS_CONTEXTS, true ) ) {
 			return [
 				'email' => true,
 			];
@@ -422,19 +439,22 @@ public function get_existing_customer( $email, $name ) {
 	 * Create a customer via API.
 	 *
 	 * @param array $args
-	 * @param bool  $is_add_payment_method_page Whether the request is for the add payment method page.
+	 * @param string|null $current_context The context we are creating the customer in.
 	 * @return WP_Error|int
 	 *
 	 * @throws WC_Stripe_Exception
 	 */
-	public function create_customer( $args = [], $is_add_payment_method_page = false ) {
+	public function create_customer( $args = [], $current_context = null ) {
 		$args = $this->generate_customer_request( $args );
 
 		// For guest users, check if a customer already exists with the same email and name in Stripe account before creating a new one.
 		if ( ! $this->get_id() && 0 === $this->get_user_id() && ! empty( $args['email'] ) && ! empty( $args['name'] ) ) {
 			$response = $this->get_existing_customer( $args['email'], $args['name'] );
 		}
 
+		// $current_context was initially introduced as a boolean flag, so check for old callers.
+		$current_context = $this->normalize_current_context( $current_context );
+
 		if ( empty( $response ) ) {
 			/**
 			 * Filters the arguments used to create a customer.
@@ -445,7 +465,7 @@ public function create_customer( $args = [], $is_add_payment_method_page = false
 			 */
 			$create_customer_args = apply_filters( 'wc_stripe_create_customer_args', $args );
 
-			$this->validate_create_customer_request( $create_customer_args, $is_add_payment_method_page );
+			$this->validate_create_customer_request( $create_customer_args, $current_context );
 
 			$response = WC_Stripe_API::request( $create_customer_args, 'customers' );
 		} else {
@@ -523,19 +543,45 @@ public function update_customer( $args = [], $is_retry = false ) {
 	 * Updates existing Stripe customer or creates new customer for User through API.
 	 *
 	 * @param array $args     Additional arguments for the request (optional).
+	 * @param string|null $current_context The context we are creating the customer in.
 	 *
 	 * @return string Customer ID
 	 *
 	 * @throws WC_Stripe_Exception
 	 */
-	public function update_or_create_customer( $args = [], $is_add_payment_method_page = false ) {
+	public function update_or_create_customer( $args = [], $current_context = null ) {
 		if ( empty( $this->get_id() ) ) {
-			return $this->recreate_customer( $args, $is_add_payment_method_page );
+			// $current_context was initially introduced as a boolean flag, so check for old callers.
+			$current_context = $this->normalize_current_context( $current_context );
+
+			return $this->recreate_customer( $args, $current_context );
 		} else {
 			return $this->update_customer( $args );
 		}
 	}
 
+	/**
+	 * Normalize the current context to a string, as the argument was initially introduced as a boolean flag.
+	 *
+	 * @param string|bool|null $current_context The current context.
+	 * @return string|null The normalized context.
+	 */
+	private function normalize_current_context( $current_context ): ?string {
+		if ( null === $current_context ) {
+			return null;
+		}
+
+		if ( is_bool( $current_context ) ) {
+			return $current_context ? self::CUSTOMER_CONTEXT_ADD_PAYMENT_METHOD : null;
+		}
+
+		if ( is_string( $current_context ) ) {
+			return $current_context;
+		}
+
+		return null;
+	}
+
 	/**
 	 * Checks to see if error is of invalid request
 	 * error and it is no such customer.
@@ -978,13 +1024,13 @@ public function delete_id_from_meta() {
 	 * Recreates the customer for this user.
 	 *
 	 * @param array $args Additional arguments for the request (optional).
-	 * @param bool  $is_add_payment_method_page Whether the request is for the add payment method page.
+	 * @param string|null $current_context The context we are creating the customer in.
 	 *
 	 * @return string ID of the new Customer object.
 	 */
-	private function recreate_customer( $args = [], $is_add_payment_method_page = false ) {
+	private function recreate_customer( $args = [], ?string $current_context = null ) {
 		$this->delete_id_from_meta();
-		return $this->create_customer( $args, $is_add_payment_method_page );
+		return $this->create_customer( $args, $current_context );
 	}
 
 	/**

includes/class-wc-stripe-helper.php

@@ -1983,4 +1983,24 @@ public static function validate_intent_for_order( $order, $intent, ?string $sele
 
 		throw new Exception( __( "We're not able to process this request. Please try again later.", 'woocommerce-gateway-stripe' ) );
 	}
+
+	/**
+	 * Determines if the store is connected to Stripe.
+	 *
+	 * @param string $mode Optional. The mode to check. 'live' or 'test' - if not provided, the currently enabled mode will be checked.
+	 * @return bool True if connected, false otherwise.
+	 */
+	public static function is_connected( $mode = null ) {
+		// If the mode is not provided, we'll check the current mode.
+		if ( null === $mode ) {
+			$mode = WC_Stripe_Mode::is_test() ? 'test' : 'live';
+		}
+
+		$options = self::get_stripe_settings();
+		if ( 'test' === $mode ) {
+			return isset( $options['test_publishable_key'], $options['test_secret_key'] ) && trim( $options['test_publishable_key'] ) && trim( $options['test_secret_key'] );
+		} else {
+			return isset( $options['publishable_key'], $options['secret_key'] ) && trim( $options['publishable_key'] ) && trim( $options['secret_key'] );
+		}
+	}
 }

includes/class-wc-stripe-intent-controller.php

@@ -1197,7 +1197,7 @@ public function create_and_confirm_setup_intent_ajax() {
 			// Manually create the payment information array to create & confirm the setup intent.
 			$payment_information = [
 				'payment_method'        => $payment_method,
-				'customer'              => $customer->update_or_create_customer( [], true ),
+				'customer'              => $customer->update_or_create_customer( [], WC_Stripe_Customer::CUSTOMER_CONTEXT_ADD_PAYMENT_METHOD ),
 				'selected_payment_type' => $payment_type,
 				'return_url'            => wc_get_account_endpoint_url( 'payment-methods' ),
 				'use_stripe_sdk'        => 'true', // We want the user to complete the next steps via the JS elements. ref https://docs.stripe.com/api/setup_intents/create#create_setup_intent-use_stripe_sdk

includes/class-wc-stripe-payment-method-configurations.php

@@ -296,21 +296,18 @@ function ( $id ) use ( $is_test_mode ) {
 
 	/**
 	 * Check if the payment method configurations API can be used to store enabled payment methods.
-	 * This requires the Stripe account to be connected to our platform ('connection_type' option to be 'connect').
-	 *
-	 * This is temporary until we finish the re-authentication campaign.
+	 * This requires the Stripe account to be connected to Stripe.
 	 *
 	 * @return bool
 	 */
 	public static function is_enabled() {
-		$stripe_settings     = WC_Stripe_Helper::get_stripe_settings();
-		$connection_type_key = WC_Stripe_Mode::is_test() ? 'test_connection_type' : 'connection_type';
-
-		// If the account is not a Connect OAuth account, we can't use the payment method configurations API.
-		if ( ! isset( $stripe_settings[ $connection_type_key ] ) || 'connect' !== $stripe_settings[ $connection_type_key ] ) {
+		// Bail if account is not connected.
+		if ( ! WC_Stripe_Helper::is_connected() ) {
 			return false;
 		}
 
+		$stripe_settings = WC_Stripe_Helper::get_stripe_settings();
+
 		// If we have the pmc_enabled flag, and it is set to no, we should not use the payment method configurations API.
 		// We only disable the PMC if the flag is set to no explicitly, an empty value means the migration has not been attempted yet.
 		if ( isset( $stripe_settings['pmc_enabled'] ) && 'no' === $stripe_settings['pmc_enabled'] ) {
@@ -362,18 +359,35 @@ public static function maybe_migrate_payment_methods_from_db_to_pmc( $force_migr
 			);
 		}
 
-		// Update the PMC if there are any enabled payment methods
+		// Update the PMC if there are locally enabled payment methods
 		if ( ! empty( $enabled_payment_methods ) ) {
-
 			// Get all available payment method IDs from the configuration.
 			// We explicitly disable all payment methods that are not in the enabled_payment_methods array
 			$available_payment_method_ids = [];
 			foreach ( $merchant_payment_method_configuration as $payment_method_id => $payment_method ) {
 				if ( isset( $payment_method->display_preference ) ) {
 					$available_payment_method_ids[] = $payment_method_id;
 				}
+
+				// We want to also include payment methods enabled in the PMC, except for express payment methods.
+				if (
+					! in_array( $payment_method_id, WC_Stripe_Payment_Methods::EXPRESS_PAYMENT_METHODS, true ) &&
+					! in_array( $payment_method_id, $enabled_payment_methods, true ) &&
+					isset( $payment_method->display_preference->value ) && 'on' === $payment_method->display_preference->value
+				) {
+					$enabled_payment_methods[] = $payment_method_id;
+				}
 			}
 
+			WC_Stripe_Logger::error(
+				'Switching to Stripe-hosted payment method configuration',
+				[
+					'pmc_id'                       => $merchant_payment_method_configuration->id,
+					'enabled_payment_methods'      => $enabled_payment_methods,
+					'available_payment_method_ids' => $available_payment_method_ids,
+				]
+			);
+
 			self::update_payment_method_configuration(
 				$enabled_payment_methods,
 				$available_payment_method_ids
@@ -395,7 +409,7 @@ public static function maybe_migrate_payment_methods_from_db_to_pmc( $force_migr
 	 * This is called when no Payment Method Configuration is found that inherits from the WooCommerce Platform.
 	 */
 	private static function disable_payment_method_configuration_sync() {
-		$stripe_settings = WC_Stripe_Helper::get_stripe_settings();
+		$stripe_settings                = WC_Stripe_Helper::get_stripe_settings();
 		$stripe_settings['pmc_enabled'] = 'no';
 		WC_Stripe_Helper::update_main_stripe_settings( $stripe_settings );
 	}

includes/connect/class-wc-stripe-connect.php

@@ -269,17 +269,7 @@ private function get_default_stripe_config() {
 		 * @return bool True if connected, false otherwise.
 		 */
 		public function is_connected( $mode = null ) {
-			// If the mode is not provided, we'll check the current mode.
-			if ( is_null( $mode ) ) {
-				$mode = WC_Stripe_Mode::is_test() ? 'test' : 'live';
-			}
-
-			$options = WC_Stripe_Helper::get_stripe_settings();
-			if ( 'test' === $mode ) {
-				return isset( $options['test_publishable_key'], $options['test_secret_key'] ) && trim( $options['test_publishable_key'] ) && trim( $options['test_secret_key'] );
-			} else {
-				return isset( $options['publishable_key'], $options['secret_key'] ) && trim( $options['publishable_key'] ) && trim( $options['secret_key'] );
-			}
+			return WC_Stripe_Helper::is_connected( $mode );
 		}
 
 		/**

includes/constants/class-wc-stripe-payment-methods.php

@@ -79,6 +79,13 @@ class WC_Stripe_Payment_Methods {
 		self::WECHAT_PAY,
 	];
 
+	const EXPRESS_PAYMENT_METHODS = [
+		self::AMAZON_PAY,
+		self::APPLE_PAY,
+		self::GOOGLE_PAY,
+		self::LINK,
+	];
+
 	/**
 	 * List of express payment methods labels. Amazon Pay and Link are not included,
 	 * as they have their own payment method classes.

includes/payment-methods/class-wc-stripe-upe-payment-gateway.php

@@ -2858,10 +2858,12 @@ private function get_customer_id_for_order( WC_Order $order ): string {
 		$user     = $this->get_user_from_order( $order );
 		$customer = new WC_Stripe_Customer( $user->ID );
 
+		$current_context = $this->is_valid_pay_for_order_endpoint() ? WC_Stripe_Customer::CUSTOMER_CONTEXT_PAY_FOR_ORDER : null;
+
 		// Pass the order object so we can retrieve billing details
 		// in payment flows where it is not present in the request.
 		$args = [ 'order' => $order ];
-		return $customer->update_or_create_customer( $args );
+		return $customer->update_or_create_customer( $args, $current_context );
 	}
 
 	/**