Braintree sandbox errors when using alternative Merchant Account ID on Magento CE 2.1.0

[flecxie]

When using an alternative Merchant Account ID on a vanilla Magento CE 2.1.0 payments are unsuccessful and Braintree responds with error id 91584 (Merchant account must match the 3D Secure authorization merchant account.).

Steps to reproduce

1. Install Magento-CE-2.1.0_sample_data-2016-06-23-02-34-56
2. Create a Braintree Sandbox account & configure in Magento BE (make sure to enable debug)
3. Create an extra Braintree Merchant Account ID (Settings -> Processing -> New Sandbox Merchant Account), select the same currency as base currency for simplicity (problem also occurs with different currencies)
4. Configure the new Braintree Merchant Account ID in Magento BE (under Advanced Braintree Settings -> Merchant Account ID)
5. Purchase item in store & enter test credit card number 5200000000000007 (expiry date & card verification nr don't matter)
6. When prompted for 3D Secure check enter code 1234

Expected result

1. Payment successful, order complete
2. debug.log has:

    'client' => 'Magento\\Braintree\\Gateway\\Http\\Client\\TransactionSale',
    'response' =>
    array (
      'success' => true,
      '' . "\0" . 'Braintree\\Result\\Successful' . "\0" . '_returnObjectNames' =>
      array (
        0 => 'transaction',
      ),

Actual result

1. Payment failed, message "Unable to place order. Please try again later.", see screenshot below:
   
2. debug.log has:

    'client' => 'Magento\\Braintree\\Gateway\\Http\\Client\\TransactionSale',                                         
    'response' =>                                                                                                     
    array (
      'success' => false,
      '' . "\0" . '*' . "\0" . '_attributes' => 
      array (
        'errors' => 
        Braintree\Error\ErrorCollection::__set_state(array(                                                           
           '_errors' =>                                                                                               
          Braintree\Error\ValidationErrorCollection::__set_state(array(
             '_errors' => 
            array (
            ),
             '_nested' => 
            array (
              'transaction' => 
              Braintree\Error\ValidationErrorCollection::__set_state(array(
                 '_errors' => 
                array (
                  0 => 
                  Braintree\Error\Validation::__set_state(array(
                     '_attribute' => 'merchantAccountId',
                     '_code' => '91584',
                     '_message' => 'Merchant account must match the 3D Secure authorization merchant account.',
                  )),

When the Merchant Account ID is either removed or changed to the default one (visible in Braintree under Settings -> Processing -> Merchant Accounts) then the transaction is successful.

Any chance that merchantaccount & merchantaccountid got mixed up somewhere (when displaying the 3D secure window)?

[YevSent]

Hi, @flecxie. Perhaps a problem related to created merchant account.
91584 this error says - merchant account should support 3D secure verification.

We have 3 different merchant account for testing and works with/without 3D secure.

I suppose you need to contact with Braintree support and ask to enable 3D secure for your new merchant account.
UPD 3D Secure configuration.

[flecxie]

@joni-jones: Appreciate your help! I have checked with Braintree and they confirmed that 3D secure is enabled for all our sandbox merchant accounts, they also provided the following information:

I took a look at your logs and I noticed that your website is not passing a merchant account ID with Client Token Generate API calls so we’re using the default merchant account ID (xxxxxxxxxxxxxxx) when generating a payment nonce on the client-side but you’re specifying a merchant account ID with your Transaction Sale API calls and that’s why the error 91584 (Merchant account must match the 3D Secure authorization merchant account.) is thrown. Basically, your Client Token Generate and Transaction Sale API calls must use the same merchant account ID. When you put in the merchant account ID testtesttest in your Magento configuration, please make sure to refresh the payment page on the client-side(or start the checkout flow from beginning) so a client-token gets generated with the correct merchant account ID.

Furthermore, I can confirm that the 3D Secure feature is enabled for all your merchant accounts so this is not an issue with your account configuration.

I have also checked & can reproduce this issue on the developer branch: all payments fail when I specify the alternative merchant account id & enable 3D Secure Verification in the Magento backend. When I disable 3D secure verification or when I change my merchant account id to the default one then payments do go through.

Happy to give you access to our test server if that helps...

[flecxie]

Digging through the code a bit more I believe that we need to specify merchantAccountId in ClientTokenGateway.php before the token is generated. When I hack the following line in the generate function of vendor/braintree/braintree_php/lib/Braintree/ClientTokenGateway.php then the payment does go through under my 'testtesttes' merchant account:

$params["merchantAccountId"] = "testtesttest";

See https://developers.braintreepayments.com/reference/request/client-token/generate/php#merchant_account_id for more information.

[flecxie]

Was able to resolve this issue for me by applying the following changes on Magento CE 2.1.0:

vendor/braintree/braintree_php/lib/Braintree/ClientTokenGateway.php:

@@ -41,6 +41,14 @@ class ClientTokenGateway
             $params["version"] = ClientToken::DEFAULT_VERSION;
         }

+        if (!array_key_exists("merchantAccountId", $params)) {
+            $merchantAccountId=$this->_config->getMerchantAccountId();
+            //$merchantAccountId="testtesttest";
+            if (!empty($merchantAccountId)) {
+                $params["merchantAccountId"] = $merchantAccountId;
+            }
+        }
+
         $this->conditionallyVerifyKeys($params);
         $generateParams = ["client_token" => $params];

vendor/braintree/braintree_php/lib/Braintree/Configuration.php:

@@ -16,6 +16,7 @@ class Configuration

     private $_environment = null;
     private $_merchantId = null;
+    private $_merchantAccountId = null;
     private $_publicKey = null;
     private $_privateKey = null;
     private $_clientId = null;
@@ -94,6 +95,14 @@ class Configuration
         self::$global->setMerchantId($value);
     }

+    public static function merchantAccountId($value=null)
+    {
+        if (empty($value)) {
+            return self::$global->getMerchantAccountId();
+        }
+        self::$global->setMerchantAccountId($value);
+    }
+
     public static function publicKey($value=null)
     {
         if (empty($value)) {
@@ -223,6 +232,11 @@ class Configuration
         return $this->_merchantId;
     }

+    public function getMerchantAccountId()
+    {
+        return $this->_merchantAccountId;
+    }
+
     /**
      * Do not use this method directly. Pass in the merchantId to the constructor.
      */
@@ -231,6 +245,11 @@ class Configuration
         $this->_merchantId = $value;
     }

+    public function setMerchantAccountId($value)
+    {
+        $this->_merchantAccountId = $value;
+    }
+
     public function getPublicKey()
     {
         return $this->_publicKey;

vendor/magento/module-braintree/Model/Adapter/BraintreeAdapter.php:

@@ -49,6 +49,8 @@ class BraintreeAdapter
         $this->merchantId($this->config->getValue(Config::KEY_MERCHANT_ID));
         $this->publicKey($this->config->getValue(Config::KEY_PUBLIC_KEY));
         $this->privateKey($this->config->getValue(Config::KEY_PRIVATE_KEY));
+        $merchantAccountId=$this->config->getValue(Config::KEY_MERCHANT_ACCOUNT_ID);
+        $this->merchantAccountId($merchantAccountId);
     }

     /**
@@ -69,6 +71,11 @@ class BraintreeAdapter
         return Configuration::merchantId($value);
     }

+    public function merchantAccountId($value = null)
+    {
+        return Configuration::merchantAccountId($value);
+    }
+
     /**
      * @param string|null $value
      * @return mixed

[YevSent]

Created internal ticket MAGETWO-56342.

[alena-marchenko]

Hi @flecxie

Fix for MAGETWO-56342 ticket is already merged to develop branch.
Closing the issue, please feel free to reopen if the issue still reproducible for you.