Security: remove uses of payment intent secret and existing meta (#6836)

includes/gateways/stripe/includes/give-stripe-helpers.php

@@ -630,36 +630,6 @@ function give_stripe_get_application_fee_amount( $amount ) {
 	return round( $amount * give_stripe_get_application_fee_percentage() / 100, 0 );
 }
 
-/**
- * This function is used to fetch the donation id by meta key.
- *
- * @param string $id   Any String.
- * @param string $type intent_id/client_secret
- *
- * @since 2.5.0
- *
- * @return void
- */
-function give_stripe_get_donation_id_by( $id, $type ) {
-
-	global $wpdb;
-
-	$donation_id = 0;
-
-	switch ( $type ) {
-		case 'intent_id':
-			$donation_id = $wpdb->get_var( $wpdb->prepare( "SELECT donation_id FROM {$wpdb->donationmeta} WHERE meta_key = '_give_stripe_payment_intent_id' AND meta_value = %s LIMIT 1", $id ) );
-			break;
-
-		case 'client_secret':
-			$donation_id = $wpdb->get_var( $wpdb->prepare( "SELECT donation_id FROM {$wpdb->donationmeta} WHERE meta_key = '_give_stripe_payment_intent_client_secret' AND meta_value = %s LIMIT 1", $id ) );
-			break;
-	}
-
-	return $donation_id;
-
-}
-
 /**
  * This function is used to set Stripe API Key.
  *
@@ -874,11 +844,12 @@ function give_stripe_is_source_type( $id, $type = 'src' ) {
 /**
  * This helper function is used to process Stripe payments.
  *
- * @param array  $donation_data  Donation form data.
- * @param object $stripe_gateway $this data.
- *
+ * @unreleased no longer store the payment intent secret
  * @since 2.5.0
  *
+ * @param array $donation_data Donation form data.
+ * @param object $stripe_gateway $this data.
+ *
  * @return void
  */
 function give_stripe_process_payment( $donation_data, $stripe_gateway ) {
@@ -978,10 +949,6 @@ function give_stripe_process_payment( $donation_data, $stripe_gateway ) {
 
 			$intent = $stripe_gateway->payment_intent->create( $intent_args );
 
-			// Save Payment Intent Client Secret to donation note and DB.
-			give_insert_payment_note( $donation_id, 'Stripe Payment Intent Client Secret: ' . $intent->client_secret );
-			give_update_meta( $donation_id, '_give_stripe_payment_intent_client_secret', $intent->client_secret );
-
 			// Set Payment Intent ID as transaction ID for the donation.
 			give_set_payment_transaction_id( $donation_id, $intent->id );
 			give_insert_payment_note( $donation_id, 'Stripe Charge/Payment Intent ID: ' . $intent->id );

includes/gateways/stripe/includes/payment-methods/class-give-stripe-sepa.php

@@ -155,14 +155,15 @@ class="give-stripe-sepa-iban-field give-stripe-cc-field"
 		}
 
 		/**
-		 * This function will be used for donation processing.
-		 *
-		 * @param array $donation_data List of donation data.
-		 *
-		 * @return void
-		 * @since  2.6.1
-		 * @access public
-		 */
+         * This function will be used for donation processing.
+         *
+         * @unreleased no longer store the intent secret in the database
+         * @since  2.6.1
+         *
+         * @param array $donation_data List of donation data.
+         *
+         * @return void
+         */
 		public function process_payment( $donation_data ) {
 
 			// Bailout, if the current gateway and the posted gateway mismatched.
@@ -287,11 +288,6 @@ public function process_payment( $donation_data ) {
 					$intent = $this->payment_intent->create( $intent_args );
 
 					if ( ! empty( $intent->status ) && 'processing' === $intent->status ) {
-
-						// Save Payment Intent Client Secret to donation note and DB.
-						give_insert_payment_note( $donation_id, 'Stripe Payment Intent Client Secret: ' . $intent->client_secret );
-						give_update_meta( $donation_id, '_give_stripe_payment_intent_client_secret', $intent->client_secret );
-
 						// Set Payment Intent ID as transaction ID for the donation.
 						give_set_payment_transaction_id( $donation_id, $intent->id );
 						give_insert_payment_note( $donation_id, 'Stripe Charge/Payment Intent ID: ' . $intent->id );

src/PaymentGateways/Gateways/Stripe/Actions/CreatePaymentIntent.php

@@ -27,6 +27,7 @@ public function __construct(array $paymentIntentArgs = [])
     }
 
     /**
+     * @unreleased no longer store the payment intent secret
      * @since 2.19.0
      *
      * @throws InvalidPropertyName
@@ -71,17 +72,6 @@ public function __invoke(
             'content' => sprintf(__('Stripe Charge/Payment Intent ID: %s', 'give'), $intent->id())
         ]);
 
-        DonationNote::create([
-            'donationId' => $donation->id,
-            'content' => sprintf(__('Stripe Payment Intent Client Secret: %s', 'give'), $intent->clientSecret())
-        ]);
-
-        give_update_meta(
-            $donation->id,
-            '_give_stripe_payment_intent_client_secret',
-            $intent->clientSecret()
-        );
-
         if ('requires_action' === $intent->status()) {
             DonationNote::create([
                 'donationId' => $donation->id,

src/PaymentGateways/Gateways/Stripe/Migrations/RemovePaymentIntentSecretMeta.php

@@ -0,0 +1,58 @@
+<?php
+
+namespace Give\PaymentGateways\Gateways\Stripe\Migrations;
+
+use Give\Framework\Database\DB;
+use Give\Framework\Migrations\Contracts\Migration;
+
+/**
+ * Removes the secret meta that was unnecessarily stored in the database for donations.
+ *
+ * @unreleased
+ */
+class RemovePaymentIntentSecretMeta extends Migration
+{
+    /**
+     * @inheritDoc
+     */
+    public static function id(): string
+    {
+        return 'remove_payment_intent_secret_meta';
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public static function title(): string
+    {
+        return __('Remove payment intent secret meta', 'give');
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public static function timestamp()
+    {
+        return strtotime('2023-06-29 00:00:00');
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function run()
+    {
+        DB::delete(
+            DB::prefix('give_donationmeta'),
+            ['meta_key' => '_give_stripe_payment_intent_client_secret'],
+            ['%s']
+        );
+
+        $commentsTable = DB::prefix('give_comments');
+        DB::query(
+            DB::prepare(
+                "DELETE FROM {$commentsTable} WHERE comment_type = 'donation' AND comment_content LIKE %s",
+                'Stripe Payment Intent Client Secret:%'
+            )
+        );
+    }
+}

src/PaymentGateways/ServiceProvider.php

@@ -14,6 +14,7 @@
 use Give\PaymentGateways\Gateways\Stripe\Controllers\UpdateStatementDescriptorAjaxRequestController;
 use Give\PaymentGateways\Gateways\Stripe\Migrations\AddMissingTransactionIdForUncompletedDonations;
 use Give\PaymentGateways\Gateways\Stripe\Migrations\AddStatementDescriptorToStripeAccounts;
+use Give\PaymentGateways\Gateways\Stripe\Migrations\RemovePaymentIntentSecretMeta;
 use Give\PaymentGateways\PayPalCommerce\Migrations\RegisterPayPalDonationsRefreshTokenCronJobByMode;
 use Give\PaymentGateways\PayPalCommerce\Migrations\RemoveLogWithCardInfo;
 use Give\ServiceProviders\ServiceProvider as ServiceProviderInterface;
@@ -68,6 +69,7 @@ public function boot()
     }
 
     /**
+     * @unreleased add RemovePaymentIntentSecretMeta migration
      * @since 2.19.6
      */
     private function registerMigrations()
@@ -76,7 +78,8 @@ private function registerMigrations()
             AddStatementDescriptorToStripeAccounts::class,
             AddMissingTransactionIdForUncompletedDonations::class,
             RemoveLogWithCardInfo::class,
-            RegisterPayPalDonationsRefreshTokenCronJobByMode::class
+            RemovePaymentIntentSecretMeta::class,
+            RegisterPayPalDonationsRefreshTokenCronJobByMode::class,
         ]);
     }
 }