Idempotency key for deferred intent UPE

[annemirasol]

Changes proposed in this Pull Request:

We use idempotency keys when creating charges for legacy checkout, i.e. sending POST requests to the charges endpoint. This is to avoid creating multiple charges for the same request, from retries or poor network conditions.

We want that same behavior for the new checkout. This PR adds idempotency keys to deferred intent requests, which uses the payment_intents endpoint.

Background

We've been receiving several reports of multiple charges for a single order. While hard to reproduce, these patterns emerge:

• Pattern 1: After submitting the order, i.e. clicking "Place order", the shopper gets an error. They then resubmit the order, but later it turns out that their first attempt successfully created a payment intent and charge.
• Pattern 2: No shopper retries involved, but multiple payment intents are created, with timestamps that are <1 minute apart.
• Pattern 3: Same as pattern 2, but for automated subscription renewals.

For Pattern 1, we have recently pushed code that checks if the order already has an existing payment intent before attempting to request a new one.

For Patterns 2 and 3, I believe these are caused by network-related retries, and using an idempotency key should help with these.

https://docs.stripe.com/api/idempotent_requests
https://docs.stripe.com/payments/payment-intents#best-practices
Original PR for idempotency: #503

Testing instructions

1. Verify that you are able to complete simple purchases without any trouble.
2. Verify that the order's payment method and/or billing details can be changed without getting an idempotency error:
   • Enable other payments methods, like Klarna.
   • As a shopper, try to make a purchase with the generic decline card 4000000000000002.
   • After receiving the expected "card declined" message, switch your payment method to Klarna.
   • Change your billing/shipping address.
   • Resubmit your order.
   • You should not get any idempotency-related errors.
3. Verify that subscription renewals are not negatively impacted.
   • As a shopper, purchase a subscription.
   • As the merchant, go to the wp-admin subscription page, and manually process a renewal.

---

• Covered with tests (or have a good reason not to test in description ☝️)
• Tested on mobile (or does not apply)

Post merge

• Added testing instructions to the Release Testing Instructions wiki page (or does not apply)
• Added the needs docs label (or does not apply)
• Included this PR in the Release Thread scope (or does not apply)

[Mayisha]

Thanks for implementing this @annemirasol.

✅ Checkout with a valid card.
✅ Checkout with 3DS card.
✅ Checkout with Google Pay.
✅ Checkout with IDeal, Multibanco, Sepa, Klarna.
✅ Checkout with a failed card, then a valid card.
✅ Checkout with a failed card, then iDeal.
✅ Subscription purchase.
✅ Subscription purchase with a failed card, then a valid card.
✅ Renew a old subscription.
✅ Refund.