post-process Bango payment

RESOLVED FIXED in 2013-01-10

Status

P1
normal
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: kumar, Assigned: kumar)

Tracking

2013-01-10
x86
Mac OS X
Points:
---

Details

(Whiteboard: u=patron c=pmt p=3)

after receiving a successful Bango payment via URL redirect, do the following
- verify the Bango request (using their token API, details TBD)
- notify the app that initiated the payment (this is similar to how in-app payments used to work, code is re-usable)
Blocks: 794651
Assignee: nobody → kumar.mcmillan
blocking-basecamp: --- → +
Priority: -- → P1
Target Milestone: --- → 2012-10-04
I split out the notifications into bug 798059
Assignee: kumar.mcmillan → nobody
Target Milestone: 2012-10-04 → ---

Comment 2

6 years ago
Per initial comment, action on this bug requires details of the Bango token API. Requesting more info from Kumar, who presumably knows where to get the details from.

Given comment #1, I /think/ this bug can also be changed to "verify Bango payment request."
Flags: needinfo?(kumar.mcmillan)
Hi Gregory. The Relay API explains how to verify tokens http://bango.custhelp.com/app/answers/detail/a_id/1500/

This may not be the exact way to do it though. We are waiting on Bango for details; it looks like we will generate a different token with the Billing API then they will use that to verify that Mozilla initiated the relay.
Flags: needinfo?(kumar.mcmillan)
Whiteboard: [blocked on bango]
Assignee: nobody → kumar.mcmillan
(In reply to Kumar McMillan [:kumar] from comment #3)
> Hi Gregory. The Relay API explains how to verify tokens
> http://bango.custhelp.com/app/answers/detail/a_id/1500/

For more context, this is not the exact API we will use to do our relay. Bango has mentioned that we will have a way to generate a server side token to initiate our custom relay flow more securely. We still don't know which API we will use for generating that token though.
Not on-device - removing nom.
blocking-basecamp: + → ---
Keir says this is ready to go.

Sample GET redirect that we need to process on our server:
 
http://moz/pay/?success=true&ResponseCode=OK&ResponseMessage=Success&BangoUserId=XXXXX&MerchantTransactionId=MozExternalTransId&BangoTransactionId=0&TransactionMethods=GBR_VODAFONE,Vodafone,MPAY_VFUK,&BillingConfigurationId=1570&MozSignature=XXXXXX&P=test%3D1%26test%3D2

These are custom fields we can pass via the Billing Config api:

REQUEST_SIGNATURE
APP_LOGO_IMG_URL
REDIRECT_URL_ONSUCCESS
REDIRECT_URL_ONERROR
Target Milestone: --- → 2012-12-20
Target Milestone: 2012-12-20 → 2012-12-27
Target Milestone: 2012-12-27 → 2013-01-03
Whiteboard: [blocked on bango] → u=patron c=pmt p=3
Blocks: 825368
No longer blocks: 825368
Target Milestone: 2013-01-03 → 2013-01-10
webpay side landed: https://github.com/mozilla/webpay/commit/04551b2b4b1961d4129aba5854b89fabf9fc7220

This allows a secure app purchase and install!
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.