post-process Bango payment

RESOLVED FIXED in 2013-01-10

Status

P1
normal
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: kumar, Assigned: kumar)

Tracking

2013-01-10
x86
Mac OS X
Points:
---

Details

(Whiteboard: u=patron c=pmt p=3)

after receiving a successful Bango payment via URL redirect, do the following
- verify the Bango request (using their token API, details TBD)
- notify the app that initiated the payment (this is similar to how in-app payments used to work, code is re-usable)
Blocks: 794651
Assignee: nobody → kumar.mcmillan
blocking-basecamp: --- → +
Priority: -- → P1
Target Milestone: --- → 2012-10-04
I split out the notifications into bug 798059
Assignee: kumar.mcmillan → nobody
Target Milestone: 2012-10-04 → ---
Per initial comment, action on this bug requires details of the Bango token API. Requesting more info from Kumar, who presumably knows where to get the details from.

Given comment #1, I /think/ this bug can also be changed to "verify Bango payment request."
Flags: needinfo?(kumar.mcmillan)
Hi Gregory. The Relay API explains how to verify tokens http://bango.custhelp.com/app/answers/detail/a_id/1500/

This may not be the exact way to do it though. We are waiting on Bango for details; it looks like we will generate a different token with the Billing API then they will use that to verify that Mozilla initiated the relay.
Flags: needinfo?(kumar.mcmillan)
Whiteboard: [blocked on bango]
Assignee: nobody → kumar.mcmillan
(In reply to Kumar McMillan [:kumar] from comment #3)
> Hi Gregory. The Relay API explains how to verify tokens
> http://bango.custhelp.com/app/answers/detail/a_id/1500/

For more context, this is not the exact API we will use to do our relay. Bango has mentioned that we will have a way to generate a server side token to initiate our custom relay flow more securely. We still don't know which API we will use for generating that token though.
Not on-device - removing nom.
blocking-basecamp: + → ---
Keir says this is ready to go.

Sample GET redirect that we need to process on our server:
 
http://moz/pay/?success=true&ResponseCode=OK&ResponseMessage=Success&BangoUserId=XXXXX&MerchantTransactionId=MozExternalTransId&BangoTransactionId=0&TransactionMethods=GBR_VODAFONE,Vodafone,MPAY_VFUK,&BillingConfigurationId=1570&MozSignature=XXXXXX&P=test%3D1%26test%3D2

These are custom fields we can pass via the Billing Config api:

REQUEST_SIGNATURE
APP_LOGO_IMG_URL
REDIRECT_URL_ONSUCCESS
REDIRECT_URL_ONERROR
Target Milestone: --- → 2012-12-20
Target Milestone: 2012-12-20 → 2012-12-27
Target Milestone: 2012-12-27 → 2013-01-03
Whiteboard: [blocked on bango] → u=patron c=pmt p=3
Blocks: 825368
No longer blocks: 825368
Target Milestone: 2013-01-03 → 2013-01-10
webpay side landed: https://github.com/mozilla/webpay/commit/04551b2b4b1961d4129aba5854b89fabf9fc7220

This allows a secure app purchase and install!
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.