275 lines
9.7 KiB
C#
275 lines
9.7 KiB
C#
// Copyright (c) 2012, Outercurve Foundation.
|
|
// All rights reserved.
|
|
//
|
|
// Redistribution and use in source and binary forms, with or without modification,
|
|
// are permitted provided that the following conditions are met:
|
|
//
|
|
// - Redistributions of source code must retain the above copyright notice, this
|
|
// list of conditions and the following disclaimer.
|
|
//
|
|
// - Redistributions in binary form must reproduce the above copyright notice,
|
|
// this list of conditions and the following disclaimer in the documentation
|
|
// and/or other materials provided with the distribution.
|
|
//
|
|
// - Neither the name of the Outercurve Foundation nor the names of its
|
|
// contributors may be used to endorse or promote products derived from this
|
|
// software without specific prior written permission.
|
|
//
|
|
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
|
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
|
|
// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
|
// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
using System;
|
|
using System.Web;
|
|
using System.Xml;
|
|
using System.Xml.Serialization;
|
|
using System.Net;
|
|
using System.IO;
|
|
using System.Collections.Specialized;
|
|
using System.Collections.Generic;
|
|
using System.Text;
|
|
using System.Security.Cryptography;
|
|
|
|
namespace WebsitePanel.Ecommerce.EnterpriseServer
|
|
{
|
|
/// <summary>
|
|
/// Payment provider for the PayPal Gateway
|
|
/// </summary>
|
|
public class PayPalStandardProvider : SystemPluginBase, IInteractivePaymentGatewayProvider
|
|
{
|
|
public const string DEMO_SERVICE_URL = "https://www.sandbox.paypal.com/cgi-bin/webscr";
|
|
public const string LIVE_SERVICE_URL = "https://www.paypal.com/cgi-bin/webscr";
|
|
|
|
public const string BUSINESS_NOT_MATCH_MSG = "Business account doesn't match";
|
|
public const string INVALID_RESPONSE_MSG = "Response is reported as either invalid or corrupted";
|
|
public const string PAYMENT_REJECTED_MSG = "Payment has been rejected by payment gateway";
|
|
public const string IPN_PROCESSOR_ENDPOINT = "Services/PayPalIPN.ashx";
|
|
|
|
public const string CART_COMMAND = "_cart";
|
|
public const string ErrorPrefix = "PayPalStandard.";
|
|
|
|
/// <summary>
|
|
/// Gets whether plug-in running in live mode
|
|
/// </summary>
|
|
public bool LiveMode
|
|
{
|
|
get
|
|
{
|
|
return Convert.ToBoolean(PluginSettings[PayPalStdSettings.LIVE_MODE]);
|
|
}
|
|
}
|
|
/// <summary>
|
|
/// Gets service business account
|
|
/// </summary>
|
|
public string Business
|
|
{
|
|
get { return PluginSettings[PayPalStdSettings.BUSINESS]; }
|
|
}
|
|
/// <summary>
|
|
/// Gets service return url
|
|
/// </summary>
|
|
public string ReturnUrl
|
|
{
|
|
get { return PluginSettings[PayPalStdSettings.RETURN_URL]; }
|
|
}
|
|
/// <summary>
|
|
/// Gets service cancel return url
|
|
/// </summary>
|
|
public string CancelReturnUrl
|
|
{
|
|
get { return PluginSettings[PayPalStdSettings.CANCEL_RETURN_URL]; }
|
|
}
|
|
/// <summary>
|
|
/// Gets service url
|
|
/// </summary>
|
|
public string ServiceUrl
|
|
{
|
|
get
|
|
{
|
|
if (LiveMode)
|
|
return LIVE_SERVICE_URL;
|
|
|
|
return DEMO_SERVICE_URL;
|
|
}
|
|
}
|
|
|
|
public PayPalStandardProvider()
|
|
{
|
|
}
|
|
|
|
#region IInteractivePaymentGatewayProvider Members
|
|
|
|
public CheckoutFormParams GetCheckoutFormParams(FormParameters formParams, InvoiceItem[] invoiceLines)
|
|
{
|
|
// normalize target site variable
|
|
string targetSite = formParams["target_site"].EndsWith("/") ? formParams["target_site"]
|
|
: formParams["target_site"] + "/";
|
|
|
|
CheckoutFormParams outputParams = new CheckoutFormParams();
|
|
// setup service url
|
|
outputParams.Action = ServiceUrl;
|
|
outputParams.Method = CheckoutFormParams.POST_METHOD;
|
|
// copy command
|
|
outputParams["cmd"] = CART_COMMAND;
|
|
// workaround to make IPN callbacks work
|
|
outputParams["rm"] = "2";
|
|
// set upload value to indicate a third-party shopping cart
|
|
outputParams["upload"] = "1";
|
|
// set business
|
|
outputParams["business"] = Business;
|
|
// set cancel return url
|
|
outputParams["cancel_return"] = String.Concat(targetSite, "?pid=ecOnlineStore&ContractId=", formParams[FormParameters.CONTRACT]);
|
|
// set return url
|
|
outputParams["return"] = targetSite;
|
|
// set IPN-Endpoint url
|
|
outputParams["notify_url"] = String.Concat(targetSite, IPN_PROCESSOR_ENDPOINT);
|
|
// set invoice number
|
|
outputParams["invoice"] = formParams[FormParameters.INVOICE];
|
|
// set contract number
|
|
outputParams["custom"] = formParams[FormParameters.CONTRACT];
|
|
// set invoice currency
|
|
outputParams["currency_code"] = formParams[FormParameters.CURRENCY];
|
|
// set formatted invoice number
|
|
outputParams["item_name_1"] = String.Format("{0} #{1}", FormParameters.INVOICE, formParams[FormParameters.INVOICE]);
|
|
// set invoice amount
|
|
outputParams["amount_1"] = formParams[FormParameters.AMOUNT];
|
|
// copy first name
|
|
AddParameter(formParams, outputParams, FormParameters.FIRST_NAME, "first_name");
|
|
// copy last name
|
|
AddParameter(formParams, outputParams, FormParameters.LAST_NAME, "last_name");
|
|
// copy address
|
|
AddParameter(formParams, outputParams, FormParameters.ADDRESS, "address1");
|
|
// copy city
|
|
AddParameter(formParams, outputParams, FormParameters.CITY, "city");
|
|
// copy state
|
|
AddParameter(formParams, outputParams, FormParameters.STATE, "state");
|
|
// copy country
|
|
AddParameter(formParams, outputParams, FormParameters.COUNTRY, "country");
|
|
// copy zip
|
|
AddParameter(formParams, outputParams, FormParameters.ZIP, "zip");
|
|
// copty email
|
|
AddParameter(formParams, outputParams, FormParameters.EMAIL, "email");
|
|
// copy phone number
|
|
if (formParams[FormParameters.COUNTRY] != "US" && formParams[FormParameters.COUNTRY] != "CA")
|
|
{
|
|
// phone numbers outside U.S copy as is
|
|
outputParams["night_phone_b"] = formParams[FormParameters.PHONE];
|
|
}
|
|
// return whole set of params
|
|
return outputParams;
|
|
}
|
|
#endregion
|
|
|
|
#region IPaymentGatewayProvider Members
|
|
|
|
public TransactionResult SubmitPaymentTransaction(CheckoutDetails details)
|
|
{
|
|
//init result structure
|
|
TransactionResult result = new TransactionResult();
|
|
// check is request genuine depending on the provider mode
|
|
Process_IPN_Request(result, details);
|
|
//
|
|
return result;
|
|
}
|
|
|
|
private void Process_PDT_Request(TransactionResult result, CheckoutDetails details)
|
|
{
|
|
|
|
}
|
|
|
|
private void Process_IPN_Request(TransactionResult result, CheckoutDetails details)
|
|
{
|
|
result.RawResponse = "";
|
|
|
|
// build raw response
|
|
foreach (string keyName in details.GetAllKeys())
|
|
{
|
|
if (String.IsNullOrEmpty(keyName))
|
|
continue;
|
|
|
|
// check for separator
|
|
if (!String.IsNullOrEmpty(result.RawResponse) &&
|
|
!result.RawResponse.EndsWith("&"))
|
|
result.RawResponse += "&";
|
|
|
|
result.RawResponse += keyName + "=" + details[keyName];
|
|
}
|
|
// compare business account against email addres in response
|
|
if (!String.Equals(details["receiver_email"], Business, StringComparison.InvariantCultureIgnoreCase))
|
|
throw new Exception(BUSINESS_NOT_MATCH_MSG);
|
|
|
|
// validate whether response still genuine
|
|
if(!IsResponseGenuine(result.RawResponse))
|
|
throw new Exception(INVALID_RESPONSE_MSG);
|
|
// build tran id
|
|
string transactionId = details["txn_id"];
|
|
// check payment status
|
|
switch(details["payment_status"])
|
|
{
|
|
case "Completed":
|
|
case "Processed":
|
|
result.Succeed = true;
|
|
// store order details
|
|
result.TransactionId = transactionId;
|
|
result.TransactionStatus = TransactionStatus.Approved;
|
|
break;
|
|
case "Pending":
|
|
result.Succeed = true;
|
|
// store order details
|
|
result.TransactionId = transactionId;
|
|
result.TransactionStatus = TransactionStatus.Pending;
|
|
break;
|
|
default:
|
|
result.Succeed = false;
|
|
result.TransactionStatus = TransactionStatus.Declined;
|
|
break;
|
|
}
|
|
}
|
|
#endregion
|
|
|
|
private void AddParameter(FormParameters inputParams, CheckoutFormParams outputParams, string inputKey, string outputKey)
|
|
{
|
|
string formParameter = inputParams[inputKey];
|
|
if (formParameter != null)
|
|
{
|
|
outputParams[outputKey] = formParameter;
|
|
}
|
|
}
|
|
|
|
private bool IsResponseGenuine(string strFormValues)
|
|
{
|
|
// Create the request back
|
|
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(ServiceUrl);
|
|
|
|
// Set values for the request back
|
|
request.Method = "POST";
|
|
request.ContentType = "application/x-www-form-urlencoded";
|
|
string strNewValue = strFormValues + "&cmd=_notify-validate";
|
|
request.ContentLength = strNewValue.Length;
|
|
// Write the request back IPN strings
|
|
StreamWriter writer = new StreamWriter(request.GetRequestStream(), System.Text.Encoding.ASCII);
|
|
writer.Write(strNewValue);
|
|
writer.Close();
|
|
|
|
// Do the request to PayPal and get the response
|
|
StreamReader reader = new StreamReader(request.GetResponse().GetResponseStream());
|
|
string strResponse = reader.ReadToEnd().Trim().ToUpper();
|
|
reader.Close();
|
|
|
|
return String.Equals(strResponse, "VERIFIED", StringComparison.InvariantCultureIgnoreCase);
|
|
}
|
|
|
|
private string HtmlEncode(string s)
|
|
{
|
|
return HttpContext.Current.Server.UrlEncode(s);
|
|
}
|
|
}
|
|
}
|
|
|