[Payum] Be2bill onsite implementation

[winzou]

Be2bill onsite form implementation

[winzou]

@makasim How do I get this $captureToken variable to put its hash in the session?

[makasim]

the only difference from other payments that you have to store token hash to session and configure return\cancel urls in the be2bill admin to redirect to http://your-domain-here.dev/payment/capture/session-token

[makasim]

it could be possible that httpRequest does not have a session. You have to check it and throw exception if session not set.

[makasim]

How do I get this $captureToken variable to put its hash in the session?

@winzou since you are dealing with SecuredCaptureRequest you can get the token from it:

<?php
$request->getToken()->getHash();

[makasim]

pay attention to payum bundle misses CaptureOnsiteAction service in 0.7.0 version. I've already added to 0.7-dev but not yet released.

[winzou]

Hey, thanks to your feedback I fix a bit the action.
But I'm facing a RequestNotSupportedException:

[1] Payum\Core\Exception\RequestNotSupportedException: Request SecuredCaptureRequest{model: ArrayObject} is not supported.
at n/a
    in C:\wamp\www\sylius\vendor\payum\payum\src\Payum\Core\Exception\RequestNotSupportedException.php line 16

at Payum\Core\Exception\RequestNotSupportedException::create(object(SecuredCaptureRequest))
    in C:\wamp\www\sylius\vendor\payum\payum\src\Payum\Core\Payment.php line 98

at Payum\Core\Payment->execute(object(SecuredCaptureRequest))
    in C:\wamp\www\sylius\src\Sylius\Bundle\PayumBundle\Payum\Action\ExecuteSameRequestWithPaymentDetailsAction.php line 39

at Sylius\Bundle\PayumBundle\Payum\Action\ExecuteSameRequestWithPaymentDetailsAction->execute(object(SecuredCaptureRequest))
    in C:\wamp\www\sylius\vendor\payum\payum\src\Payum\Core\Payment.php line 103

at Payum\Core\Payment->execute(object(SecuredCaptureRequest))
    in C:\wamp\www\sylius\src\Sylius\Bundle\PayumBundle\Payum\Be2bill\Action\CaptureOrderViaBe2billFormAction.php line 68

at Sylius\Bundle\PayumBundle\Payum\Be2bill\Action\CaptureOrderViaBe2billFormAction->execute(object(SecuredCaptureRequest))
    in C:\wamp\www\sylius\vendor\payum\payum\src\Payum\Core\Payment.php line 103

I don't really get all the logic of these actions, so I don't know where to investigate?

And what is the CaptureOnsiteAction service you're talking about?

[makasim]

@winzou try to update payum bundle to 0.7-dev versoin

[winzou]

@makasim It's working with payum/payum 0.7.*@dev and payum/payum-bundle 0.7.1.
So good to merge here as soon as you release 0.7.1 of payum/payum, let us know :)
Thanks!

[makasim]

in't this too late to set payum_token. I suppose payum->execute($request) at line 68 throws PostRedirectInteractiveRequest.

[makasim]

in general it looks really good, nice work @winzou!

[winzou]

@makasim Actually, you don't listen at be2bill notification, am I right?

You only use the return URL that the user will request just after its payment. I find it a bit dangerous, what if the user is badly redirected, or close its tab, or whatever? The payment is done on be2bill side, but we don't know on our side. I think we should rely on the notification URL that be2bill calls. Is it possible?

[makasim]

I think we should rely on the notification URL that be2bill calls. Is it possible?

sure it is possible, though it is harder then ipn for paypal. Because we cannot define a token per payment. Same problem was with return\canel url but it was solved by storing token to session. Here in the notifcation we can rely on ORDERID field. Fetch needed order by its value and update payment details and payment state.

[winzou]

@makasim so one solution is to build a controller in Payum\PayumBundle that takes the http request, reads the ORDERID and finds the matching token in the db, right? Then, how is the best way to send it back to the classic payum process?

[kayue]

@winzou I was discussing the same thing yesterday with @makasim in #725 :)

[winzou]

Ah right, I haven't realized. So if you need it too, we should do something generic.
Have you started to write something? Do you agree with the solution I've drafted in my previous comment?

[kayue]

I think @makasim's solution is to execute NotifyRequest after received a notification, and then we verify the HTTP request our own action instead.

https://github.com/Payum/PayumBundle/blob/master/Controller/NotifyController.php#L12-L19

[makasim]

so one solution is to build a controller in Payum\PayumBundle that takes the http request, reads the ORDERID and finds the matching token in the db, right? Then, how is the best way to send it back to the classic payum process?

payum bundle has to provide similar controller it already has but without token verification. the payment name can be taken from $request->get('payum_payment_name');

Later in the payum action we can find Order by its Id stored in ORDERID field. Having order and notification we can update payment details and dispatch state changed event if required.

[makasim]

@kayue exactly! The only problem here we have to pass paymentName. I suggest simply pass it as query parameter or as a route one.

[kayue]

@makasim Sounds good to me, thanks 👍

[makasim]

I start implementing unsafe notificatoins: Payum/PayumBundle#89.

[makasim]

just tested notifactions on sandbox, see on http://sandbox.payum.forma-dev.com/payment/notifications/list. The last unknown notification come from be2bill.

[makasim]

docblock?

[makasim]

could you add some specs?

[makasim]

PayumBundle 0.7.2 contains a notify action to catch unsafe notifications (one without token). This could be reused here to catch be2bill notifications. I tested it on sandbox, works quite well.

Pay attention that you still have to do some checks before you can trust the notifications data.

[winzou]

@makasim See my last commit. How do I transform the request to get it handled by the rest of the process? Which action is the next, CaptureOnsiteAction?

[winzou]

btw I need to return http code 200 for be2bill, so request has to be handled for our side (change payment status) + return http 200.

[makasim]

btw I need to return http code 200 for be2bill, so request has to be handled for our side (change payment status) + return http 200.

<?php

throw ResponseInteractiveRequest(new Response('', 200));

as the last line of notify action.

[makasim]

How do I transform the request to get it handled by the rest of the process? Which action is the next, CaptureOnsiteAction?

there is not standard logic to process notification, you have to put all it here:

• get payume status $this->payment->execute(new StatusRequest($order));
• dispatch event if state has been changed

[winzou]

@makasim how better is it now?

[makasim]

hm before getting status you have to update payment details, just merge notifaction with one payment details already have, and set it back to payment

[winzou]

@makasim cannot update Payum with Composer:

Problem 1
  - Installation request for payum/payum-bundle ~0.7.2 -> satisfiable by payum/payum-bundle[0.7.2].
  - payum/payum-bundle 0.7.2 requires payum/core 0.8.*@dev -> no matching package found.

I don't think this 0.8.*@dev is good on the requirements for payum-bundle.

[makasim]

@winzou my bad, 0.7.3 should be fine.

[winzou]

All green and tested with a be2bill account! Good for review and merge @makasim @pjedrzejewski

[pjedrzejewski]

👍 Welcome to the pre-alpha where we forget such things. :D

[winzou]

Let's say it was a feature: free orders for everyone at anytime with no minimum spent 👯

[makasim]

wut? I completely out of the context

[pjedrzejewski]

When I wrote this payment processor, I forgot to set the correct amount on the payment.

[pjedrzejewski]

Looks good to me! The notify action (except the API part) looks like could be abstracted / made more generic in future. Anyway, that's something we do later with next gateway.

👍 from me, I'll give final word on this to @makasim.

[pjedrzejewski]

Thanks guys! 👍