1 # -*- coding: utf-8 -*-
4 import simplejson as json
12 from openerp import http, SUPERUSER_ID
13 from openerp.http import request
15 _logger = logging.getLogger(__name__)
18 class PaypalController(http.Controller):
19 _notify_url = '/payment/paypal/ipn/'
20 _return_url = '/payment/paypal/dpn/'
21 _cancel_url = '/payment/paypal/cancel/'
23 def _get_return_url(self, **post):
24 """ Extract the return URL from the data coming from paypal. """
25 return_url = post.pop('return_url', '')
27 custom = json.loads(post.pop('custom', False) or '{}')
28 return_url = custom.get('return_url', '/')
31 def paypal_validate_data(self, **post):
32 """ Paypal IPN: three steps validation to ensure data correctness
34 - step 1: return an empty HTTP 200 response -> will be done at the end
36 - step 2: POST the complete, unaltered message back to Paypal (preceded
37 by cmd=_notify-validate), with same encoding
38 - step 3: paypal send either VERIFIED or INVALID (single word)
40 Once data is validated, process it. """
42 new_post = dict(post, cmd='_notify-validate')
43 cr, uid, context = request.cr, request.uid, request.context
44 reference = post.get('item_number')
47 tx_ids = request.registry['payment.transaction'].search(cr, uid, [('reference', '=', reference)], context=context)
49 tx = request.registry['payment.transaction'].browse(cr, uid, tx_ids[0], context=context)
50 paypal_urls = request.registry['payment.acquirer']._get_paypal_urls(cr, uid, tx and tx.acquirer_id and tx.acquirer_id.env or 'prod', context=context)
51 validate_url = paypal_urls['paypal_form_url']
52 urequest = urllib2.Request(validate_url, werkzeug.url_encode(new_post))
53 uopen = urllib2.urlopen(urequest)
55 if resp == 'VERIFIED':
56 _logger.info('Paypal: validated data')
57 res = request.registry['payment.transaction'].form_feedback(cr, SUPERUSER_ID, post, 'paypal', context=context)
58 elif resp == 'INVALID':
59 _logger.warning('Paypal: answered INVALID on data verification')
61 _logger.warning('Paypal: unrecognized paypal answer, received %s instead of VERIFIED or INVALID' % resp.text)
64 @http.route('/payment/paypal/ipn/', type='http', auth='none', methods=['POST'])
65 def paypal_ipn(self, **post):
67 _logger.info('Beginning Paypal IPN form_feedback with post data %s', pprint.pformat(post)) # debug
68 self.paypal_validate_data(**post)
71 @http.route('/payment/paypal/dpn', type='http', auth="none", methods=['POST'])
72 def paypal_dpn(self, **post):
74 _logger.info('Beginning Paypal DPN form_feedback with post data %s', pprint.pformat(post)) # debug
75 return_url = self._get_return_url(**post)
76 self.paypal_validate_data(**post)
77 return werkzeug.utils.redirect(return_url)
79 @http.route('/payment/paypal/cancel', type='http', auth="none")
80 def paypal_cancel(self, **post):
81 """ When the user cancels its Paypal payment: GET on this route """
82 cr, uid, context = request.cr, SUPERUSER_ID, request.context
83 _logger.info('Beginning Paypal cancel with post data %s', pprint.pformat(post)) # debug
84 return_url = self._get_return_url(**post)
85 return werkzeug.utils.redirect(return_url)