public IActionResult SetCookie(string data) { string decodedData; try { decodedData = DirectPaymentsHelper.DecodePaymentRequest(data); } catch { return(this.BadRequest()); } // set payment data cookie this.Response.Cookies.Append(PaymentDataCookie, decodedData, new CookieOptions { SameSite = SameSiteMode.Lax, HttpOnly = true, IsEssential = true, MaxAge = TimeSpan.FromMinutes(CookieValidityInMinutes) }); return(this.RedirectToAction("Process")); }
public async Task <IActionResult> Pay(string id) { try { var order = await this.ordersService.GetByIdAsync(id); if (order == null || order.UserName != this.User.Identity.Name || order.PaymentStatus != PaymentStatus.Pending) { return(this.RedirectToAction("My", "Orders")); } var paymentInfo = new { Amount = order.ProductPrice, Description = order.ProductName, this.destinationBankAccountConfiguration.DestinationBankName, this.destinationBankAccountConfiguration.DestinationBankCountry, this.destinationBankAccountConfiguration.DestinationBankSwiftCode, this.destinationBankAccountConfiguration.DestinationBankAccountUniqueId, this.destinationBankAccountConfiguration.RecipientName, // ! PaymentInfo can also contain custom properties // ! that will be returned on payment completion // ! OrderId is a custom property and is not required OrderId = order.Id }; // generate the returnUrl where the payment result will be received var returnUrl = this.directPaymentsConfiguration.SiteUrl + ReturnPath; // generate signed payment request var paymentRequest = DirectPaymentsHelper.GeneratePaymentRequest( paymentInfo, this.directPaymentsConfiguration.SiteKey, returnUrl); // redirect the user to the CentralApi for payment processing var paymentPostRedirectModel = new PaymentPostRedirectModel { Url = this.directPaymentsConfiguration.CentralApiPaymentUrl, PaymentDataFormKey = PaymentDataFormKey, PaymentData = paymentRequest }; return(this.View("PaymentPostRedirect", paymentPostRedirectModel)); } catch { return(this.RedirectToAction("My", "Orders")); } }
public async Task <IActionResult> ReceiveConfirmation(string data) { if (data == null) { return(this.BadRequest()); } dynamic paymentInfo = DirectPaymentsHelper.ProcessPaymentResult( data, this.directPaymentsConfiguration.SiteKey, this.directPaymentsConfiguration.CentralApiPublicKey); if (paymentInfo == null) { // if the returned PaymentInfo is null, it has not been parsed or verified successfully return(this.BadRequest()); } // extract the orderId from the PaymentInfo string orderId; try { orderId = paymentInfo.OrderId; } catch { return(this.BadRequest()); } if (orderId == null) { return(this.BadRequest()); } // find the order in the database var order = await this.ordersService.GetByIdAsync(orderId); // check if the order does not exist or the payment has already been completed if (order == null || order.PaymentStatus != PaymentStatus.Pending) { return(this.RedirectToAction("My", "Orders")); } // mark the payment as completed await this.ordersService.SetPaymentStatus(orderId, PaymentStatus.Completed); return(this.RedirectToAction("My", "Orders")); }
public async Task <IActionResult> Continue([FromForm] string bankId) { bool cookieExists = this.Request.Cookies.TryGetValue(PaymentDataCookie, out string data); if (!cookieExists) { return(this.BadRequest()); } try { var request = DirectPaymentsHelper.ParsePaymentRequest(data); if (request == null) { return(this.BadRequest()); } var bank = await this.bankService.GetBankByIdAsync <BankPaymentServiceModel>(bankId); if (bank?.PaymentUrl == null) { return(this.BadRequest()); } // generate PaymentProof containing the bank's public key // and merchant's original PaymentInfo signature string proofRequest = DirectPaymentsHelper.GeneratePaymentRequestWithProof(request, bank.ApiKey, this.configuration.Key); // redirect the user to their bank for payment completion var paymentPostRedirectModel = new PaymentPostRedirectModel { Url = bank.PaymentUrl, PaymentDataFormKey = PaymentDataFormKey, PaymentData = proofRequest }; return(this.View("PaymentPostRedirect", paymentPostRedirectModel)); } catch { return(this.BadRequest()); } }
public async Task <IActionResult> Process() { bool cookieExists = this.Request.Cookies.TryGetValue(PaymentDataCookie, out var data); if (!cookieExists) { return(this.RedirectToHome()); } try { dynamic paymentRequest = DirectPaymentsHelper.ParsePaymentRequest(data, this.bankConfiguration.CentralApiPublicKey); if (paymentRequest == null) { return(this.BadRequest()); } dynamic paymentInfo = DirectPaymentsHelper.GetPaymentInfo(paymentRequest); var userId = await this.userService.GetUserIdByUsernameAsync(this.User.Identity.Name); var model = new PaymentConfirmBindingModel { Amount = paymentInfo.Amount, Description = paymentInfo.Description, DestinationBankName = paymentInfo.DestinationBankName, DestinationBankCountry = paymentInfo.DestinationBankCountry, DestinationBankAccountUniqueId = paymentInfo.DestinationBankAccountUniqueId, RecipientName = paymentInfo.RecipientName, OwnAccounts = await this.GetAllAccountsAsync(userId), DataHash = DirectPaymentsHelper.Sha256Hash(data) }; return(this.View(model)); } catch { return(this.BadRequest()); } }
public async Task <IActionResult> Process() { bool cookieExists = this.Request.Cookies.TryGetValue(PaymentDataCookie, out string data); if (!cookieExists) { return(this.BadRequest()); } try { var request = DirectPaymentsHelper.ParsePaymentRequest(data); if (request == null) { return(this.BadRequest()); } var paymentInfo = DirectPaymentsHelper.GetPaymentInfo(request); var banks = (await this.bankService.GetAllBanksSupportingPaymentsAsync <BankListingServiceModel>()) .Select(Mapper.Map <BankListingViewModel>) .ToArray(); var viewModel = new PaymentSelectBankViewModel { Amount = paymentInfo.Amount, Description = paymentInfo.Description, Banks = banks }; return(this.View(viewModel)); } catch { return(this.BadRequest()); } }
public async Task <IActionResult> PayAsync(PaymentConfirmBindingModel model) { bool cookieExists = this.Request.Cookies.TryGetValue(PaymentDataCookie, out var data); if (!this.ModelState.IsValid || !cookieExists || model.DataHash != DirectPaymentsHelper.Sha256Hash(data)) { return(this.PaymentFailed(NotificationMessages.PaymentStateInvalid)); } var account = await this.bankAccountService.GetByIdAsync <BankAccountDetailsServiceModel>(model.AccountId); if (account == null || account.UserUserName != this.User.Identity.Name) { return(this.Forbid()); } try { // read and validate payment data dynamic paymentRequest = DirectPaymentsHelper.ParsePaymentRequest(data, this.bankConfiguration.CentralApiPublicKey); if (paymentRequest == null) { return(this.PaymentFailed(NotificationMessages.PaymentStateInvalid)); } dynamic paymentInfo = DirectPaymentsHelper.GetPaymentInfo(paymentRequest); string returnUrl = paymentRequest.ReturnUrl; // transfer money to destination account var serviceModel = new GlobalTransferDto { Amount = paymentInfo.Amount, Description = paymentInfo.Description, DestinationBankName = paymentInfo.DestinationBankName, DestinationBankCountry = paymentInfo.DestinationBankCountry, DestinationBankSwiftCode = paymentInfo.DestinationBankSwiftCode, DestinationBankAccountUniqueId = paymentInfo.DestinationBankAccountUniqueId, RecipientName = paymentInfo.RecipientName, SourceAccountId = model.AccountId }; var result = await this.globalTransferHelper.TransferMoneyAsync(serviceModel); if (result != GlobalTransferResult.Succeeded) { return(this.PaymentFailed(result == GlobalTransferResult.InsufficientFunds ? NotificationMessages.InsufficientFunds : NotificationMessages.TryAgainLaterError)); } // delete cookie to prevent accidental duplicate payments this.Response.Cookies.Delete(PaymentDataCookie); // return signed success response var response = DirectPaymentsHelper.GenerateSuccessResponse(paymentRequest, this.bankConfiguration.Key); return(this.Ok(new { success = true, returnUrl = HttpUtility.HtmlEncode(returnUrl), data = response })); } catch { return(this.PaymentFailed(NotificationMessages.PaymentStateInvalid)); } }