[HttpGet] //Maybe move to the Payment controller... public async Task <IActionResult> ConfirmPayment(Guid id) { var order = await _context.Orders.SingleOrDefaultAsync(o => o.ShareIdentifier == id); if (order == null) { return(NotFound()); } if (order.Paid) { ErrorMessage = "Payment has already been confirmed."; return(RedirectToAction("Link", new { id })); } if (order.PaymentType == PaymentTypeCodes.CreditCard) { ErrorMessage = "Order requires Other Payment type or UC Account, not a Credit Card Payment type."; return(RedirectToAction("Link", new { id })); } var model = new PaymentConfirmationModel { Order = order, OtherPaymentInfo = order.GetOrderDetails().OtherPaymentInfo }; return(View(model)); }
public async Task <IActionResult> ConfirmPayment(Guid id, OtherPaymentInfo otherPaymentInfo) //Put in model { var order = await _context.Orders.Include(i => i.Creator).SingleOrDefaultAsync(o => o.ShareIdentifier == id); if (order == null) { return(NotFound()); } if (order.Paid) { ErrorMessage = "Payment has already been confirmed."; return(RedirectToAction("Link", new { id = id })); } if (order.PaymentType == PaymentTypeCodes.CreditCard) { ErrorMessage = "Order requires Other Payment type or UC Account, not a Credit Card Payment type."; return(RedirectToAction("Link", new { id = id })); } if (order.PaymentType == PaymentTypeCodes.Other && string.IsNullOrWhiteSpace(otherPaymentInfo.PoNum)) { ModelState.AddModelError("OtherPaymentInfo.PoNum", "PO # is required"); } otherPaymentInfo.PaymentType = order.GetOrderDetails().OtherPaymentInfo.PaymentType; if (!ModelState.IsValid) { ErrorMessage = "There were errors trying to save that."; var model = new PaymentConfirmationModel { Order = order, OtherPaymentInfo = otherPaymentInfo }; return(View(model)); } var orderDetails = order.GetOrderDetails(); orderDetails.OtherPaymentInfo = otherPaymentInfo; order.SaveDetails(orderDetails); order.Paid = true; order.Status = OrderStatusCodes.Complete; //mark as paid and completed (yeah, completed) await _orderMessageService.EnqueueBillingMessage(order); //Send email to accountants await _context.SaveChangesAsync(); return(RedirectToAction("Link", new { id = id })); }
public IActionResult Confirm([FromForm] PaymentConfirmationModel paymentConfirmation) { if (!IsSecretHashValid(paymentConfirmation)) { return(StatusCode(StatusCodes.Status403Forbidden)); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } return(Ok()); }
private bool IsSecretHashValid(PaymentConfirmationModel paymentConfirmation) { string[] parameters = { paymentConfirmation.NotificationType, paymentConfirmation.OperationId, paymentConfirmation.AmountString, paymentConfirmation.Currency, paymentConfirmation.DateTimeString, paymentConfirmation.Sender, paymentConfirmation.ProtectionCodeSetString, _yandexConfiguration.PaymentConfirmationSecret, paymentConfirmation.Label }; const char separator = '&'; var hashString = string.Join(separator, parameters); byte[] stringBytesBuffer = Encoding.ASCII.GetBytes(hashString); byte[] hashBytes = SHA1.Create().ComputeHash(stringBytesBuffer); var hashHexString = hashBytes.ToHexString(); return(string.Equals(paymentConfirmation.Hash, hashHexString, StringComparison.OrdinalIgnoreCase)); }
public ActionResult Callback( bool valid, string trans_id, string code, string auth_code, decimal?amount, string ip, string test_status, string hash, string message, string type, int loanId, string card_no, string customer, string expiry ) { if (test_status == "true") { // Use last 4 random digits as card number (to enable useful tests) string random4Digits = string.Format("{0}{1}", DateTime.UtcNow.Second, DateTime.UtcNow.Millisecond); if (random4Digits.Length > 4) { random4Digits = random4Digits.Substring(random4Digits.Length - 4); } card_no = random4Digits; expiry = string.Format( "{0}{1}", "01", DateTime.UtcNow.AddYears(2).Year.ToString().Substring(2, 2) ); } // if var customerContext = this.context.Customer; PayPointFacade payPointFacade = new PayPointFacade( customerContext.MinOpenLoanDate(), customerContext.CustomerOrigin.Name ); if (!payPointFacade.CheckHash(hash, Request.Url)) { log.Alert("Paypoint callback is not authenticated for user {0}", customerContext.Id); this.logRepository.Log( this.context.UserId, DateTime.UtcNow, "Paypoint Pay Redirect to ", "Failed", String.Format("Paypoint callback is not authenticated for user {0}", customerContext.Id) ); return(View("Error")); } // if var statusDescription = PayPointStatusTranslator.TranslateStatusCode(code); if (!valid || code != "A") { if (code == "N") { log.Warn( "Paypoint result code is : {0} ({1}). Message: {2}", code, string.Join(", ", statusDescription.ToArray()), message ); } else { log.Alert( "Paypoint result code is : {0} ({1}). Message: {2}", code, string.Join(", ", statusDescription.ToArray()), message ); } // if this.logRepository.Log( this.context.UserId, DateTime.UtcNow, "Paypoint Pay Redirect to ", "Failed", string.Format( "Paypoint result code is : {0} ({1}). Message: {2}", code, string.Join(", ", statusDescription.ToArray()), message ) ); return(View("Error")); } // if if (!amount.HasValue) { log.Alert("Paypoint amount is null. Message: {0}", message); this.logRepository.Log( this.context.UserId, DateTime.UtcNow, "Paypoint Pay Redirect to ", "Failed", String.Format("Paypoint amount is null. Message: {0}", message) ); return(View("Error")); } // if // If there is transaction with such id in database, // it means that customer refreshes page // show in this case cashed result if (this.paypointTransactionRepository.ByGuid(trans_id).Any()) { var data = TempData.Get <PaymentConfirmationModel>(); if (data == null) { return(RedirectToAction("Index", "Profile", new { Area = "Customer" })); } return(View(TempData.Get <PaymentConfirmationModel>())); } // if NL_Payments nlPayment = new NL_Payments() { CreatedByUserID = this.context.UserId, Amount = amount.Value, PaymentMethodID = (int)NLLoanTransactionMethods.CustomerAuto, PaymentSystemType = NLPaymentSystemTypes.Paypoint }; log.Debug("Callback: Sending nlPayment: {0} for customer {1}, oldloanId {2}", nlPayment, this.context.UserId, loanId); LoanPaymentFacade loanRepaymentFacade = new LoanPaymentFacade(); PaymentResult res = loanRepaymentFacade.MakePayment(trans_id, amount.Value, ip, type, loanId, customerContext, null, "payment from customer", null, null, nlPayment); SendEmails(loanId, amount.Value, customerContext); this.logRepository.Log(this.context.UserId, DateTime.UtcNow, "Paypoint Pay Callback", "Successful", ""); var refNumber = ""; bool isEarly = false; if (loanId > 0) { var loan = customerContext.GetLoan(loanId); if (loan != null) { refNumber = loan.RefNumber; if (loan.Schedule != null) { List <LoanScheduleItem> scheduledPayments = loan.Schedule .Where( x => x.Status == LoanScheduleStatus.StillToPay || x.Status == LoanScheduleStatus.Late || x.Status == LoanScheduleStatus.AlmostPaid ).ToList(); if (scheduledPayments.Any()) { DateTime earliestSchedule = scheduledPayments.Min(x => x.Date); bool scheduleIsEarly = earliestSchedule.Date >= DateTime.UtcNow && ( earliestSchedule.Date.Year != DateTime.UtcNow.Year || earliestSchedule.Date.Month != DateTime.UtcNow.Month || earliestSchedule.Date.Day != DateTime.UtcNow.Day ); if (scheduleIsEarly) { isEarly = true; } } // if } // if has schedule } // if loan } // if loan id if (string.IsNullOrEmpty(customer)) { customer = customerContext.PersonalInfo.Fullname; } customerContext.TryAddPayPointCard(trans_id, card_no, expiry, customer, payPointFacade.PayPointAccount); var confirmation = new PaymentConfirmationModel { amount = amount.Value.ToString(CultureInfo.InvariantCulture), saved = res.Saved, savedPounds = res.SavedPounds, card_no = card_no, email = customerContext.Name, surname = customerContext.PersonalInfo.Surname, name = customerContext.PersonalInfo.FirstName, refnum = refNumber, transRefnums = res.TransactionRefNumbersFormatted, hasLateLoans = customerContext.HasLateLoans, isRolloverPaid = res.RolloverWasPaid, IsEarly = isEarly }; TempData.Put(confirmation); return(View(confirmation)); } // Callback