コード例 #1
0
        /// <summary>
        /// handles the server-to-server transaction happening when cartasì wants to report the end of a transaction
        /// </summary>
        /// <param name="qs"></param>
        /// <returns></returns>
        public string HandleS2STransaction(NameValueCollection qs)
        {
            var settings = _orchardServices.WorkContext.CurrentSite.As <PaymentCartaSiSettingsPart>();
            //this is the method where the transaction information is trustworthy
            StringBuilder sr           = new StringBuilder();
            int           paymentId    = 0;                                                                                                              //assign here because compiler does not understand that we won't use this without assigning it first
            bool          validMessage = !string.IsNullOrWhiteSpace(qs["codTrans"]) && int.TryParse(qs["codTrans"].Replace("LASER", ""), out paymentId); //has an id

            validMessage = validMessage && !string.IsNullOrWhiteSpace(qs["esito"]);                                                                      //has a result
            validMessage = validMessage && !string.IsNullOrWhiteSpace(qs["alias"]) && qs["alias"] == settings.CartaSiShopAlias;                          //has right shop alias
            //Logger.Error("HandleS2STransaction: " + paymentId.ToString());
            if (validMessage)
            {
                PaymentOutcomeMessage pom = new PaymentOutcomeMessage(qs);
                pom.secret = settings.CartaSiSecretKey;
                //sr.Clear();
                sr.AppendLine("HandleS2STransaction: MESSAGE VALID");
                sr.AppendLine(pom.ToString());
                //Logger.Error(sr.ToString());
                try {
                    Validator.ValidateObject(pom, new ValidationContext(pom), true);
                } catch (Exception ex) {
                    //Logger.Error(ex.Message);
                    //throw ex;
                    LocalizedString error = T(@"Transaction information not valid for transaction {0}: {1}", paymentId.ToString(), ex.Message);
                    //Log the error
                    sr.AppendLine(string.Format("ERROR: {0}", error.Text));
                    //Logger.Error(error.Text);
                    //throw new Exception(error.Text);
                    //We do not update the PaymentRecord here, because we have been unable to verify the hash that we received
                }
                //Logger.Error("HandleS2STransaction: VALIDATION PASSED");
                //verify the hash
                if (pom.PaymentOutcomeMAC == qs["mac"])
                {
                    //transaction valid
                    //update the PaymentRecord for this transaction
                    //TODO: add to info the decoding of the pom.codiceEsito based off the codetables
                    string info = CodeTables.ErrorCodes[int.Parse(pom.codiceEsito)];
                    EndPayment(paymentId, pom.esito == "OK", pom.codiceEsito, pom.messaggio + (string.IsNullOrWhiteSpace(info) ? "" : (" " + info)));
                    //Logger.Error(string.Format(@"Payment {0} S2S outcome {1}", paymentId.ToString(), pom.esito));
                    //return the URL of a suitable error page (call this.GetPaymentInfoUrl after inserting the error in the PaymentRecord)
                    return(pom.esito);
                }
                else
                {
                    LocalizedString error = T("HandleS2STransaction: MAC NOT VALID:\nComputed: {0}\nReceived: {1}", pom.PaymentOutcomeMAC, qs["mac"]);
                    sr.AppendLine(string.Format("ERROR: {0}", error.Text));
                }
            }
            Logger.Error(sr.ToString());
            throw new Exception(string.Format("Transaction message not valid: codTrans: {0}, esito: {1}, alias: {2}", qs["codTrans"] ?? "null", qs["esito"] ?? "null", qs["alias"] ?? "null"));
        }
コード例 #2
0
        /// <summary>
        /// Gets the inforation about the transaction result back from CartaSì and returns an URL showing the transaction's result.
        /// Depending on the way the transaction was set, this may not actually be an url.
        /// </summary>
        /// <param name="qs">The query string received in the attempt by CartaSì to redirect the browser.</param>
        /// <returns>The Url for the transaction results.</returns>
        public string HandleOutcomeTransaction(NameValueCollection qs)
        {
            //transaction information here may not be trustworthy
            int paymentId;

            if (!string.IsNullOrWhiteSpace(qs["codTrans"]) && int.TryParse(qs["codTrans"].Replace("LASER", ""), out paymentId))
            {
                PaymentOutcomeMessage pom     = new PaymentOutcomeMessage(qs);
                PaymentRecord         pRecord = GetPaymentInfo(paymentId);
                if (pRecord != null)
                {
                    return(GetPaymentInfoUrl(paymentId));
                }
            }

            LocalizedString error = T("Impossible to identify transaction. There was a communication error between CartaSì and our servers");

            Logger.Error(error.Text);
            throw new Exception(error.Text);
        }