Пример #1
0
        public IDirectPaymentResult ProcessDirect3D(IThreeDAuthRequest request)
        {
            //request.TransactionType = TransactionType.three;
            RequestQueryString  = BuildQueryString(request, ProtocolMessage.THREE_D_AUTH_REQUEST, SagePaySettings.ProtocolVersion);
            ResponseQueryString = ProcessWebRequestToSagePay(SagePaySettings.Direct3dSecureUrl, RequestQueryString);
            IDirectPaymentResult result = GetDirectPaymentResult(ResponseQueryString);

            return(result);
        }
Пример #2
0
        public IDirectPaymentResult ProcessDirect3D(IThreeDAuthRequest request)
        {
            //request.TransactionType = TransactionType.three;
            RequestQueryString  = BuildQueryString(request, ProtocolMessage.THREE_D_AUTH_REQUEST, _settings.ProtocolVersion);
            ResponseQueryString = ProcessWebRequestToSagePay(string.Format("https://{0}.sagepay.com/gateway/service/direct3dcallback.vsp", _settings.Environment), RequestQueryString);
            IDirectPaymentResult result = GetDirectPaymentResult(ResponseQueryString);

            return(result);
        }
Пример #3
0
        /// <summary>
        /// Processes the Authorize and AuthorizeAndCapture transactions
        /// </summary>
        /// <param name="invoice">The <see cref="IInvoice"/> to be paid</param>
        /// <param name="payment">The <see cref="Core.Models.IPayment"/> record</param>
        /// <param name="args"></param>
        /// <returns>The <see cref="Core.Gateways.Payment.IPaymentResult"/></returns>
        public IPaymentResult InitializePayment(IInvoice invoice, IPayment payment, ProcessorArgumentCollection args)
        {
            try
            {
                var sagePayDirectIntegration = new SagePayAPIIntegration(Settings);
                var request = sagePayDirectIntegration.DirectPaymentRequest();

                var creditCard = args.AsCreditCard();

                SetSagePayApiData(request, invoice, payment, creditCard);

                // Incredibly frustratingly, the sagepay integration kit provided by sagepay does not support paypal integration with sagepay direct so if this is a paypal transaction, we have to build the post manually.

                if (request.CardType == CardType.PAYPAL)
                {
                    using (var client = new HttpClient())
                    {
                        var values = new Dictionary <string, string> {
                        };

                        // Build the post and fix the values that the integration kit breaks...
                        foreach (var property in request.GetType().GetAllProperties())
                        {
                            if (property.CanRead && property.GetValue(request) != null)
                            {
                                if (property.Name == "VpsProtocol")
                                {
                                    values.Add(property.Name, "3.00");
                                }
                                else if (property.Name == "TransactionType")
                                {
                                    values.Add("TxType", "PAYMENT");
                                }
                                else
                                {
                                    values.Add(property.Name, property.GetValue(request).ToString());
                                }
                            }
                        }

                        var content = new FormUrlEncodedContent(values);

                        var response = client.PostAsync(string.Format("https://{0}.sagepay.com/gateway/service/vspdirect-register.vsp", Settings.Environment), content).Result;

                        var responseString = response.Content.ReadAsStringAsync().Result.Replace("\r\n", "&");

                        NameValueCollection sagePayResponseValues = HttpUtility.ParseQueryString(responseString);
                        if (sagePayResponseValues["Status"] == "PPREDIRECT")
                        {
                            var redirectUrl = sagePayResponseValues["PayPalRedirectURL"] + "&token=" + sagePayResponseValues["token"];
                            payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.SagePayPaymentUrl, redirectUrl);

                            var returnUrl = GetWebsiteUrl() + Settings.ReturnUrl;
                            payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.ReturnUrl, returnUrl);

                            var cancelUrl = GetWebsiteUrl() + Settings.CancelUrl;
                            payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.CancelUrl, cancelUrl);

                            payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.SagePayTransactionCode, sagePayResponseValues["VPSTxId"]);

                            return(new PaymentResult(Attempt <IPayment> .Succeed(payment), invoice, true));
                        }
                        else
                        {
                            return(new PaymentResult(Attempt <IPayment> .Fail(payment, new Exception(sagePayResponseValues["StatusDetail"])), invoice, true));
                        }
                    }
                }

                IDirectPaymentResult result = sagePayDirectIntegration.ProcessDirectPaymentRequest(request, string.Format("https://{0}.sagepay.com/gateway/service/vspdirect-register.vsp", Settings.Environment));



                if (result.Status == ResponseStatus.OK)
                {
                    payment.Collected  = true;
                    payment.Authorized = true;
                    GatewayProviderService service = new GatewayProviderService();
                    service.ApplyPaymentToInvoice(payment.Key, invoice.Key, Core.AppliedPaymentType.Debit, "SagePay: capture authorized", invoice.Total);
                    return(new PaymentResult(Attempt <IPayment> .Succeed(payment), invoice, true));
                }
                else if (result.Status == ResponseStatus.THREEDAUTH)
                {
                    // For 3D Secure we have to show a client side form which posts to the ACS url.
                    Func <string, string> adjustUrl = (url) =>
                    {
                        if (!url.StartsWith("http"))
                        {
                            url = GetWebsiteUrl() + (url[0] == '/' ? "" : "/") + url;
                        }
                        url = url.Replace("{invoiceKey}", invoice.Key.ToString(), StringComparison.InvariantCultureIgnoreCase);
                        url = url.Replace("{paymentKey}", payment.Key.ToString(), StringComparison.InvariantCultureIgnoreCase);
                        return(url);
                    };

                    var redirectUrl = adjustUrl("/App_Plugins/Merchello.SagePay/3dsecureRedirect.aspx?");
                    redirectUrl += "acsurl=" + Base64Encode(result.AcsUrl);
                    redirectUrl += "&PaReq=" + Base64Encode(result.PaReq);
                    redirectUrl += "&MD=" + Base64Encode(result.Md);
                    redirectUrl += "&TermUrl=" + Base64Encode(adjustUrl("/umbraco/MerchelloSagePay/SagePayApi/ThreeDSecureCallback?InvoiceKey={invoiceKey}&PaymentKey={paymentKey}"));
                    payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.ThreeDSecureUrl, redirectUrl);

                    var returnUrl = GetWebsiteUrl() + Settings.ReturnUrl;
                    payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.ReturnUrl, returnUrl);

                    var cancelUrl = GetWebsiteUrl() + Settings.CancelUrl;
                    payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.CancelUrl, cancelUrl);

                    return(new PaymentResult(Attempt <IPayment> .Succeed(payment), invoice, true));
                }
                //else if (result.Status == ResponseStatus.PPREDIRECT)
                //{
                //    var redirectUrl = result.PayPalRedirectUrl + "&token=" + result.Token;
                //    payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.SagePayPaymentUrl, redirectUrl);

                //    var returnUrl = GetWebsiteUrl() + Settings.ReturnUrl;
                //    payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.ReturnUrl, returnUrl);

                //    var cancelUrl = GetWebsiteUrl() + Settings.CancelUrl;
                //    payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.CancelUrl, cancelUrl);

                //    return new PaymentResult(Attempt<IPayment>.Succeed(payment), invoice, true);
                //}
                else
                {
                    return(new PaymentResult(Attempt <IPayment> .Fail(payment, new Exception(result.StatusDetail)), invoice, true));
                }
            }
            catch (Exception ex)
            {
                return(new PaymentResult(Attempt <IPayment> .Fail(payment, ex), invoice, true));
            }
        }
Пример #4
0
        public HttpResponseMessage ThreeDSecureCallback(Guid invoiceKey, Guid paymentKey, [FromBody] threeDSecurePostback values)
        {
            SagePayDirectIntegration sagePayDirectIntegration = new SagePayDirectIntegration(_directProcessor.Settings);

            // Query merchello for associated invoice and payment objects
            var invoice = _merchelloContext.Services.InvoiceService.GetByKey(invoiceKey);
            var payment = _merchelloContext.Services.PaymentService.GetByKey(paymentKey);

            if (invoice == null)
            {
                var ex = new NullReferenceException(string.Format("Invalid argument exception. Arguments: invoiceKey={0}, paymentKey={1}", invoiceKey, paymentKey));
                LogHelper.Error <SagePayApiController>("Payment not authorized.", ex);
                throw ex;
            }

            // Complete payment with Sagepay

            IThreeDAuthRequest request = sagePayDirectIntegration.ThreeDAuthRequest();

            request.Md    = values.MD;
            request.PaRes = values.PaRes;
            IDirectPaymentResult result = sagePayDirectIntegration.ProcessDirect3D(request);

            if (result.Status != ResponseStatus.OK)
            {
                return(ShowError(result.StatusDetail));
            }
            // Store some SagePay data in payment
            payment.ReferenceNumber = result.VpsTxId;
            payment.ExtendedData.SetValue(Constants.ExtendedDataKeys.SagePayTransactionCode, result.VpsTxId);

            // Authorize and save payment
            var authorizeResult = _directProcessor.AuthorizePayment(invoice, payment);

            _merchelloContext.Services.GatewayProviderService.Save(payment);
            if (!authorizeResult.Payment.Success)
            {
                LogHelper.Error <SagePayApiController>("Payment is not authorized.", authorizeResult.Payment.Exception);
                _merchelloContext.Services.GatewayProviderService.ApplyPaymentToInvoice(payment.Key, invoice.Key, AppliedPaymentType.Denied, "SagePay: request capture authorization error: " + authorizeResult.Payment.Exception.Message, 0);
                return(ShowError(authorizeResult.Payment.Exception.Message));
            }

            _merchelloContext.Services.GatewayProviderService.ApplyPaymentToInvoice(payment.Key, invoice.Key, AppliedPaymentType.Debit, "SagePay: capture authorized", 0);

            // Capture payment
            var providerKeyGuid      = new Guid(Constants.GatewayProviderSettingsKey);
            var paymentGatewayMethod = _merchelloContext.Gateways.Payment.GetPaymentGatewayMethods().First(item => item.PaymentMethod.ProviderKey == providerKeyGuid);

            var captureResult = paymentGatewayMethod.CapturePayment(invoice, payment, payment.Amount, null);

            if (!captureResult.Payment.Success)
            {
                LogHelper.Error <SagePayApiController>("Payment not captured.", captureResult.Payment.Exception);
                return(ShowError(captureResult.Payment.Exception.Message));
            }

            Notification.Trigger("OrderConfirmation", new Merchello.Core.Gateways.Payment.PaymentResult(Attempt <Merchello.Core.Models.IPayment> .Succeed(payment), invoice, true), new[] { invoice.BillToEmail });


            // Redirect to ReturnUrl (with token replacement for an alternative means of order retrieval)
            var returnUrl = payment.ExtendedData.GetValue(Constants.ExtendedDataKeys.ReturnUrl);
            var response  = Request.CreateResponse(HttpStatusCode.Moved);

            Func <string, string> adjustUrl = (url) =>
            {
                if (!url.StartsWith("http"))
                {
                    url = GetWebsiteUrl() + (url[0] == '/' ? "" : "/") + url;
                }
                url = url.Replace("{invoiceKey}", invoice.Key.ToString(), StringComparison.InvariantCultureIgnoreCase);
                url = url.Replace("{paymentKey}", payment.Key.ToString(), StringComparison.InvariantCultureIgnoreCase);
                return(url);
            };

            var redirectUrl = adjustUrl("/App_Plugins/Merchello.SagePay/3dsecureFinished.aspx?");

            redirectUrl += "&redirect=" + Base64Encode(returnUrl.Replace("%INVOICE%", invoice.Key.ToString().EncryptWithMachineKey()));
            response.Headers.Location = new Uri(redirectUrl);
            return(response);
        }