def update(self, request):
form = ResetPinForm(uuid=request.session['uuid'], data=request.DATA)
if not request.session.get('was_reverified', False):
return app_error(request)
if form.is_valid():
res = client.set_new_pin(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
request.session['was_reverified'] = False
return response.Response(status=204)
return app_error(request)
def update(self, request):
form = ResetPinForm(uuid=request.session['uuid'], data=request.DATA)
if not request.session.get('was_reverified', False):
return app_error(request)
if form.is_valid():
res = client.set_new_pin(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
request.session['was_reverified'] = False
return response.Response(status=204)
return app_error(request)
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error('multiple error codes: {codes}'.format(codes=codes))
codes = ', '.join(codes)
return app_error(request, code=codes)
if (disabled_by_user_agent(request.META.get('HTTP_USER_AGENT', None))
or (settings.ONLY_SIMULATIONS and not form.is_simulation)):
return custom_error(request,
_('Payments are temporarily disabled.'),
code=msg.PAY_DISABLED,
status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=(
'request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error('multiple error codes: {codes}'.format(codes=codes))
codes = ', '.join(codes)
return app_error(request, code=codes)
if settings.ONLY_SIMULATIONS and not form.is_simulation:
# Real payments are currently disabled.
# Only simulated payments are allowed.
return custom_error(request, _('Payments are temporarily disabled.'),
code=msg.PAY_DISABLED, status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error('multiple error codes: {codes}'.format(codes=codes))
codes = ', '.join(codes)
return app_error(request, code=codes)
if (disabled_by_user_agent(request.META.get('HTTP_USER_AGENT', None)) or
(settings.ONLY_SIMULATIONS and not form.is_simulation)):
return custom_error(request,
_('Payments are temporarily disabled.'),
code=msg.PAY_DISABLED, status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
algorithms=settings.SUPPORTED_JWT_ALGORITHMS,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll look up.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
log.debug('exception in mozpay.verify_jwt(): {e}'.format(e=exc))
er = msg.EXPIRED_JWT
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error("multiple error codes: {codes}".format(codes=codes))
codes = ", ".join(codes)
return app_error(request, code=codes)
if disabled_by_user_agent(request.META.get("HTTP_USER_AGENT", None)) or (
settings.ONLY_SIMULATIONS and not form.is_simulation
):
return custom_error(request, _("Payments are temporarily disabled."), code=msg.PAY_DISABLED, status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data["req"],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=(
"request.id",
"request.pricePoint", # A price tier we'll lookup.
"request.name",
"request.description",
"request.postbackURL",
"request.chargebackURL",
),
)
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def create(self, request):
form = CreatePinForm(uuid=request.session['uuid'], data=request.DATA)
if form.is_valid():
res = client.change_pin(form.uuid,
form.cleaned_data['pin'],
etag=form.buyer_etag,
pin_confirmed=True,
clear_was_locked=True)
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return response.Response(status=204)
return app_error(request)
def create(self, request):
form = CreatePinForm(uuid=request.session["uuid"], data=request.DATA)
if form.is_valid():
if getattr(form, "buyer_exists", None):
res = client.change_pin(form.uuid, form.cleaned_data["pin"], etag=form.buyer_etag)
else:
res = client.create_buyer(form.uuid, form.cleaned_data["pin"])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return response.Response(status=201)
return response.Response(status=201)
return app_error(request)
def create(self, request):
form = CreatePinForm(uuid=request.session['uuid'], data=request.DATA)
if form.is_valid():
if getattr(form, 'buyer_exists', None):
res = client.change_pin(form.uuid,
form.cleaned_data['pin'],
etag=form.buyer_etag)
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return response.Response(status=201)
return response.Response(status=201)
return app_error(request)
form.secret,
required_keys=(
'request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
except InvalidJWT, exc:
er = msg.INVALID_JWT
if exc:
log.exception('calling verify_jwt')
return app_error(request, code=er)
icon_urls = []
if pay_req['request'].get('icons'):
icon_urls = pay_req['request']['icons'].values()
# Verify that all URLs are valid.
try:
verify_urls(pay_req['request']['postbackURL'],
pay_req['request']['chargebackURL'],
is_simulation=form.is_simulation)
verify_urls(*icon_urls,
is_simulation=form.is_simulation,
check_postbacks=False)
except ValueError, exc:
log.exception('invalid URLs')
return app_error(request, code=msg.MALFORMED_URL)
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
except InvalidJWT, exc:
er = msg.INVALID_JWT
if exc:
log.exception('calling verify_jwt')
return app_error(request, code=er)
icon_urls = []
if pay_req['request'].get('icons'):
icon_urls = pay_req['request']['icons'].values()
# Verify that all URLs are valid.
try:
verify_urls(pay_req['request']['postbackURL'],
pay_req['request']['chargebackURL'],
is_simulation=form.is_simulation)
verify_urls(*icon_urls,
is_simulation=form.is_simulation,
check_postbacks=False)
except ValueError, exc:
log.exception('invalid URLs')
return app_error(request, code=msg.MALFORMED_URL)
