def test_mismatch_raises_exception(self): ipn = PayPalIPN(business='*****@*****.**') with self.assertRaises(paypalutil.SpoofedIPNException): paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**') ipn = PayPalIPN(receiver_email='*****@*****.**') with self.assertRaises(paypalutil.SpoofedIPNException): paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**')
def ipn(request, item_check_callable=None): """ PayPal IPN endpoint (notify_url). Used by both PayPal Payments Pro and Payments Standard to confirm transactions. http://tinyurl.com/d9vu9d PayPal IPN Simulator: https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session """ logging.info(request) form = PayPalIPNForm(request.POST) logging.info(form) logging.info(form.is_valid()) if form.is_valid(): try: ipn_obj = form.save(commit=False) logging.info(ipn_obj) except Exception, e: logging.error(e) ipn_obj = PayPalIPN() ipn_obj.set_flag("Exception while processing. (%s)" % form.errors) logging.info(ipn_obj)
def create_ipn(request): flag = None ipnObj = None form = PayPalIPNForm(request.POST) if form.is_valid(): try: ipnObj = form.save(commit=False) except Exception as e: flag = 'Exception while processing. (%s)' % e else: flag = 'Invalid form. (%s)' % form.errors if ipnObj is None: ipnObj = PayPalIPN() ipnObj.initialize(request) if flag is not None: ipnObj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipnObj.verify_secret(form, request.GET['secret']) else: donation = get_ipn_donation(ipnObj) if not donation: raise Exception('No donation associated with this IPN') verify_ipn_recipient_email(ipnObj, donation.event.paypalemail) ipnObj.verify() ipnObj.save() return ipnObj
def create_subscription(user, data, ipaddress): subscr_date = dateutil.parser.parse(data.get('subscr_date')) subscr_effective = subscr_date + timedelta(days=30) _dict = dict( subscr_id=data.get('subscr_id'), business=settings.PAYPAL_ITEM_NAME, first_name=data.get('first_name', user.first_name), last_name=data.get('last_name', user.last_name), payer_email=data.get('payer_email'), payer_id=data.get('payer_id'), amount1=data.get('amount1', 0.0), amount2=data.get('amount2', 0.0), amount3=data.get('amount3', 0.0), mc_amount1=data.get('mc_amount1', 0.0), mc_amount2=data.get('mc_amount2', 0.0), mc_amount3=data.get('mc_amount3', 0.0), subscr_date=subscr_date, username=user.username, notify_version=data.get('notify_version'), receiver_email='*****@*****.**', txn_type=data.get('txn_type'), mc_currency=data.get('mc_currency'), recurring=data.get('recurring'), test_ipn=data.get('test_ipn', False), subscr_effective=None, next_payment_date=subscr_effective, time_created=datetime.now(), ipaddress=ipaddress, ) log.warn("saving subscription information for %s from IPN" % user.username) ipn = PayPalIPN(**_dict) ipn.save()
def create_ipn(request): flag = None ipnObj = None form = PayPalIPNForm(request.POST) if form.is_valid(): try: ipnObj = form.save(commit=False) except Exception as e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. (%s)" % form.errors if ipnObj is None: ipnObj = PayPalIPN() ipnObj.initialize(request) if flag is not None: ipnObj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipnObj.verify_secret(form, request.GET['secret']) else: donation = get_ipn_donation(ipnObj) if not donation: raise Exception('No donation associated with this IPN: Custom field value {!r}'.format(ipnObj.custom)) ipnObj.verify() # Check if receiver email matches event here. This removes the need for a custom fork of django-paypal. business = donation.event.paypalemail if (ipnObj.business and ipnObj.business.lower() != business.lower()) or ( not ipnObj.business and ipnObj.receiver_email.lower() != business.lower()): ipnObj.set_flag("Business email mismatch. (%s)" % ipnObj.business) ipnObj.save() return ipnObj
def make_ipn(custom, grand_total): from django.conf import settings return PayPalIPN(receiver_email=settings.PAYPAL_BUSINESS_EMAIL, receiver_id=settings.PAYPAL_BUSINESS_ID, mc_currency='EUR', payment_status='Completed', custom=str(custom), mc_gross=Decimal(grand_total))
def ipn_object(): """Returns a valid IPN object.""" return PayPalIPN(business=settings.PAYPAL_RECEIVER_EMAIL, payment_status='Completed', mc_gross=Decimal( settings.CS_EXTRA_CARD_PACK_PRICE), mc_currency=settings.CS_EXTRA_CARD_PACK_CURRENCY, custom='{"player_id":%d}' % user.id)
def ipn(request, item_check_callable=None): """ PayPal IPN endpoint (notify_url). Used by both PayPal Payments Pro and Payments Standard to confirm transactions. http://tinyurl.com/d9vu9d PayPal IPN Simulator: https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session """ #TODO: Clean up code so that we don't need to set None here and have a lot # of if checks just to determine if flag is set. flag = None ipn_obj = None # Clean up the data as PayPal sends some weird values such as "N/A" data = request.POST.copy() date_fields = ('time_created', 'payment_date', 'next_payment_date', 'subscr_date', 'subscr_effective') for date_field in date_fields: if data.get(date_field) == 'N/A': del data[date_field] form = PayPalIPNForm(data) if form.is_valid(): try: #When commit = False, object is returned without saving to DB. ipn_obj = form.save(commit=False) except Exception as e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. (%s)" % form.errors if ipn_obj is None: ipn_obj = PayPalIPN() #Set query params and sender's IP address ipn_obj.initialize(request) if flag is not None: #We save errors in the flag field ipn_obj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipn_obj.verify_secret(form, request.GET['secret']) else: ipn_obj.verify(item_check_callable) ipn_obj.save() return HttpResponse("OKAY")
def ipn(request, item_check_callable=None): """ PayPal IPN endpoint (notify_url). Used by both PayPal Payments Pro and Payments Standard to confirm transactions. http://tinyurl.com/d9vu9d PayPal IPN Simulator: https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session """ # TODO: Clean up code so that we don't need to set None here and have a lot # of if checks just to determine if flag is set. flag = None ipn_obj = None # Clean up the data as PayPal sends some weird values such as "N/A" # Also, need to cope with custom encoding, which is stored in the body (!). # Assuming the tolerant parsing of QueryDict and an ASCII-like encoding, # such as windows-1252, latin1 or UTF8, the following will work: encoding = request.POST.get('charset', None) encoding_missing = encoding is None if encoding_missing: encoding = DEFAULT_ENCODING try: data = QueryDict(request.body, encoding=encoding).copy() except LookupError: data = None flag = "Invalid form - invalid charset" if data is not None: if hasattr(PayPalIPN._meta, 'get_fields'): date_fields = [ f.attname for f in PayPalIPN._meta.get_fields() if f.__class__.__name__ == 'DateTimeField' ] else: date_fields = [ f.attname for f, m in PayPalIPN._meta.get_fields_with_model() if f.__class__.__name__ == 'DateTimeField' ] for date_field in date_fields: if data.get(date_field) == 'N/A': del data[date_field] form = PayPalIPNForm(data) if form.is_valid(): try: # When commit = False, object is returned without saving to DB. ipn_obj = form.save(commit=False) except Exception as e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. ({0})".format(", ".join([ "{0}: {1}".format(k, ", ".join(v)) for k, v in form.errors.items() ])) if ipn_obj is None: ipn_obj = PayPalIPN() # Set query params and sender's IP address ipn_obj.initialize(request) if flag is not None: # We save errors in the flag field ipn_obj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipn_obj.verify_secret(form, request.GET['secret']) else: ipn_obj.verify(item_check_callable) ipn_obj.save() ipn_obj.send_signals() if encoding_missing: # Wait until we have an ID to log warning log.warning("No charset passed with PayPalIPN: %s. Guessing %s", ipn_obj.id, encoding) return HttpResponse("OKAY")
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session """ flag = None ipn_obj = None form = PayPalIPNForm(request.POST) if form.is_valid(): try: ipn_obj = form.save(commit=False) except Exception, e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. (%s)" % form.errors if ipn_obj is None: ipn_obj = PayPalIPN() ipn_obj.initialize(request) if flag is not None: ipn_obj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipn_obj.verify_secret(form, request.GET['secret']) else: ipn_obj.verify(item_check_callable) ipn_obj.save() return HttpResponse("OKAY")
def get_ipn(request): ipnObj = PayPalIPN() ipnObj.initialize(request) return ipnObj
from decimal import * import pytz def create_ipn(request): flag = None ipnObj = None form = PayPalIPNForm(request.POST) if form.is_valid(): try: ipnObj = form.save(commit=False) except Exception, e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. (%s)" % form.errors if ipnObj is None: ipnObj = PayPalIPN() ipnObj.initialize(request) if flag is not None: ipnObj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipnObj.verify_secret(form, request.GET['secret']) else: donation = get_ipn_donation(ipnObj) if not donation: raise Exception('No donation associated with this IPN') ipnObj.verify(None, donation.event.paypalemail) ipnObj.save() return ipnObj
def ipn(request, item_check_callable=None): """ PayPal IPN endpoint (notify_url). Used by both PayPal Payments Pro and Payments Standard to confirm transactions. http://tinyurl.com/d9vu9d PayPal IPN Simulator: https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session """ #TODO: Clean up code so that we don't need to set None here and have a lot # of if checks just to determine if flag is set. flag = None ipn_obj = None # Clean up the data as PayPal sends some weird values such as "N/A" # Also, need to cope with custom encoding, which is stored in the body (!). # Assuming the tolerate parsing of QueryDict and an ASCII-like encoding, # such as windows-1252, latin1 or UTF8, the following will work: encoding = request.POST.get('charset', None) if encoding is None: flag = "Invalid form - no charset passed, can't decode" data = None else: try: data = QueryDict(request.body, encoding=encoding).copy() except LookupError: data = None flag = "Invalid form - invalid charset" if data is not None: date_fields = ('time_created', 'payment_date', 'next_payment_date', 'subscr_date', 'subscr_effective') for date_field in date_fields: if data.get(date_field) == 'N/A': del data[date_field] form = PayPalIPNForm(data) if form.is_valid(): try: #When commit = False, object is returned without saving to DB. ipn_obj = form.save(commit=False) except Exception as e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. (%s)" % form.errors if ipn_obj is None: ipn_obj = PayPalIPN() #Set query params and sender's IP address ipn_obj.initialize(request) if flag is not None: #We save errors in the flag field ipn_obj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipn_obj.verify_secret(form, request.GET['secret']) else: ipn_obj.verify(item_check_callable) ipn_obj.save() return HttpResponse("OKAY")
def ipn(request, item_check_callable=None, host_id=None, trans_id=None): """ PayPal IPN endpoint (notify_url). Used by both PayPal Payments Pro and Payments Standard to confirm transactions. http://tinyurl.com/d9vu9d PayPal IPN Simulator: https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session #what triggers this view? """ #TODO: Clean up code so that we don't need to set None here and have a lot # of if checks just to determine if flag is set. flag = None ipn_obj = None # Clean up the data as PayPal sends some weird values such as "N/A" # Also, need to cope with custom encoding, which is stored in the body (!). # Assuming the tolerant parsing of QueryDict and an ASCII-like encoding, # such as windows-1252, latin1 or UTF8, the following will work: encoding = request.POST.get('charset', None) if encoding is None: flag = "Invalid form - no charset passed, can't decode" data = None else: try: data = QueryDict(request.body, encoding=encoding).copy() except LookupError: data = None flag = "Invalid form - invalid charset" if data is not None: date_fields = ('time_created', 'payment_date', 'next_payment_date', 'subscr_date', 'subscr_effective') for date_field in date_fields: if data.get(date_field) == 'N/A': del data[date_field] form = PayPalIPNForm( data) #from paypal.standard.ipn.forms import PayPalIPNForm if form.is_valid(): try: #When commit = False, object is returned without saving to DB. ipn_obj = form.save(commit=False) except Exception as e: flag = "Exception while processing. (%s)" % e else: flag = "Invalid form. (%s)" % form.errors if ipn_obj is None: ipn_obj = PayPalIPN( ) #from paypal.standard.ipn.models import PayPalIPN #Set query params and sender's IP address ipn_obj.initialize(request) #Store the invoice value so i can use it to update the transactions model invoice_sent = ipn_obj.invoice #Add other host characteristicsto the model #Eventually add transaction_id to the ipn_obj model if host_id: host = get_object_or_404(UserInfo, pk=host_id) ipn_obj.host_email = host.email ipn_obj.host_fname = host.first_name ipn_obj.host_lname = host.last_name ipn_obj.host_st_address1 = host.st_address1 ipn_obj.host_st_address2 = host.st_address2 if trans_id: trans = Transaction.objects.get(pk=trans_id) ipn_obj.trans_table_id = trans.id #the following set_flag is defined in paypal.standard.modle.spy, flat var is passed as the "info" parameter if flag is not None: #We save errors in the flag field ipn_obj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: ipn_obj.verify_secret(form, request.GET['secret']) else: ipn_obj.verify(item_check_callable) ipn_obj.save() ipn_obj.send_signals() #JMY ADDED: Update the Transaction Table to confirm we need to transation ID but only have invoice on the paypal IPN if trans_id: trans.payment_processed = True trans_table_id = trans.id trans.payment_method = "Paypal" trans.save() #update the userinfo table to add an account balance new_balance = trans.balance_created_packages userinfo = UserInfo.objects.get(pk=trans.enduser.id) if new_balance: userinfo.account_balance_packages = new_balance userinfo.save() #send emails notify_host_shipment_paid(request, trans_table_id) notify_enduser_shipment_paid(request, trans_table_id) return HttpResponse("OKAY")
def payment_ipn_view(request, id, organisation_name): """ PayPal IPN endpoint (notify_url). Used by both PayPal Payments Pro and Payments Standard to confirm transactions. http://tinyurl.com/d9vu9d PayPal IPN Simulator: https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session """ # TODO: Clean up code so that we don't need to set None here and have a lot # of if checks just to determine if flag is set. flag = None ipn_obj = None # Avoid the RawPostDataException. See original issue for details: # https://github.com/spookylukey/django-paypal/issues/79 if not request.META.get('CONTENT_TYPE', '').startswith( 'application/x-www-form-urlencoded'): raise AssertionError(CONTENT_TYPE_ERROR) # Clean up the data as PayPal sends some weird values such as "N/A" # Also, need to cope with custom encoding, which is stored in the body (!). # Assuming the tolerant parsing of QueryDict and an ASCII-like encoding, # such as windows-1252, latin1 or UTF8, the following will work: encoding = request.POST.get('charset', None) encoding_missing = encoding is None if encoding_missing: encoding = DEFAULT_ENCODING try: data = QueryDict(request.body, encoding=encoding).copy() except LookupError: warn_untested() data = None flag = "Invalid form - invalid charset" if data is not None: if hasattr(PayPalIPN._meta, 'get_fields'): date_fields = [f.attname for f in PayPalIPN._meta.get_fields() if f.__class__.__name__ == 'DateTimeField'] else: date_fields = [f.attname for f, m in PayPalIPN._meta.get_fields_with_model() if f.__class__.__name__ == 'DateTimeField'] for date_field in date_fields: if data.get(date_field) == 'N/A': del data[date_field] form = PayPalIPNForm(data) if form.is_valid(): try: # When commit = False, object is returned without saving to DB. ipn_obj = form.save(commit=False) except Exception as e: flag = "Exception while processing. (%s)" % e else: formatted_form_errors = ["{0}: {1}".format(k, ", ".join(v)) for k, v in form.errors.items()] flag = "Invalid form. ({0})".format(", ".join(formatted_form_errors)) if ipn_obj is None: ipn_obj = PayPalIPN() # Set query params and sender's IP address ipn_obj.initialize(request) if flag is not None: # We save errors in the flag field ipn_obj.set_flag(flag) else: # Secrets should only be used over SSL. if request.is_secure() and 'secret' in request.GET: warn_untested() ipn_obj.verify_secret(form, request.GET['secret']) else: ipn_obj.verify() if(ipn_obj.payment_status == 'Completed'): o_Orders = Order.objects.filter(invoiceUID = ipn_obj.invoice) for o_Order in o_Orders: o_Order.isPayed = True o_Order.save() sendDankesEmail(ipn_obj) ipn_obj.save() ipn_obj.send_signals() if encoding_missing: # Wait until we have an ID to log warning logger.warning("No charset passed with PayPalIPN: %s. Guessing %s", ipn_obj.id, encoding) return HttpResponse("OKAY")
def test_match_is_okay(self): ipn = PayPalIPN(business='*****@*****.**') paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**') ipn = PayPalIPN(receiver_email='*****@*****.**') paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**')