def oauth_return(request, *args, **kwargs):
if 'payment_paypal_oauth_event' not in request.session:
messages.error(request, _('An error occurred during connecting with PayPal, please try again.'))
return redirect(reverse('control:index'))
event = get_object_or_404(Event, pk=request.session['payment_paypal_oauth_event'])
prov = Paypal(event)
prov.init_api()
try:
tokeninfo = Tokeninfo.create(request.GET.get('code'))
userinfo = Tokeninfo.create_with_refresh_token(tokeninfo['refresh_token']).userinfo()
except:
logger.exception('Failed to obtain OAuth token')
messages.error(request, _('An error occurred during connecting with PayPal, please try again.'))
else:
messages.success(request,
_('Your PayPal account is now connected to pretix. You can change the settings in '
'detail below.'))
event.settings.payment_paypal_connect_refresh_token = tokeninfo['refresh_token']
event.settings.payment_paypal_connect_user_id = userinfo.email
return redirect(reverse('control:event.settings.payment.provider', kwargs={
'organizer': event.organizer.slug,
'event': event.slug,
'provider': 'paypal'
}))
def checkout_prepare(self, request, cart):
self.init_api()
kwargs = {}
if request.resolver_match and 'cart_namespace' in request.resolver_match.kwargs:
kwargs['cart_namespace'] = request.resolver_match.kwargs[
'cart_namespace']
if request.event.settings.payment_paypal_connect_user_id:
userinfo = Tokeninfo.create_with_refresh_token(
request.event.settings.payment_paypal_connect_refresh_token
).userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
payee = {
"email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API,
# we should use it instead of the merchant's eMail-address
# "merchant_id": request.event.settings.payment_paypal_connect_user_id,
}
else:
payee = {}
payment = paypalrestsdk.Payment({
'intent':
'sale',
'payer': {
"payment_method": "paypal",
},
"redirect_urls": {
"return_url":
build_absolute_uri(request.event,
'plugins:paypal:return',
kwargs=kwargs),
"cancel_url":
build_absolute_uri(request.event,
'plugins:paypal:abort',
kwargs=kwargs),
},
"transactions": [{
"item_list": {
"items": [{
"name": __('Order for %s') % str(request.event),
"quantity": 1,
"price": self.format_price(cart['total']),
"currency": request.event.currency
}]
},
"amount": {
"currency": request.event.currency,
"total": self.format_price(cart['total'])
},
"description":
__('Event tickets for {event}').format(
event=request.event.name),
"payee":
payee
}]
})
request.session['payment_paypal_order'] = None
return self._create_payment(request, payment)
def test_userinfo(self):
Base.post.side_effect = paypal.UnauthorizedAccess('', '')
self.assertRaises(paypal.UnauthorizedAccess, Tokeninfo().userinfo, {})
Base.post.assert_called_once_with('v1/identity/openidconnect/userinfo',
{
'access_token': None,
'schema': 'openid'
})
def payment_prepare(self, request, payment_obj):
self.init_api()
if request.event.settings.payment_paypal_connect_user_id:
userinfo = Tokeninfo.create_with_refresh_token(
request.event.settings.payment_paypal_connect_refresh_token
).userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
payee = {
"email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API,
# we should use it instead of the merchant's eMail-address
# "merchant_id": request.event.settings.payment_paypal_connect_user_id,
}
else:
payee = {}
payment = paypalrestsdk.Payment({
'intent':
'sale',
'payer': {
"payment_method": "paypal",
},
"redirect_urls": {
"return_url":
build_absolute_uri(request.event, 'plugins:paypal:return'),
"cancel_url":
build_absolute_uri(request.event, 'plugins:paypal:abort'),
},
"transactions": [{
"item_list": {
"items": [{
"name":
__('Order {slug}-{code}').format(
slug=self.event.slug.upper(),
code=payment_obj.order.code),
"quantity":
1,
"price":
self.format_price(payment_obj.amount),
"currency":
payment_obj.order.event.currency
}]
},
"amount": {
"currency": request.event.currency,
"total": self.format_price(payment_obj.amount)
},
"description":
__('Order {order} for {event}').format(
event=request.event.name, order=payment_obj.order.code),
"payee":
payee
}]
})
request.session['payment_paypal_order'] = payment_obj.order.pk
request.session['payment_paypal_payment'] = payment_obj.pk
return self._create_payment(request, payment)
def test_refresh(self):
Base.post.side_effect = paypal.ResourceNotFound('', '')
self.assertRaises(paypal.ResourceNotFound, Tokeninfo().refresh, {})
Base.post.assert_called_once_with(
'v1/identity/openidconnect/tokenservice', {
'client_secret': client_secret,
'grant_type': 'refresh_token',
'refresh_token': None,
'client_id': client_id
})
def payment_prepare(self, request, payment_obj):
self.init_api()
if request.event.settings.payment_paypal_connect_user_id:
userinfo = Tokeninfo.create_with_refresh_token(request.event.settings.payment_paypal_connect_refresh_token).userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
payee = {
"email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API,
# we should use it instead of the merchant's eMail-address
# "merchant_id": request.event.settings.payment_paypal_connect_user_id,
}
else:
payee = {}
payment = paypalrestsdk.Payment({
'intent': 'sale',
'payer': {
"payment_method": "paypal",
},
"redirect_urls": {
"return_url": build_absolute_uri(request.event, 'plugins:paypal:return'),
"cancel_url": build_absolute_uri(request.event, 'plugins:paypal:abort'),
},
"transactions": [
{
"item_list": {
"items": [
{
"name": __('Order {slug}-{code}').format(slug=self.event.slug.upper(),
code=payment_obj.order.code),
"quantity": 1,
"price": self.format_price(payment_obj.amount),
"currency": payment_obj.order.event.currency
}
]
},
"amount": {
"currency": request.event.currency,
"total": self.format_price(payment_obj.amount)
},
"description": __('Order {order} for {event}').format(
event=request.event.name,
order=payment_obj.order.code
),
"payee": payee
}
]
})
request.session['payment_paypal_order'] = payment_obj.order.pk
request.session['payment_paypal_payment'] = payment_obj.pk
return self._create_payment(request, payment)
def login_via_paypal():
try:
options = configure_openid_request()
login_url = Tokeninfo.authorize_url(options=options)
except (ConnectionError, MissingParam, MissingConfig) as e:
app.logger.exception(e)
return internal_server_error()
except Exception as e:
app.logger.exception(e)
return internal_server_error()
#redirect to login page for approval
return redirect(login_url)
def checkout_prepare(self, request, cart):
self.init_api()
kwargs = {}
if request.resolver_match and 'cart_namespace' in request.resolver_match.kwargs:
kwargs['cart_namespace'] = request.resolver_match.kwargs['cart_namespace']
if request.event.settings.payment_paypal_connect_user_id:
userinfo = Tokeninfo.create_with_refresh_token(request.event.settings.payment_paypal_connect_refresh_token).userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
payee = {
"email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API,
# we should use it instead of the merchant's eMail-address
# "merchant_id": request.event.settings.payment_paypal_connect_user_id,
}
else:
payee = {}
payment = paypalrestsdk.Payment({
'intent': 'sale',
'payer': {
"payment_method": "paypal",
},
"redirect_urls": {
"return_url": build_absolute_uri(request.event, 'plugins:paypal:return', kwargs=kwargs),
"cancel_url": build_absolute_uri(request.event, 'plugins:paypal:abort', kwargs=kwargs),
},
"transactions": [
{
"item_list": {
"items": [
{
"name": __('Order for %s') % str(request.event),
"quantity": 1,
"price": self.format_price(cart['total']),
"currency": request.event.currency
}
]
},
"amount": {
"currency": request.event.currency,
"total": self.format_price(cart['total'])
},
"description": __('Event tickets for {event}').format(event=request.event.name),
"payee": payee
}
]
})
request.session['payment_paypal_order'] = None
return self._create_payment(request, payment)
def login(request):
# return render(request, 'paypal/google_validation.html', {})
print('Starting point')
if 'logout_url' not in request.session:
# Generate login url
login_url = Tokeninfo.authorize_url(
{"scope": "openid profile email"}
) #{ "scope": "openid profile email https://uri.paypal.com/services/expresscheckout"}
return HttpResponseRedirect(login_url)
else:
return afterLogin(request)
def login_return(request):
authCode = request.GET.get('code', '')
if not authCode:
return HttpResponseRedirect('/')
# Create tokeninfo with Authorize code
tokeninfo = Tokeninfo.create(authCode)
# request.session['id_token'] = tokeninfo.id_token
request.session['access_token'] = tokeninfo.access_token
request.session['refresh_token'] = tokeninfo.refresh_token
request.session['logout_url'] = tokeninfo.logout_url()
# request.session.set_expiry(float(tokeninfo.expires_in))
# Get userinfo
userinfo = tokeninfo.userinfo()
request.session['email'] = userinfo.email
request.session['name'] = userinfo.name
checkUser(userinfo.email, True)
return afterLogin(request)
# if payment.create():
# print("Payment[%s] created successfully" % (payment.id))
# # PayerID is required to approve the payment.
# if payment.execute({"payer_id": "DUFRQ8GWYMJXC"}): # return True or False
# print("Payment[%s] execute successfully" % (payment.id))
# else:
# print(payment.error)
# else:
# print(payment.error)
from paypalrestsdk.openid_connect import Tokeninfo, Userinfo
# Generate login url
login_url = Tokeninfo.authorize_url({ "scope": "openid profile"})
# Create tokeninfo with Authorize code
tokeninfo = Tokeninfo.create("Replace with Authorize code")
# Refresh tokeninfo
tokeninfo = tokeninfo.refresh()
# Create tokeninfo with refresh_token
tokeninfo = Tokeninfo.create_with_refresh_token("Replace with refresh_token")
# Get userinfo
userinfo = tokeninfo.userinfo()
# Get userinfo with access_token
userinfo = Userinfo.get("Replace with access_token")
# tokeninfo = Tokeninfo.create(code)
# print(tokeninfo)
# # Response 200
# tokeninfo = {
# token_type: 'Bearer',
# expires_in: '28800',
# refresh_token: 'J5yFACP3Y5dqdWCdN3o9lNYz0XyR01IHNMQn-E4r6Ss38rqbQ1C4rC6PSBhJvB_tte4WZsWe8ealMl-U_GMSz30dIkKaovgN41Xf8Sz0EGU55da6tST5I6sg3Rw',
# id_token: '<some value>',
# access_token: '<some value>'
# }
#end
# Step 4. You can use the refresh token to get the third party merchant's email address to use in the invoice, and then you can create an invoice on behalf of the third party merchant.
refresh_token = "J5yFACP3Y5dqdWCdN3o9lNYz0XyR01IHNMQn-E4r6Ss38rqbQ1C4rC6PSBhJvB_tte4WZsWe8ealMl-U_GMSz30dIkKaovgN41Xf8Sz0EGU55da6tST5I6sg3Rw"
token_info = Tokeninfo.create_with_refresh_token(refresh_token)
print(token_info)
user_info = token_info.userinfo()
print(user_info)
invoice = Invoice({
"merchant_info": {
# The email address used here would be of a third party.
"email": user_info.email,
"first_name": "Dennis",
"last_name": "Doctor",
"business_name": "Medical Professionals, LLC",
"phone": {
def test_logout_url_using_tokeninfo(self):
url = Tokeninfo({'id_token': '1234'}).logout_url()
assert_regex_matches(self, url, 'id_token=1234')
def test_authorize_url_using_tokeninfo(self):
url = Tokeninfo.authorize_url({'scope': 'openid profile'})
assert_regex_matches(self, url, 'scope=openid\+profile')
def test_userinfo(self):
self.assertRaises(paypal.UnauthorizedAccess, Tokeninfo().userinfo, {})
def checkout_prepare(self, request, cart):
self.init_api()
kwargs = {}
if request.resolver_match and 'cart_namespace' in request.resolver_match.kwargs:
kwargs['cart_namespace'] = request.resolver_match.kwargs[
'cart_namespace']
if request.event.settings.payment_paypal_connect_user_id:
try:
userinfo = Tokeninfo.create_with_refresh_token(
request.event.settings.payment_paypal_connect_refresh_token
).userinfo()
except BadRequest as ex:
ex = json.loads(ex.content)
messages.error(
request, '{}: {} ({})'.format(
_('We had trouble communicating with PayPal'),
ex['error_description'], ex['correlation_id']))
return
request.event.settings.payment_paypal_connect_user_id = userinfo.email
payee = {
"email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API,
# we should use it instead of the merchant's eMail-address
# "merchant_id": request.event.settings.payment_paypal_connect_user_id,
}
else:
payee = {}
payment = paypalrestsdk.Payment({
'header': {
'PayPal-Partner-Attribution-Id': 'ramiioSoftwareentwicklung_SP'
},
'intent':
'sale',
'payer': {
"payment_method": "paypal",
},
"redirect_urls": {
"return_url":
build_absolute_uri(request.event,
'plugins:paypal:return',
kwargs=kwargs),
"cancel_url":
build_absolute_uri(request.event,
'plugins:paypal:abort',
kwargs=kwargs),
},
"transactions": [{
"item_list": {
"items": [{
"name": __('Order for %s') % str(request.event),
"quantity": 1,
"price": self.format_price(cart['total']),
"currency": request.event.currency
}]
},
"amount": {
"currency": request.event.currency,
"total": self.format_price(cart['total'])
},
"description":
__('Event tickets for {event}').format(
event=request.event.name),
"payee":
payee
}]
})
request.session['payment_paypal_order'] = None
return self._create_payment(request, payment)
import paypalrestsdk
from paypalrestsdk.openid_connect import Tokeninfo
paypalrestsdk.configure({ 'openid_client_id': 'CLIENT_ID',
'openid_client_secret': 'CLIENT_SECRET',
'openid_redirect_uri': 'http://example.com' })
login_url = Tokeninfo.authorize_url({ 'scope': 'openid profile'})
print(login_url)
code = raw_input('Authorize code: ')
tokeninfo = Tokeninfo.create(code)
print(tokeninfo)
userinfo = tokeninfo.userinfo()
print(userinfo)
tokeninfo = tokeninfo.refresh()
print(tokeninfo)
logout_url = tokeninfo.logout_url()
print(logout_url)
def refreshToken(request):
refreshtoken = request.session['refresh_token']
tokeninfo = Tokeninfo.create_with_refresh_token(refreshtoken)
request.session['id_token'] = tokeninfo.id_token
request.session['access_token'] = tokeninfo.access_token
def test_refresh(self):
self.assertRaises(paypal.BadRequest, Tokeninfo().refresh, {})
def payment_prepare(self, request, payment_obj):
self.init_api()
try:
if request.event.settings.payment_paypal_connect_user_id:
try:
tokeninfo = Tokeninfo.create_with_refresh_token(
request.event.settings.
payment_paypal_connect_refresh_token)
except BadRequest as ex:
ex = json.loads(ex.content)
messages.error(
request, '{}: {} ({})'.format(
_('We had trouble communicating with PayPal'),
ex['error_description'], ex['correlation_id']))
return
# Even if the token has been refreshed, calling userinfo() can fail. In this case we just don't
# get the userinfo again and use the payment_paypal_connect_user_id that we already have on file
try:
userinfo = tokeninfo.userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
except UnauthorizedAccess:
pass
payee = {
"email":
request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API,
# we should use it instead of the merchant's eMail-address
# "merchant_id": request.event.settings.payment_paypal_connect_user_id,
}
else:
payee = {}
payment = paypalrestsdk.Payment({
'header': {
'PayPal-Partner-Attribution-Id':
'ramiioSoftwareentwicklung_SP'
},
'intent':
'sale',
'payer': {
"payment_method": "paypal",
},
"redirect_urls": {
"return_url":
build_absolute_uri(request.event, 'plugins:paypal:return'),
"cancel_url":
build_absolute_uri(request.event, 'plugins:paypal:abort'),
},
"transactions": [{
"item_list": {
"items": [{
"name": ('{} '.format(self.settings.prefix)
if self.settings.prefix else '') +
__('Order {slug}-{code}').format(
slug=self.event.slug.upper(),
code=payment_obj.order.code),
"quantity":
1,
"price":
self.format_price(payment_obj.amount),
"currency":
payment_obj.order.event.currency
}]
},
"amount": {
"currency": request.event.currency,
"total": self.format_price(payment_obj.amount)
},
"description":
('{} '.format(self.settings.prefix) if self.settings.prefix
else '') + __('Order {order} for {event}').format(
event=request.event.name,
order=payment_obj.order.code),
"payee":
payee
}]
})
request.session['payment_paypal_payment'] = payment_obj.pk
return self._create_payment(request, payment)
except paypalrestsdk.exceptions.ConnectionError as e:
messages.error(request,
_('We had trouble communicating with PayPal'))
logger.exception('Error on creating payment: ' + str(e))
def get_connect_url(self, request):
request.session['payment_paypal_oauth_event'] = request.event.pk
self.init_api()
return Tokeninfo.authorize_url({'scope': 'openid profile email'})
def get_connect_url(self, request):
request.session['payment_paypal_oauth_event'] = request.event.pk
self.init_api()
return Tokeninfo.authorize_url({'scope': 'openid profile email'})
def test_refresh(self):
self.assertRaises(paypal.ResourceNotFound, Tokeninfo().refresh, {})
def test_authorize_url_using_tokeninfo(self):
url = Tokeninfo.authorize_url({ 'scope': 'openid profile' })
assert_regex_matches(self, url, 'scope=openid\+profile')
def create_session():
data = request.args
user = None
registered = False
if 'code' in data:
code = data.get('code')
try:
options = configure_openid_request(code=code)
tokeninfo = Tokeninfo.create(options=options)
userinfo = tokeninfo.userinfo(options=options)
userinfo_dict = userinfo.to_dict()
if 'email' in userinfo_dict:
email = userinfo_dict.get('email')
user = User.query\
.filter_by(email=email)\
.first()
if user is None:
user = create_user_from_userinfo(userinfo_dict)
registered = True
app.logger.debug("Paypal User %s created using userinfo" %
email)
else:
app.logger.debug("User %s found using email" % email)
else:
app.logger.debug("No email found using email")
if user is not None:
if not user.is_active:
app.logger.debug("User provided is inactive.")
flash("Your e-mail is not verified. Please check your "
"inbox to verify & activate your account.")
try:
response = send_verification_notification(user)
app.logger.info(response)
app.logger.debug(
'Sent verification notification to %s' %
user.email)
except Exception as e:
app.logger.exception(e)
app.logger.debug('Redirecting to %s' %
url_for("account_verification"))
return redirect(url_for("account_verification"))
else:
app.logger.debug("User provided is active.")
if login_user(user, remember=True):
app.logger.debug("logged in user: %s" % user.email)
app.logger.debug('session == %s' % session)
if not registered and clean_phone_no(user.phone):
return render_template("authenticated_popup.html",
token=session['token'],
user=user,
redirect_to=url_for('home'))
elif registered:
if not clean_phone_no(user.phone):
return redirect(
url_for('mpesa_mobile_phone_no'))
else:
flash(
"You have been registered successfully "
"check your e-mail and phone for verification codes."
)
send_registration_notification(user)
return redirect(
url_for("account_verification"))
else:
app.logger.debug("Could not login user")
return jsonify(
success=False,
message="Forbidden: error logging you in."), 403
else:
return jsonify(
success=False,
message="could not authenticate via paypal"), 403
except Exception as e:
app.logger.exception(e)
return internal_server_error(e)
elif 'error_uri' in data:
error_uri = data.get('error_uri')
error_description = data.get('error_description')
error = data.get('error')
return internal_server_error(error)
return page_not_found()
