def verify(request):
form = WebhookVerifyForm(request.QUERY_PARAMS)
if not form.is_valid():
raise FormError(form.errors)
log.info('Received verification response: {r}'.format(r=form.response))
return Response(form.response)
def reset_confirm_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
confirmed = False
if buyer.locked_out:
log_cef('Attempted access to locked out account: %s' % buyer.uuid,
request,
severity=1)
else:
if buyer.new_pin == form.cleaned_data['pin']:
buyer.pin = form.cleaned_data['pin']
buyer.new_pin = None
buyer.needs_pin_reset = False
buyer.pin_confirmed = True
buyer.pin_was_locked_out = False
buyer.save()
confirmed = True
output = ConfirmedSerializer(instance=buyer, confirmed=confirmed)
return Response(output.data)
raise FormError(form.errors)
def create(request):
client = get_client().PaymentMethod
form = PaymentMethodForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
buyer = form.buyer
braintree_buyer = form.braintree_buyer
result = client.create(form.braintree_data)
if not result.is_success:
log.warning('Error on creating Payment method: {0}, {1}'.format(
buyer.uuid, result.message))
raise BraintreeResultError(result)
braintree_method = result.payment_method
log.info('PaymentMethod created for: {0}'.format(buyer.uuid))
solitude_method = BraintreePaymentMethod.objects.create(
braintree_buyer=braintree_buyer,
type=PAYMENT_METHOD_CARD,
type_name=braintree_method.card_type,
provider_id=braintree_method.token,
truncated_id=result.payment_method.last_4)
log.info('Method {0} created.'.format(solitude_method.pk))
res = serializers.Namespaced(
mozilla=serializers.LocalPayMethod(instance=solitude_method),
braintree=serializers.PayMethod(instance=braintree_method))
return Response(res.data, status=201)
def create(request):
client = get_client().Subscription
form = SubscriptionForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
data = form.braintree_data
result = client.create(data)
if not result.is_success:
log.warning('Error on creating subscription: {0}'.format(
result.message))
raise BraintreeResultError(result)
braintree_subscription = result.subscription
log.info('Subscription created in braintree {} for paymethod {}'.format(
braintree_subscription.id, form.cleaned_data['paymethod']))
subscription = BraintreeSubscription.objects.create(
amount=form.cleaned_data['amount'],
paymethod=form.cleaned_data['paymethod'],
seller_product=form.seller_product,
provider_id=braintree_subscription.id)
log.info('Subscription created in solitude: {}; braintree: {}'.format(
subscription.pk, braintree_subscription.id))
res = Namespaced(mozilla=LocalSubscription(instance=subscription),
braintree=Subscription(instance=braintree_subscription))
return Response(res.data, status=201)
def change(request):
client = get_client().Subscription
form = SubscriptionUpdateForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
subscription = form.cleaned_data['subscription']
method = form.cleaned_data['paymethod']
result = client.update(subscription.provider_id,
{'payment_method_token': method.provider_id})
log_msgs = (subscription.id, subscription.paymethod_id, method.pk)
if not result.is_success:
log.warning('Error on changing subscription: {} from {} to {}'.format(
*log_msgs))
raise BraintreeResultError(result)
subscription.paymethod = method
subscription.save()
log.info('Subscription changed: {} from {} to {}'.format(*log_msgs))
res = Namespaced(mozilla=LocalSubscription(instance=subscription),
braintree=Subscription(instance=result.subscription))
return Response(res.data, status=200)
def create(request):
client = get_client().Customer
form = BuyerForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
result = client.create()
if not result.is_success:
log.warning('Error on creating Customer: {0}, {1}'
.format(form.cleaned_data['uuid'], result.message))
raise BraintreeResultError(result)
log.info('Braintree customer created: {0}'.format(result.customer.id))
braintree_buyer = BraintreeBuyer.objects.create(
buyer=form.buyer, braintree_id=result.customer.id)
log.info('Braintree buyer created: {0}'.format(braintree_buyer.pk))
res = serializers.Namespaced(
mozilla=serializers.LocalBuyer(instance=braintree_buyer),
braintree=serializers.Customer(instance=result.customer)
)
return Response(res.data, status=201)
def test_form_error(self):
eq_(self.moz(FormError(self.form.errors)).format(),
{'mozilla':
{'name': [
{'message': u'First error', 'code': 'first'},
{'message': u'Second error', 'code': 'second'}
], '__all__': [
{'message': u'Non field error', 'code': 'non-field'}
]}
})
def cancel(request):
form = SubscriptionCancelForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
solitude_subscription = form.cleaned_data['subscription']
result = solitude_subscription.braintree_cancel()
solitude_subscription.active = False
solitude_subscription.save()
res = Namespaced(mozilla=LocalSubscription(instance=solitude_subscription),
braintree=Subscription(instance=result.subscription))
return Response(res.data)
def delete(request):
form = PayMethodDeleteForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
solitude_method = form.cleaned_data['paymethod']
solitude_method.braintree_delete()
solitude_method.active = False
solitude_method.save()
log.info('Payment method deleted from braintree: {}'.format(
solitude_method.pk))
return Response({}, status=204)
def confirm_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
confirmed = False
if buyer.pin == form.cleaned_data['pin']:
buyer.pin_confirmed = True
confirmed = True
buyer.save()
else:
buyer.pin_confirmed = False
buyer.save()
output = ConfirmedSerializer(instance=buyer, confirmed=confirmed)
return Response(output.data)
raise FormError(form.errors)
def parse(request):
form = WebhookParseForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
# Parse the gateway without doing a validation on this server.
# The validation has happened on the solitude-auth server.
gateway = get_client().Configuration.instantiate().gateway()
payload = base64.decodestring(form.cleaned_data['bt_payload'])
attributes = XmlUtil.dict_from_xml(payload)
parsed = WebhookNotification(gateway, attributes['notification'])
log.info('Received webhook: {p.kind}.'.format(p=parsed))
debug_log.debug(parsed)
processor = Processor(parsed)
processor.process()
data = processor.data
return Response(data, status=200 if data else 204)
def create(request):
client = get_client().Transaction
form = SaleForm(request.DATA)
if not form.is_valid():
raise FormError(form.errors)
result = client.sale(form.braintree_data)
if not result.is_success:
log.warning('Error on one-off sale: {}'.format(form.braintree_data))
raise BraintreeResultError(result)
our_transaction = Transaction.objects.create(
amount=result.transaction.amount,
buyer=form.buyer,
currency=result.transaction.currency_iso_code,
provider=constants.PROVIDER_BRAINTREE,
seller=form.seller_product.seller,
seller_product=form.seller_product,
status=constants.STATUS_CHECKED,
type=constants.TYPE_PAYMENT,
uid_support=result.transaction.id)
our_transaction.uuid = our_transaction.create_short_uid()
our_transaction.save()
log.info('Transaction created: {}'.format(our_transaction.pk))
braintree_transaction = BraintreeTransaction.objects.create(
kind='submit_for_settlement',
paymethod=form.cleaned_data['paymethod'],
transaction=our_transaction,
)
log.info('BraintreeTransaction created: {}'.format(
braintree_transaction.pk))
res = Namespaced(
braintree={}, # Not sure if there's anything useful to add here.
mozilla={
'braintree': LocalTransaction(braintree_transaction),
'generic': TransactionSerializer(our_transaction)
})
return Response(res.data, status=200)
def verify_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
valid = False
locked = False
if buyer.pin_confirmed:
# Note that the incr_lockout and clear_lockout methods
# trigger saves on the object. You should not do a save
# in this view as well for fear of stomping on the save
# caused by those methods.
if buyer.locked_out:
log_cef('Attempted access to locked out account: %s' %
buyer.uuid,
request,
severity=1)
locked = True
else:
valid = buyer.pin == form.cleaned_data['pin']
if not valid:
locked = buyer.incr_lockout()
if locked:
locked = True
log_cef('Locked out account: %s' % buyer.uuid,
request,
severity=1)
else:
buyer.clear_lockout(clear_was_locked=True)
output = VerifiedSerializer(instance=buyer, valid=valid, locked=locked)
return Response(output.data)
raise FormError(form.errors)
