diff options
| author | Christian Grothoff <christian@grothoff.org> | 2020-08-09 11:08:28 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2020-08-09 11:08:28 +0200 |
| commit | 3d697e34dc4ac12783cdf6402511e17ed1384c0b (patch) | |
| tree | b7c3932265fc5c4036bd4ebbe7f80f7f619db531 /design-documents/007-payment.rst | |
| parent | 069bf92a566cc83054f553be68a3f3fdc9f2a430 (diff) | |
| download | docs-3d697e34dc4ac12783cdf6402511e17ed1384c0b.tar.gz docs-3d697e34dc4ac12783cdf6402511e17ed1384c0b.tar.bz2 docs-3d697e34dc4ac12783cdf6402511e17ed1384c0b.zip | |
content: https://www.gnu.org/philosophy/words-to-avoid.en.html
Diffstat (limited to 'design-documents/007-payment.rst')
| -rw-r--r-- | design-documents/007-payment.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/design-documents/007-payment.rst b/design-documents/007-payment.rst index c797cd5..9afcf15 100644 --- a/design-documents/007-payment.rst +++ b/design-documents/007-payment.rst @@ -14,8 +14,8 @@ Requirements as well as external wallets (mobile phone, command line) * The initiator of the payment can be a Website or another channel, such as an e-mail or a messaging service. -* For paid digital content, there should be a reasonable technical barrier to - sharing the content with unauthorized users +* For paid digital works, there should be a reasonable technical barrier to + sharing the information with unauthorized users * A simple API should be offered to shops * Sharing of links or re-visiting of bookmarks should result in well-defined, behavior instead of random, ugly error messages. @@ -38,16 +38,16 @@ When *resource-URL* is requested, the storefront runs the following steps: 2. Extract the *session-ID* (or null) from the request's signed cookie 3. If *session-ID* and *order-ID* is non-null and the storefront's *session-payment-cache* contains the tuple (*order-ID*, *resource-name*, *session-ID*), - return to the client the content for *resource name*. **Terminate.** + return to the client the information for *resource name*. **Terminate.** 4. If the *session-ID* is null, assign a fresh session ID and set it in a cookie to be sent with the response 5. If *order-ID* is null, create a new order for *resource-name* by doing a ``POST /private/orders`` to the merchant backend. Store the new order ID as *order-ID*. 6. Check the status of the payment for *order-ID* under *session-ID* by doing a ``GET /private/orders/{order-ID}?session_id={session-ID}``. This results in the *order-status*, *refund-amount* and the *client-order-status-URL*. -7. If the *order-status* is paid and *refund-amount* is non-zero, +7. If the *order-status* is paid and *refund-amount* is non-zero, return to the client the refund info page for *resource name*. **Terminate.** 8. If the *order-status* is paid, store the tuple (*order-ID*, *resource-name*, *session-ID*) in *session-payment-cache* - and return to the client the content for *resource name*. **Terminate.** + and return to the client the information for *resource name*. **Terminate.** 9. Otherwise, the *order-status* is unpaid. Redirect the client to *client-order-status-URL*. **Terminate.** .. note:: @@ -111,7 +111,7 @@ The merchant backend runs the following steps to generate the HTML page for 3. If *order-ID* identifies an unpaid order *ord*, run these steps: - + 1. If the the *claim-token* request parameter does not matches the claim token of *ord*, return a 403 Forbidden response. **Terminate**. 2. Prompt the URI |