diff options
Diffstat (limited to 'src/frontend')
-rw-r--r-- | src/frontend/checkout.php | 172 | ||||
-rw-r--r-- | src/frontend/fulfillment.php | 22 | ||||
-rw-r--r-- | src/frontend/generate_taler_contract.php | 84 | ||||
-rw-r--r-- | src/frontend/pay.php | 68 | ||||
-rw-r--r-- | src/frontend/util.php | 15 |
5 files changed, 109 insertions, 252 deletions
diff --git a/src/frontend/checkout.php b/src/frontend/checkout.php index ec9245f8..f0394bd7 100644 --- a/src/frontend/checkout.php +++ b/src/frontend/checkout.php @@ -3,34 +3,35 @@ <head> <title>Toy Store - Payment method - Taler Demo</title> <link rel="stylesheet" type="text/css" href="style.css"> - <script> - /* - @licstart The following is the entire license notice for the - JavaScript code in this page. - - Copyright (C) 2014,2015 GNUnet e.V. - - The JavaScript code in this page is free software: you can - redistribute it and/or modify it under the terms of the GNU - Lesser General Public License (GNU LGPL) as published by the - Free Software - Foundation, either version 3 of the License, or (at your option) - any later version. The code is distributed WITHOUT ANY WARRANTY; - without even the implied warranty of MERCHANTABILITY or FITNESS - FOR A PARTICULAR PURPOSE. See the GNU LGPL for more details. - - As additional permission under GNU LGPL version 3 section 7, you - may distribute non-source (e.g., minimized or compacted) forms of - that code without the copy of the GNU LGPL normally required by - section 4, provided you include this license notice and a URL - through which recipients can access the Corresponding Source. - - @licend The above is the entire license notice - for the JavaScript code in this page. - */ - </script> + <script> + /* + @licstart The following is the entire license notice for the + JavaScript code in this page. + + Copyright (C) 2014,2015 GNUnet e.V. + + The JavaScript code in this page is free software: you can + redistribute it and/or modify it under the terms of the GNU + Lesser General Public License (GNU LGPL) as published by the + Free Software + Foundation, either version 3 of the License, or (at your option) + any later version. The code is distributed WITHOUT ANY WARRANTY; + without even the implied warranty of MERCHANTABILITY or FITNESS + FOR A PARTICULAR PURPOSE. See the GNU LGPL for more details. + + As additional permission under GNU LGPL version 3 section 7, you + may distribute non-source (e.g., minimized or compacted) forms of + that code without the copy of the GNU LGPL normally required by + section 4, provided you include this license notice and a URL + through which recipients can access the Corresponding Source. + + @licend The above is the entire license notice + for the JavaScript code in this page. + */ + </script> + <script type="application/javascript" src="taler-presence.js"></script> </head> -<body onload="signal_taler_wallet_onload()"> +<body> <!-- This main goal of this page is to show to the customer all the accepted payments methods and actually implementing just Taler; technically @@ -115,7 +116,8 @@ <input type="radio" name="payment_system" value="cardme">Card Me</input> <br/> <input type="radio" name="payment_system" value="taler" - id="taler-radio-button-id" disabled="true">Taler</input> + checked + id="taler-radio-button-id" class="taler-installed-enable">Taler</input> <br/> <input type="button" onclick="pay(this.form)" value="Ok"></input> </div> @@ -129,18 +131,15 @@ /* This function is called from "taler_pay" after we downloaded the JSON contract from the merchant. We now need to pass it to the extension. */ -function handle_contract(json_contract) -{ +function handle_contract(json_contract) { var cEvent = new CustomEvent('taler-contract', { detail: json_contract }); - document.dispatchEvent(cEvent); }; /* Trigger Taler contract generation on the server, and pass the contract to the extension once we got it. */ -function taler_pay(form) -{ +function taler_pay(form) { var contract_request = new XMLHttpRequest(); /* Note that the URL we give here is specific to the Demo-shop @@ -149,19 +148,14 @@ function taler_pay(form) contract, there just must be a way to get the contract and to pass it to the wallet when the user selects 'Pay'. */ contract_request.open("GET", "generate_taler_contract.php", true); - contract_request.onload = function (e) - { - if (contract_request.readyState == 4) - { - if (contract_request.status == 200) - { + contract_request.onload = function (e) { + if (contract_request.readyState == 4) { + if (contract_request.status == 200) { /* display contract_requestificate (i.e. it sends the JSON string to the extension) alert (contract_request.responseText); */ console.log("response text:", contract_request.responseText); - //handle_contract(contract_request.responseText); - } - else - { + handle_contract(contract_request.responseText); + } else { /* There was an error obtaining the contract from the merchant, obviously this should not happen. To keep it simple, we just alert the user to the error. */ @@ -171,14 +165,13 @@ function taler_pay(form) } } }; - contract_request.onerror = function (e) - { + contract_request.onerror = function (e) { /* There was an error obtaining the contract from the merchant, obviously this should not happen. To keep it simple, we just alert the user to the error. */ alert("Failure requesting the contract:\n" + contract_request.statusText); }; - contract_request.send(null); + contract_request.send(); } @@ -186,89 +179,16 @@ function taler_pay(form) 'Ok' button. We are now supposed to trigger the "corret" payment system logic. For this demo, we only handle "taler". */ -function pay(form) -{ - for (var cnt=0; cnt < form.payment_system.length; cnt++) - { - var choice = form.payment_system[cnt]; - if (choice.checked) - { - if (choice.value == "taler") - { - taler_pay(form); - } - else - { - alert(choice.value + ": NOT available in this demo!"); - } - } +function pay(form) { + var choice = form.elements["payment_system"].value; + if (choice == "taler") { + taler_pay(form); + } + else { + alert("You selected '" + choice + "', but we do not support this payment system in the demo."); } }; - -/* The following event gets fired whenever a customer has a Taler - wallet installed in his browser. In that case, the webmaster can decide - whether or not to display/enable Taler as a payment option in the dialog. */ -function has_taler_wallet_cb(aEvent) -{ - // enable the Taler payment option from the form - var tbutton = document.getElementById("taler-radio-button-id"); - tbutton.removeAttribute("disabled"); - tbutton.setAttribute("checked", "true"); -}; - - -/* Function called when the Taler extension was unloaded; - here we disable the Taler option and check "Lisa", as - some "valid" option should always be selected. */ -function taler_wallet_unload_cb(aEvent) -{ - var tbutton = document.getElementById("taler-radio-button-id"); - tbutton.setAttribute("disabled", "true"); - var lbutton = document.getElementById("lisa-radio-button-id"); - lbutton.setAttribute("checked", "true"); -}; - - -/* The merchant signals its taler-friendlyness to the wallet, - thereby causing the wallet to make itself more visible in the menu. - This function should be called both when the page is loaded - (i.e. via body's onload) and when we receive a "taler-load" signal - (as the extension may be loaded/enabled after the page was loaded) */ -function signal_taler_wallet_onload() -{ - var eve = new Event('taler-probe'); - document.dispatchEvent(eve); -}; - - -// function included to be run to test the page despite a -// wallet not being present in the browser. Enables the -// Taler option. NOT needed in real deployments. -function test_without_wallet(){ - var tbutton = document.getElementById("taler-radio-button-id"); - tbutton.removeAttribute("disabled"); -}; - - -// /////////////// Main logic run first //////////////////////// - -// Register event to be triggered by the wallet as a response to our -// first event -document.addEventListener("taler-wallet-present", - has_taler_wallet_cb, - false); - -// Register event to be triggered by the wallet when it gets enabled while -// the user is on the payment page -document.addEventListener("taler-load", - signal_taler_wallet_onload, - false); - -// Register event to be triggered by the wallet when it is unloaded -document.addEventListener("taler-unload", - taler_wallet_unload_cb, - false); </script> </body> </html> diff --git a/src/frontend/fulfillment.php b/src/frontend/fulfillment.php index 32f3c0cd..6d49971b 100644 --- a/src/frontend/fulfillment.php +++ b/src/frontend/fulfillment.php @@ -40,9 +40,6 @@ */ -$cli_debug = false; -$backend_test = true; - function generate_msg ($link){ $msg = "<p>Thanks for donating to " . $_SESSION['receiver'] . ".</p>"; if (false != $link) @@ -50,22 +47,17 @@ function generate_msg ($link){ return $msg; } -if ($_GET['cli_debug'] == 'yes') - $cli_debug = true; +session_start(); -if ($_GET['backend_test'] == 'no') +if (!isset ($_SESSION['payment_ok'])) { - $cli_debug = true; - $backend_test = false; + echo "<p>Please come here after a successful payment!</p>"; } - -session_start(); - -if (! isset ($_SESSION['payment_ok'])) - echo "<p>Please land here after a successful payment!</p>"; -else{ +else +{ $news = false; - switch ($_SESSION['receiver']){ + switch ($_SESSION['receiver']) + { case "Taler": $news = "https://taler.net/news"; break; diff --git a/src/frontend/generate_taler_contract.php b/src/frontend/generate_taler_contract.php index 14add359..e44a4d9b 100644 --- a/src/frontend/generate_taler_contract.php +++ b/src/frontend/generate_taler_contract.php @@ -14,62 +14,24 @@ You should have received a copy of the GNU Lesser General Public License along with TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> -*/ + */ -/* - This code generates a Taler contract in JSON format. Key steps are: - 1. recover the PHP session with the contract information - 2. generate the JSON to forward to the backend - 3. forward the response with the contract from the backend to - to the wallet +include 'util.php'; - To test this feature from the command line, issue: - - - $ curl http://merchant_url/generate_taler_contract.php?cli_debug=yes - if the whole "journey" to the backend is begin tested - - $ curl http://merchant_url/generate_taler_contract.php?backend_test=no - if just the frontend job is being tested -*/ - -$cli_debug = false; -$backend_test = true; - -if (isset($_GET['cli_debug']) && $_GET['cli_debug'] == 'yes') - $cli_debug = true; - -if (isset($_GET['backend_test']) && $_GET['backend_test'] == 'no') -{ - $cli_debug = true; - $backend_test = false; -} - -// 1) recover the session information session_start(); -if (!$cli_debug && (! isset($_SESSION['receiver']))) -{ - http_response_code (404); - echo "Please select a contract before getting to this page..."; - echo "attempted : " . $_SESSION['receiver']; - exit (0); -} -/* Obtain session state */ -if (!$cli_debug) +if (!isset($_SESSION['receiver'])) { - $receiver = $_SESSION['receiver']; - $amount_value = intval ($_SESSION['amount_value']); - $amount_fraction = intval ($_SESSION['amount_fraction']); - $currency = $_SESSION['currency']; + http_response_code (400); + die(); } -else -{ - $receiver = "Test Receiver"; - $amount_value = 5; - $amount_fraction = 5; - $currency = "KUDOS"; -} +$receiver = $_SESSION['receiver']; +$receiver = $_SESSION['receiver']; +$amount_value = intval ($_SESSION['amount_value']); +$amount_fraction = intval ($_SESSION['amount_fraction']); +$currency = $_SESSION['currency']; /* Fill in variables for simple JSON contract */ // fake product id @@ -90,9 +52,6 @@ $teatax = array ('value' => 1, // Take a timestamp $now = new DateTime('now'); -$PAY_URL = "pay.php"; -$EXEC_URL = "execute.php"; - // pack the JSON for the contract // --- FIXME: exact format needs review! $contract = array ('amount' => array ('value' => $amount_value, @@ -113,8 +72,6 @@ $contract = array ('amount' => array ('value' => $amount_value, 'delivery_date' => "Some Date Format", 'delivery_location' => 'LNAME1')), 'timestamp' => "/Date(" . $now->getTimestamp() . ")/", - 'pay_url' => $PAY_URL, - 'exec_url' => $EXEC_URL, 'expiry' => "/Date(" . $now->add(new DateInterval('P2W'))->getTimestamp() . ")/", 'refund_deadline' => "/Date(" . $now->add(new DateInterval('P3M'))->getTimestamp() . ")/", 'merchant' => array ('address' => 'LNAME2', @@ -142,17 +99,11 @@ $contract = array ('amount' => array ('value' => $amount_value, 'state' => 'Test State', 'region' => 'Test Region', 'province' => 'Test Province', - 'ZIP code' => 4908))); -$json = json_encode (array ('contract' => $contract, 'exec_url' => $EXEC_URL, 'pay_url' => $PAY_URL), JSON_PRETTY_PRINT); -if ($cli_debug && !$backend_test) -{ - echo $json . "\n"; - exit; -} + 'ZIP code' => 4908))); +$json = json_encode(array('contract' => $contract, JSON_PRETTY_PRINT)); -$url = (new http\URL("http://".$_SERVER["HTTP_HOST"])) - ->mod(array ("path" => "backend/contract"), http\Url::JOIN_PATH); +$url = url_join("http://".$_SERVER["HTTP_HOST"], "backend/contract"); $req = new http\Client\Request("POST", $url, @@ -178,8 +129,11 @@ if ($status_code != 200) echo $resp->body->toString (); } else -{ $got_json = json_decode ($resp->body->toString ()); - $_SESSION['H_contract'] = $got_json->H_contract; - echo $resp->body->toString (); +{ + $got_json = json_decode ($resp->body->toString (), true); + $got_json['pay_url'] = url_rel("pay.php"); + $got_json['exec_url'] = url_rel("execute.php") . "?H_contract=" . $got_json["H_contract"]; + $_SESSION['H_contract'] = $got_json["H_contract"]; + echo json_encode ($got_json, JSON_PRETTY_PRINT); } ?> diff --git a/src/frontend/pay.php b/src/frontend/pay.php index bf0be438..9fbf5f87 100644 --- a/src/frontend/pay.php +++ b/src/frontend/pay.php @@ -25,36 +25,30 @@ */ -session_start(); - -$cli_debug = false; -$backend_test = true; +include 'util.php'; -if (isset($_GET['cli_debug']) && $_GET['cli_debug'] == 'yes') -{ - $cli_debug = true; +function respond_success() { + $_SESSION['payment_ok'] = true; + $json = json_encode( + array( + "fulfillment_url" => url_rel("fulfillment.php"))); + echo $json; } -if (isset($_GET['backend_test']) && $_GET['backend_test'] == 'no') -{ - $cli_debug = true; - $backend_test = false; -} +session_start(); if (!isset($_SESSION['H_contract'])) { - echo "No session active."; - http_response_code (301); - return; + $json = json_encode( + array("error" => "No session active")); + echo $json; + http_response_code (401); + die(); } if (isset($_SESSION['payment_ok']) && $_SESSION['payment_ok'] == true) { - $_SESSION['payment_ok'] = true; - http_response_code (301); - $url = (new http\URL($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'])) - ->mod(array ("path" => "fulfillment.php"), http\Url::JOIN_PATH); - header("Location: $url"); + respond_success(); die(); } @@ -80,26 +74,13 @@ $new_deposit_permission_edate = array_merge($new_deposit_permission, $edate); could be on an entirely different machine if desired. */ -if ($cli_debug && !$backend_test) -{ - - /* DO NOTE the newline at the end of 'echo's argument */ - //echo json_encode ($new_deposit_permission_edate, JSON_PRETTY_PRINT) - echo json_encode($new_deposit_permission, JSON_PRETTY_PRINT) - . "\n"; - exit; -} - - // Backend is relative to the shop site. /** * WARNING: the "shop site" is '"http://".$_SERVER["HTTP_HOST"]' * So do not attach $_SERVER["REQUEST_URI"] before proxying requests * to the backend */ -//$url = (new http\URL("http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"])) -$url = (new http\URL("http://".$_SERVER["HTTP_HOST"])) - ->mod(array ("path" => "backend/pay"), http\Url::JOIN_PATH); +$url = url_join("http://".$_SERVER["HTTP_HOST"], "backend/pay"); $req = new http\Client\Request("POST", $url, @@ -120,21 +101,16 @@ http_response_code ($status_code); // Now generate our body if ($status_code != 200) { - /* error: just forwarding to the wallet what - gotten from the backend (which is forwarding 'as is' - the error gotten from the mint) */ - echo json_encode ($new_deposit_permission); - echo "Error came from the backend, status $status_code\n"; - echo "\n"; - echo $resp->body->toString (); + $json = json_encode( + array( + "error" => "backend error", + "status" => $status_code, + "detail" => $resp->body->toString ())); + echo $json; } else { - $_SESSION['payment_ok'] = true; - http_response_code (301); - $url = (new http\URL($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'])) - ->mod(array ("path" => "fulfillment.php"), http\Url::JOIN_PATH); - header("Location: $url"); + respond_success(); die(); } diff --git a/src/frontend/util.php b/src/frontend/util.php new file mode 100644 index 00000000..a758d113 --- /dev/null +++ b/src/frontend/util.php @@ -0,0 +1,15 @@ +<?php +function url_join($base, $path) { + $url = (new http\URL($base)) + ->mod(array ("path" => $path), http\Url::JOIN_PATH|http\URL::SANITIZE_PATH); + return $url->toString(); +} + +// Get a url with a path relative to the +// current script's path. +function url_rel($path) { + return url_join( + $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'], + $path); +} +?> |