##
# This file is part of GNU TALER.
# Copyright (C) 2014-2016 INRIA
#
# TALER is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 2.1, or (at your option) any later version.
#
# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along with
# GNU TALER; see the file COPYING. If not, see
#
# @author Florian Dold
# @author Marcello Stanisci
# @brief Implementation of a donations site.
import base64
import logging
import flask
import os
import time
import traceback
import urllib
from taler.util.talerconfig import TalerConfig, ConfigurationError
from urllib.parse import urljoin
from ..httpcommon import backend_post, backend_get
import sys
if not sys.version_info.major == 3 and sys.version_info.minor >= 6:
print("Python 3.6 or higher is required.")
print("You are using Python {}.{}.".format(sys.version_info.major, sys.version_info.minor))
sys.exit(1)
LOGGER = logging.getLogger(__name__)
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
app = flask.Flask(__name__, template_folder=BASE_DIR)
app.debug = True
app.secret_key = base64.b64encode(os.urandom(64)).decode("utf-8")
TC = TalerConfig.from_env()
try:
BACKEND_BASE_URL = TC["frontends"]["backend"].value_string(required=True)
CURRENCY = TC["taler"]["currency"].value_string(required=True)
APIKEY = TC["frontends"]["backend_apikey"].value_string(required=True)
except ConfigurationError as ce:
print(ce)
exit(1)
app.config.from_object(__name__)
##
# Extend the templating language with a function
# that fetches values from the environment.
#
# @return the environment-reading function.
@app.context_processor
def utility_processor():
def env(name, default=None):
return os.environ.get(name, default)
return dict(env=env)
##
# Return a error response to the client.
#
# @param abort_status_code status code to return along the response.
# @param params _kw_ arguments to passed verbatim to the templating engine.
def err_abort(abort_status_code, **params):
t = flask.render_template("templates/error.html", **params)
flask.abort(flask.make_response(t, abort_status_code))
##
# Issue a GET request to the backend.
#
# @param endpoint the backend endpoint where to issue the request.
# @param params (dict type of) URL parameters to append to the request.
# @return the JSON response from the backend, or a error response
# if something unexpected happens.
def backend_instanced_get(instance, endpoint, params):
backend_url = urljoin(BACKEND_BASE_URL, f"instances/{instance}/")
return backend_get(backend_url, endpoint, params)
##
# POST a request to the backend, and return a error
# response if any error occurs.
#
# @param endpoint the backend endpoint where to POST
# this request.
# @param json the POST's body.
# @return the backend response (JSON format).
def backend_instanced_post(instance, endpoint, json):
backend_url = urljoin(BACKEND_BASE_URL, f"instances/{instance}/")
return backend_post(backend_url, endpoint, json)
##
# Inspect GET arguments in the look for a parameter.
#
# @param name the parameter name to lookup.
# @return the parameter value, or a error page if not found.
def expect_parameter(name):
val = flask.request.args.get(name)
if not val:
return err_abort(400, message="parameter '{}' required".format(name))
return val
##
# "Fallback" exception handler to capture all the unmanaged errors.
#
# @param e the Exception object, currently unused.
# @return flask-native response object carrying the error message
# (and execution stack!).
@app.errorhandler(Exception)
def internal_error(e):
return flask.render_template(
"templates/error.html", message="Internal error", stack=traceback.format_exc()
)
##
# Serve the main index page.
#
# @return response object of the index page.
@app.route("/")
def index():
return flask.render_template("templates/index.html", merchant_currency=CURRENCY)
##
# Serve the "/javascript" page.
#
# @return response object for the /javascript page.
@app.route("/javascript")
def javascript_licensing():
return flask.render_template("templates/javascript.html")
##
# Serve the "/checkout" page. This page lets the
# user pick the payment method they want to use,
# and finally confirm the donation.
#
# @return response object for the /checkout page.
@app.route("/checkout", methods=["GET"])
def checkout():
amount = expect_parameter("donation_amount")
donation_receiver = expect_parameter("donation_receiver")
donation_donor = expect_parameter("donation_donor")
return flask.render_template(
"templates/checkout.html",
donation_amount=amount,
donation_receiver=donation_receiver,
donation_donor=donation_donor,
merchant_currency=CURRENCY,
)
##
# Serve the page advising the user about the impossibility
# of further processing the payment method they chose.
#
# @return response object about the mentioned impossibility.
@app.route("/provider-not-supported")
def provider_not_supported():
return flask.render_template("templates/provider-not-supported.html")
##
# POST the donation request to the backend. In particular,
# it uses the "POST /order" API.
#
# @return response object that will redirect the browser to
# the fulfillment URL, where all the pay-logic will
# happen.
@app.route("/donate")
def donate():
donation_receiver = expect_parameter("donation_receiver")
donation_amount = expect_parameter("donation_amount")
donation_donor = expect_parameter("donation_donor")
payment_system = expect_parameter("payment_system")
if payment_system != "taler":
return flask.redirect(flask.url_for("provider_not_supported"))
fulfillment_url = flask.url_for(
"fulfillment",
timestamp=str(time.time()),
receiver=donation_receiver,
_external=True,
)
fulfillment_url = fulfillment_url + "&order_id=${ORDER_ID}"
order = dict(
amount=donation_amount,
extra=dict(
donor=donation_donor, receiver=donation_receiver, amount=donation_amount
),
fulfillment_url=fulfillment_url,
summary="Donation to {}".format(donation_receiver),
wire_transfer_deadline=dict(t_ms=1000 * int(time.time() + 15 * 30)),
)
order_resp = backend_instanced_post(
donation_receiver, "private/orders", dict(order=order)
)
order_id = order_resp["order_id"]
return flask.redirect(
flask.url_for("fulfillment", receiver=donation_receiver, order_id=order_id)
)
##
# Serve the fulfillment page.
#
# @param receiver the donation receiver name, that should
# correspond to a merchant instance.
# @return after the wallet sent the payment, the final HTML "congrats"
# page is returned; otherwise, the browser will be redirected
# to a page that accepts the payment.
@app.route("/donation/")
def fulfillment(receiver):
order_id = expect_parameter("order_id")
pay_params = dict(order_id=order_id)
pay_status = backend_instanced_get(
receiver, f"private/orders/{order_id}", params=dict()
)
order_status = pay_status.get("order_status")
if order_status == "paid":
extra = pay_status["contract_terms"]["extra"]
return flask.render_template(
"templates/fulfillment.html",
donation_receiver=extra["receiver"],
donation_amount=extra["amount"],
donation_donor=extra["donor"],
order_id=order_id,
currency=CURRENCY,
)
return flask.redirect(pay_status["order_status_url"])