commit 94b85f9af291666c8ff2114191acc18aa74d1fd6
parent e7d57b527dd3ad8b73d9569fc6f048d3c074f410
Author: Marcello Stanisci <marcello.stanisci@inria.fr>
Date: Fri, 22 Apr 2016 17:26:16 +0200
using util.php from donation shop
Diffstat:
5 files changed, 68 insertions(+), 106 deletions(-)
diff --git a/examples/blog/essay_fulfillment.php b/examples/blog/essay_fulfillment.php
@@ -26,7 +26,7 @@
return;
}
session_start();
-
+ //syslog($LOG_ERR, "merchant: official log system");
$payments = &pull($_SESSION, 'payments', array());
$my_payment = &pull($payments, $article, false);
@@ -43,11 +43,9 @@
$js_code = "get_contract(\"$article\");";
$cc_page = template("./essay_cc-form.html", array('article' => $article, 'jscode' => $js_code));
echo $cc_page;
- log_string("cnt blog");
return;
}
- log_string("restoring blog");
- //log_string("state: " . print_r($_SESSION, true));
+ // using deeplink (whether 1st time or not)
// restore contract
$now = new DateTime();
$now->setTimestamp(intval($timestamp));
@@ -78,14 +76,14 @@
}
$hc = json_decode($resp->body->toString(), true)['H_contract'];
$my_payment['hc'] = $hc;
- log_string("sending payment event");
+ syslog($LOG_INFO, "sending payment event");
$js_code = "taler.executePayment(\"$hc\", \"$pay_url\", \"$offering_url\");";
$cc_page = template("./essay_cc-form.html", array('article' => $article, 'jscode' => $js_code));
echo $cc_page;
return;
}
// control here == article payed
- log_string("arti blog");
+ syslog($LOG_INFO, "showing article");
$article = get_article($article);
echo $article;
?>
diff --git a/examples/blog/essay_pay.php b/examples/blog/essay_pay.php
@@ -19,7 +19,7 @@
include("../../copylib/util.php");
include("./blog_lib.php");
- log_string("paying");
+ syslog($LOG_INFO, "paying");
$article = get($_GET["article"]);
if (empty($article)){
@@ -56,7 +56,6 @@
echo $json;
die();
}
- // FIXME put some control below
// with the article that's going to be payed
$resp = give_to_backend("backend/pay",
diff --git a/examples/shop/fulfillment.php b/examples/shop/fulfillment.php
@@ -28,8 +28,7 @@
}
</script>
</head>
-<body style="display:none;">
-
+<body style="display:none;">
<header>
<div id="logo">
<svg height="100" width="100">
@@ -50,9 +49,9 @@
include '../../copylib/util.php';
-$hc = get($_GET["uuid"]);
+$receiver = get($_GET["receiver"]);
-if (empty($hc)) {
+if (empty($receiver)) {
http_response_code(400);
echo "<p>Bad request (UUID missing)</p>";
return;
@@ -60,32 +59,53 @@ if (empty($hc)) {
session_start();
-$payments = get($_SESSION['payments'], array());
-$my_payment = get($payments[$hc]);
+$payments = &pull($_SESSION, 'payments', array());
+$my_payment = &pull($payments, $receiver, array());
// This will keep the query parameters.
$pay_url = url_rel("pay.php");
+$offering_url = url_rel("index.php", true);
+
+if (array() === $my_payment || true !== get($my_payment["is_payed"], false)) {
+ // restore contract
+
+ $contract = generate_contract(array(
+ "amount_value" => $_GET['aval'],
+ "amount_fraction" => $_GET['afrac'],
+ "currency" => $_GET['acurr'],
+ "refund_delta" => 'P3M',
+ "transaction_id" => $_GET['tid'],
+ "description" => "Donation to " . $receiver,
+ "product_id" => $p_id,
+ "correlation_id" => "",
+ "merchant_name" => "Kudos Inc.",
+ "taxes" => array(),
+ "now" => $_GET['timestamp'],
+ "fulfillment_url" => get_full_uri())
+ );
+
+ $json = json_encode(array(
+ 'contract' => $contract
+ ), JSON_PRETTY_PRINT);
+
+ $resp = give_to_backend("backend/contract", $json);
+ if ($resp->getResponseCode() != 200){
+ echo json_encode(array(
+ 'error' => "internal error",
+ 'hint' => "failed to regenerate contract",
+ 'detail' => $resp->body->toString()
+ ), JSON_PRETTY_PRINT);
+ return;
+ }
-$offering_url = url_rel("checkout.php", true);
-
-if (null === $my_payment) {
- // TODO: show spinner after timeout
- echo "<p>you do not have the session state for this contract: " . $hc . "</p>";
- echo "<p>Asking the wallet to re-execute it ... </p>";
- echo "<script>taler.executePayment('$hc', '$pay_url', '$offering_url');</script>";
- return;
-}
-
-if (true !== get($my_payment["is_payed"], false)) {
- // TODO: show spinner after timeout
+ $hc = json_decode($resp->body->toString(), true)['H_contract'];
+ $my_payment['ispayed'] = false;
+ $my_payment['hc'] = $hc;
echo "<p>you have not payed for this contract: " . $hc . "</p>";
echo "<p>Asking the wallet to re-execute it ... </p>";
- echo "<script>taler.executePayment('$hc', '$pay_url');</script>";
- return;
+ echo "<script>taler.executePayment('$hc', '$pay_url', '$offering_url');</script>";
}
-$receiver = $my_payment["receiver"];
-
$news = false;
switch ($receiver) {
case "Taler":
diff --git a/examples/shop/generate_taler_contract.php b/examples/shop/generate_taler_contract.php
@@ -47,7 +47,7 @@ $now = new DateTime('now');
// Include all information so we can
// restore the contract without storing it
$fulfillment_url = url_rel("fulfillment.php")
- . '?uuid=${H_contract}'
+ . '?timestamp=' . $now->getTimestamp()
. '&receiver=' . urlencode($receiver)
. '&aval=' . urlencode($amount_value)
. '&afrac=' . urlencode($amount_fraction)
@@ -70,69 +70,15 @@ $contract = generate_contract(array(
"fulfillment_url" => $fulfillment_url)
);
+file_put_contents("/tmp/shit.json", $contract);
-// pack the JSON for the contract
-
-/*
-$contract = array(
- 'fulfillment_url' => $fulfillment_url,
- 'amount' => array(
- 'value' => $amount_value,
- 'fraction' => $amount_fraction,
- 'currency' => $currency
- ),
- 'max_fee' => array(
- 'value' => 3,
- 'fraction' => 01010,
- 'currency' => $currency
- ),
- 'transaction_id' => $transaction_id,
- 'products' => array(
- array(
- 'description' => $desc,
- 'quantity' => 1,
- 'price' => array (
- 'value' => $amount_value,
- 'fraction' => $amount_fraction,
- 'currency' => $currency
- ),
- 'product_id' => $p_id,
- )
- ),
- 'timestamp' => "/Date(" . $now->getTimestamp() . ")/",
- 'expiry' => "/Date(" . $now->add(new DateInterval('P2W'))->getTimestamp() . ")/",
- 'refund_deadline' => "/Date(" . $now->add(new DateInterval('P3M'))->getTimestamp() . ")/",
- 'merchant' => array(
- 'name' => 'Kudos Inc.'
- )
-);
-*/
-
-$json = json_encode(array(
- 'contract' => $contract
-), JSON_PRETTY_PRINT);
-
-$url = url_join("http://".$_SERVER["HTTP_HOST"], "backend/contract");
-
-$req = new http\Client\Request("POST",
- $url,
- array ("Content-Type" => "application/json"));
-
-$req->getBody()->append($contract);
-
-// Execute the HTTP request
-$client = new http\Client;
-$client->enqueue($req)->send();
-
-// Fetch the response
-$resp = $client->getResponse();
-$status_code = $resp->getResponseCode();
+$resp = give_to_backend("backend/contract", $contract);
// Our response code is the same we got from the backend:
-http_response_code($status_code);
+http_response_code($resp->getResponseCode());
// Now generate our body
-if ($status_code != 200)
+if ($resp->getResponseCode() != 200)
{
echo json_encode(array(
'error' => "internal error",
@@ -142,14 +88,8 @@ if ($status_code != 200)
}
else
{
+ # no state here
$got_json = json_decode($resp->body->toString(), true);
- $hc = $got_json["H_contract"];
-
- $payments = &pull($_SESSION, "payments", array());
- $payments[$hc] = array(
- 'receiver' => $receiver,
- );
-
echo json_encode ($got_json, JSON_PRETTY_PRINT);
}
?>
diff --git a/examples/shop/pay.php b/examples/shop/pay.php
@@ -18,33 +18,38 @@
include '../../copylib/util.php';
-$hc = get($_GET["uuid"]);
-if (empty($hc))
+// so we won't generate a response for the wrong receiver.
+$receiver = get($_GET["receiver"]);
+if (empty($receiver))
{
http_response_code(400);
echo json_encode(array(
"error" => "missing parameter",
- "parameter" => "uuid"
+ "parameter" => "receiver"
));
return;
}
-// TODO: check if contract body matches URL parameters,
-// so we won't generate a response for the wrong receiver.
-$receiver = get($_GET["receiver"]);
-if (empty($receiver))
+$payments = &pull($_SESSION, "payments", array());
+$my_payment = get($payments[$receiver]);
+
+if (null === $my_payment)
{
http_response_code(400);
echo json_encode(array(
- "error" => "missing parameter",
- "parameter" => "receiver"
+ "error" => "no payment session active"
));
return;
}
+
$post_body = file_get_contents('php://input');
$deposit_permission = json_decode ($post_body, true);
+// Check if the receiver is actually *mentioned* in the
+// contract
+
+
/* Craft the HTTP request, note that the backend
could be on an entirely different machine if
desired. */
@@ -57,7 +62,7 @@ $req = new http\Client\Request("POST",
array("Content-Type" => "application/json"));
$req->getBody()->append (json_encode ($deposit_permission));
-// Execute the HTTP request
+// Execute the HTTP request to the backend
$client = new http\Client;
$client->enqueue($req)->send();
