addons-server/apps/paypal/__init__.py

316 строки
11 KiB
Python
Исходник Обычный вид История

2010-10-11 22:24:41 +04:00
import contextlib
from decimal import Decimal
2010-10-11 22:24:41 +04:00
import socket
import urllib
2011-01-26 20:06:45 +03:00
import urllib2
2010-10-11 22:24:41 +04:00
import urlparse
2011-09-29 06:17:24 +04:00
import re
2010-10-11 22:24:41 +04:00
from django.conf import settings
from django.utils.http import urlencode, urlquote
2010-10-11 22:24:41 +04:00
2011-01-26 20:06:45 +03:00
import commonware.log
2011-06-21 00:21:28 +04:00
from statsd import statsd
2011-01-26 20:06:45 +03:00
from amo.helpers import absolutify
from amo.urlresolvers import reverse
class PaypalError(Exception):
id = None
class AuthError(PaypalError):
2011-01-26 20:06:45 +03:00
pass
errors = {'520003': AuthError}
paypal_log = commonware.log.getLogger('z.paypal')
2011-09-29 03:49:05 +04:00
def should_ignore_paypal():
"""
Returns whether to skip PayPal communications for development
purposes or not.
"""
return settings.DEBUG and 'sandbox' not in settings.PAYPAL_PERMISSIONS_URL
def add_receivers(chains, email, amount, uuid):
"""
Split a payment down into multiple receivers using the chains passed in.
"""
remainder = Decimal(str(amount))
result = {}
for number, chain in enumerate(chains, 1):
percent, destination = chain
2011-10-27 21:36:52 +04:00
this = (Decimal(str(float(amount) * (percent / 100.0)))
2011-10-26 00:20:42 +04:00
.quantize(Decimal('.01')))
remainder = remainder - this
result.update({
'receiverList.receiver(%s).email' % number: destination,
'receiverList.receiver(%s).amount' % number: str(this),
'receiverList.receiver(%s).paymentType' % number: 'DIGITALGOODS',
2011-10-27 21:36:52 +04:00
'receiverList.receiver(%s).primary' % number: 'false',
})
result.update({
'receiverList.receiver(0).email': email,
2011-10-27 21:36:52 +04:00
'receiverList.receiver(0).amount': str(amount),
'receiverList.receiver(0).invoiceID': 'mozilla-%s' % uuid,
2011-10-27 21:36:52 +04:00
'receiverList.receiver(0).primary': 'true',
'receiverList.receiver(0).paymentType': 'DIGITALGOODS',
})
return result
2011-01-26 20:06:45 +03:00
def get_paykey(data):
"""
Gets a paykey from Paypal. Need to pass in the following in data:
pattern: the reverse pattern to resolve
2011-01-26 20:06:45 +03:00
email: who the money is going to (required)
amount: the amount of money (required)
ip: ip address of end user (required)
uuid: contribution_uuid (required)
memo: any nice message
2011-09-30 04:55:50 +04:00
qs: anything you want to append to the complete or cancel(optional)
2011-01-26 20:06:45 +03:00
"""
complete = reverse(data['pattern'], args=[data['slug'], 'complete'])
cancel = reverse(data['pattern'], args=[data['slug'], 'cancel'])
2011-09-30 04:55:50 +04:00
qs = {'uuid': data['uuid']}
if 'qs' in data:
qs.update(data['qs'])
uuid_qs = urllib.urlencode(qs)
2011-01-26 20:06:45 +03:00
paypal_data = {
'actionType': 'PAY',
'currencyCode': 'USD',
'cancelUrl': absolutify('%s?%s' % (cancel, uuid_qs)),
'returnUrl': absolutify('%s?%s' % (complete, uuid_qs)),
'trackingId': data['uuid'],
'ipnNotificationUrl': absolutify(reverse('amo.paypal'))}
2011-01-26 20:06:45 +03:00
paypal_data.update(add_receivers(data.get('chains', ()), data['email'],
data['amount'], data['uuid']))
2011-01-26 20:06:45 +03:00
if data.get('memo'):
paypal_data['memo'] = data['memo']
with statsd.timer('paypal.paykey.retrieval'):
try:
response = _call(settings.PAYPAL_PAY_URL + 'Pay', paypal_data,
ip=data['ip'])
except AuthError, error:
paypal_log.error('Authentication error: %s' % error)
raise
return response['payKey']
def check_purchase(paykey):
"""
When a purchase is complete checks paypal that the purchase has gone
through.
"""
with statsd.timer('paypal.payment.details'):
try:
response = _call(settings.PAYPAL_PAY_URL + 'PaymentDetails',
{'payKey': paykey})
except PaypalError:
paypal_log.error('Payment details error', exc_info=True)
return False
return response['status']
2011-09-29 06:17:24 +04:00
def refund(txnid):
"""
Refund a payment.
Arguments: transaction id of payment to refund
Returns: A list of dicts containing the refund info for each
receiver of the original payment.
"""
OK_STATUSES = ['REFUNDED', 'REFUNDED_PENDING']
with statsd.timer('paypal.payment.refund'):
try:
response = _call(settings.PAYPAL_PAY_URL + 'Refund',
{'transactionID': txnid})
except PaypalError:
paypal_log.error('Refund error', exc_info=True)
raise
responses = []
for k in response:
g = re.match('refundInfoList.refundInfo\((\d+)\).(.*)', k)
if g:
i = int(g.group(1))
subkey = g.group(2)
while i >= len(responses):
responses.append({})
responses[i][subkey] = response[k]
for d in responses:
if d['refundStatus'] not in OK_STATUSES:
raise PaypalError('Bad refund status for %s: %s'
% (d['receiver.email'],
d['refundStatus']))
paypal_log.debug('Refund successful for transaction %s.'
' Statuses: %r'
% (txnid, [(d['receiver.email'], d['refundStatus'])
for d in responses]))
2011-09-29 06:17:24 +04:00
return responses
def check_refund_permission(token):
"""
Asks PayPal whether the PayPal ID for this account has granted
refund permission to us.
"""
# This is set in settings_test so we don't start calling PayPal
# by accident. Explicitly set this in your tests.
if not settings.PAYPAL_PERMISSIONS_URL:
return False
2011-09-29 03:49:05 +04:00
paypal_log.debug('Checking refund permission for token: %s..'
% token[:10])
try:
with statsd.timer('paypal.permissions.refund'):
r = _call(settings.PAYPAL_PERMISSIONS_URL + 'GetPermissions',
{'token': token})
2011-09-29 03:49:05 +04:00
except PaypalError, error:
paypal_log.debug('Paypal returned error for token: %s.. error: %s'
% (token[:10], error))
return False
# in the future we may ask for other permissions so let's just
# make sure REFUND is one of them.
2011-09-29 03:49:05 +04:00
paypal_log.debug('Paypal returned permissions for token: %s.. perms: %s'
% (token[:10], r))
return 'REFUND' in [v for (k, v) in r.iteritems()
if k.startswith('scope')]
def refund_permission_url(addon):
"""
Send permissions request to PayPal for refund privileges on
this addon's paypal account. Returns URL on PayPal site to visit.
"""
# This is set in settings_test so we don't start calling PayPal
# by accident. Explicitly set this in your tests.
if not settings.PAYPAL_PERMISSIONS_URL:
return ''
paypal_log.debug('Getting refund permission URL for addon: %s' % addon.pk)
with statsd.timer('paypal.permissions.url'):
url = reverse('devhub.addons.acquire_refund_permission',
args=[addon.slug])
try:
r = _call(settings.PAYPAL_PERMISSIONS_URL + 'RequestPermissions',
{'scope': 'REFUND', 'callback': absolutify(url)})
except PaypalError, e:
paypal_log.debug('Error on refund permission URL addon: %s, %s' %
(addon.pk, e))
if 'malformed' in str(e):
# PayPal is very picky about where they redirect users to.
# If you try and create a PayPal permissions URL on a
# zamboni that has a non-standard port number or a
# non-standard TLD, it will blow up with an error. We need
# to be able to at least visit these pages and alter them
# in dev, so this will give you a broken token that doesn't
# work, but at least the page will function.
r = {'token': 'wont-work-paypal-doesnt-like-your-domain'}
else:
raise
return (settings.PAYPAL_CGI_URL +
'?cmd=_grant-permission&request_token=%s' % r['token'])
def get_permissions_token(request_token, verification_code):
"""
Send request for permissions token, after user has granted the
requested permissions via the PayPal page we redirected them to.
"""
with statsd.timer('paypal.permissions.token'):
r = _call(settings.PAYPAL_PERMISSIONS_URL + 'GetAccessToken',
{'token': request_token, 'verifier': verification_code})
return r['token']
def _call(url, paypal_data, ip=None):
request = urllib2.Request(url)
if 'requestEnvelope.errorLanguage' not in paypal_data:
paypal_data['requestEnvelope.errorLanguage'] = 'en_US'
for key, value in [
('security-userid', settings.PAYPAL_EMBEDDED_AUTH['USER']),
('security-password', settings.PAYPAL_EMBEDDED_AUTH['PASSWORD']),
('security-signature', settings.PAYPAL_EMBEDDED_AUTH['SIGNATURE']),
('application-id', settings.PAYPAL_APP_ID),
('request-data-format', 'NV'),
('response-data-format', 'NV')]:
request.add_header('X-PAYPAL-%s' % key.upper(), value)
if ip:
request.add_header('X-PAYPAL-DEVICE-IPADDRESS', ip)
# Warning, a urlencode will not work with chained payments, it must
# be sorted and the key should not be escaped.
data = '&'.join(['%s=%s' % (k, urlquote(v))
for k, v in sorted(paypal_data.items())])
2011-01-26 20:06:45 +03:00
opener = urllib2.build_opener()
try:
with socket_timeout(10):
feeddata = opener.open(request, data).read()
2011-01-26 20:06:45 +03:00
except Exception, error:
paypal_log.error('HTTP Error: %s' % error)
raise
response = dict(urlparse.parse_qsl(feeddata))
if 'error(0).errorId' in response:
error = errors.get(response['error(0).errorId'], PaypalError)
paypal_log.error('Paypal Error: %s' % response['error(0).message'])
raise error(response['error(0).message'])
return response
2011-01-26 20:06:45 +03:00
2010-10-11 22:24:41 +04:00
def check_paypal_id(name):
"""
Use the button API to check if name is a valid Paypal id.
Returns bool(valid), str(msg). msg will be None if there wasn't an error.
"""
d = dict(version=settings.PAYPAL_API_VERSION,
2010-10-11 22:24:41 +04:00
buttoncode='cleartext',
buttontype='donate',
method='BMCreateButton',
l_buttonvar0='business=%s' % name)
# TODO(andym): remove this once this is all live and settled down.
if hasattr(settings, 'PAYPAL_CGI_AUTH'):
d['user'] = settings.PAYPAL_CGI_AUTH['USER']
d['pwd'] = settings.PAYPAL_CGI_AUTH['PASSWORD']
d['signature'] = settings.PAYPAL_CGI_AUTH['SIGNATURE']
else:
# In production if PAYPAL_CGI_AUTH doesn't get defined yet,
# fall back to the existing values.
d.update(dict(user=settings.PAYPAL_USER,
pwd=settings.PAYPAL_PASSWORD,
signature=settings.PAYPAL_SIGNATURE))
2010-10-11 22:24:41 +04:00
with socket_timeout(10):
2010-10-22 21:55:29 +04:00
r = urllib.urlopen(settings.PAYPAL_API_URL, urlencode(d))
2010-10-11 22:24:41 +04:00
response = dict(urlparse.parse_qsl(r.read()))
valid = response['ACK'] == 'Success'
msg = None if valid else response['L_LONGMESSAGE0']
return valid, msg
@contextlib.contextmanager
def socket_timeout(timeout):
"""Context manager to temporarily set the default socket timeout."""
old = socket.getdefaulttimeout()
try:
yield
finally:
socket.setdefaulttimeout(old)