-
Notifications
You must be signed in to change notification settings - Fork 214
/
Copy pathviews.py
483 lines (413 loc) · 19.5 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
import logging
from decimal import Decimal as D
from django.conf import settings
from django.contrib import messages
from django.contrib.auth.models import AnonymousUser
from django.http import HttpResponse, HttpResponseBadRequest
from django.shortcuts import get_object_or_404, redirect
from django.urls import reverse
from django.utils.http import urlencode
from django.utils.translation import gettext_lazy as _
from django.views.generic import RedirectView, View
from oscar.apps.payment.exceptions import UnableToTakePayment
from oscar.apps.shipping.methods import FixedPrice, NoShippingRequired
from oscar.core.exceptions import ModuleNotFoundError
from oscar.core.loading import get_class, get_model
from paypal.exceptions import PayPalError
from paypal.express.exceptions import (
EmptyBasketException, InvalidBasket, MissingShippingAddressException, MissingShippingMethodException)
from paypal.express.facade import confirm_transaction, fetch_transaction_details, get_paypal_url
from paypal.express.gateway import buyer_pays_on_paypal
# Load views dynamically
PaymentDetailsView = get_class('checkout.views', 'PaymentDetailsView')
CheckoutSessionMixin = get_class('checkout.session', 'CheckoutSessionMixin')
ShippingAddress = get_model('order', 'ShippingAddress')
Country = get_model('address', 'Country')
Basket = get_model('basket', 'Basket')
Repository = get_class('shipping.repository', 'Repository')
Selector = get_class('partner.strategy', 'Selector')
Source = get_model('payment', 'Source')
SourceType = get_model('payment', 'SourceType')
try:
Applicator = get_class('offer.applicator', 'Applicator')
except ModuleNotFoundError:
# fallback for django-oscar<=1.1
Applicator = get_class('offer.utils', 'Applicator')
logger = logging.getLogger('paypal.express')
class RedirectView(CheckoutSessionMixin, RedirectView):
"""
Initiate the transaction with Paypal and redirect the user
to PayPal's Express Checkout to perform the transaction.
"""
permanent = False
# Setting to distinguish if the site has already collected a shipping
# address. This is False when redirecting to PayPal straight from the
# basket page but True when redirecting from checkout.
as_payment_method = False
def get_redirect_url(self, **kwargs):
try:
basket = self.build_submission()['basket']
url = self._get_redirect_url(basket, **kwargs)
except PayPalError as ppe:
messages.error(self.request, str(ppe))
if self.as_payment_method:
url = reverse('checkout:payment-details')
else:
url = reverse('basket:summary')
return url
except InvalidBasket as e:
messages.warning(self.request, str(e))
return reverse('basket:summary')
except EmptyBasketException:
messages.error(self.request, _("Your basket is empty"))
return reverse('basket:summary')
except MissingShippingAddressException:
messages.error(
self.request, _("A shipping address must be specified"))
return reverse('checkout:shipping-address')
except MissingShippingMethodException:
messages.error(
self.request, _("A shipping method must be specified"))
return reverse('checkout:shipping-method')
else:
# Transaction successfully registered with PayPal. Now freeze the
# basket so it can't be edited while the customer is on the PayPal
# site.
basket.freeze()
logger.info("Basket #%s - redirecting to %s", basket.id, url)
return url
def _get_redirect_url(self, basket, **kwargs):
if basket.is_empty:
raise EmptyBasketException()
params = {
'basket': basket,
'shipping_methods': [] # setup a default empty list
} # to support no_shipping
user = self.request.user
if self.as_payment_method:
if basket.is_shipping_required():
# Only check for shipping details if required.
shipping_addr = self.get_shipping_address(basket)
if not shipping_addr:
raise MissingShippingAddressException()
shipping_method = self.get_shipping_method(
basket, shipping_addr)
if not shipping_method:
raise MissingShippingMethodException()
params['shipping_address'] = shipping_addr
params['shipping_method'] = shipping_method
params['shipping_methods'] = []
else:
# Maik doubts that this code ever worked. Assigning
# shipping method instances to Paypal params
# isn't going to work, is it?
shipping_methods = Repository().get_shipping_methods(
user=user, basket=basket, request=self.request)
params['shipping_methods'] = shipping_methods
if settings.DEBUG:
# Determine the localserver's hostname to use when
# in testing mode
params['host'] = self.request.META['HTTP_HOST']
if user.is_authenticated:
params['user'] = user
params['paypal_params'] = self._get_paypal_params()
return get_paypal_url(**params)
def _get_paypal_params(self):
"""
Return any additional PayPal parameters
"""
return {}
class CancelResponseView(RedirectView):
permanent = False
def get(self, request, *args, **kwargs):
basket = get_object_or_404(Basket, id=kwargs['basket_id'],
status=Basket.FROZEN)
basket.thaw()
logger.info("Payment cancelled (token %s) - basket #%s thawed",
request.GET.get('token', '<no token>'), basket.id)
return super(CancelResponseView, self).get(request, *args, **kwargs)
def get_redirect_url(self, **kwargs):
messages.error(self.request, _("PayPal transaction cancelled"))
return reverse('basket:summary')
# Upgrading notes: when we drop support for Oscar 0.6, this class can be
# refactored to pass variables around more explicitly (instead of assigning
# things to self so they are accessible in a later method).
class SuccessResponseView(PaymentDetailsView):
template_name_preview = 'paypal/express/preview.html'
preview = True
error_message = _("A problem occurred communicating with PayPal - please try again later")
@property
def pre_conditions(self):
return []
def get(self, request, *args, **kwargs):
"""
Fetch details about the successful transaction from PayPal.
We use these details to show a preview of the order with a 'submit' button to place it.
The preview step can be skipped with `PAYPAL_BUYER_PAYS_ON_PAYPAL=True` inside settings.
"""
try:
self.payer_id = request.GET['PayerID']
self.token = request.GET['token']
except KeyError:
# Manipulation - redirect to basket page with warning message
logger.warning("Missing GET params on success response page")
messages.error(self.request, _("Unable to determine PayPal transaction details"))
return redirect('basket:summary')
try:
self.txn = fetch_transaction_details(self.token)
except PayPalError as e:
logger.warning("Unable to fetch transaction details for token %s: %s", self.token, e)
messages.error(self.request, self.error_message)
return redirect('basket:summary')
# Reload frozen basket which is specified in the URL
kwargs['basket'] = self.load_frozen_basket(kwargs['basket_id'])
if not kwargs['basket']:
logger.warning("Unable to load frozen basket with ID %s", kwargs['basket_id'])
messages.error(self.request, _("No basket was found that corresponds to your PayPal transaction"))
return redirect('basket:summary')
if buyer_pays_on_paypal():
return self.submit(**self.build_submission(basket=kwargs['basket']))
logger.info(
"Basket #%s - showing preview with payer ID %s and token %s",
kwargs['basket'].id, self.payer_id, self.token)
return super(SuccessResponseView, self).get(request, *args, **kwargs)
def load_frozen_basket(self, basket_id):
# Lookup the frozen basket that this txn corresponds to
try:
basket = Basket.objects.get(id=basket_id, status=Basket.FROZEN)
except Basket.DoesNotExist:
return None
# Assign strategy to basket instance
if Selector:
basket.strategy = Selector().strategy(self.request)
# Re-apply any offers
Applicator().apply(basket, self.request.user, request=self.request)
return basket
def get_context_data(self, **kwargs):
ctx = super(SuccessResponseView, self).get_context_data(**kwargs)
if not hasattr(self, 'payer_id'):
return ctx
# This context generation only runs when in preview mode
ctx.update({
'payer_id': self.payer_id,
'token': self.token,
'paypal_user_email': self.txn.value('EMAIL'),
'paypal_amount': D(self.txn.value('AMT')),
})
return ctx
def post(self, request, *args, **kwargs):
"""
Place an order.
We fetch the txn details again and then proceed with oscar's standard
payment details view for placing the order.
"""
if buyer_pays_on_paypal():
return HttpResponseBadRequest() # we don't expect any user here if we let users buy on PayPal
try:
self.payer_id = request.POST['payer_id']
self.token = request.POST['token']
except KeyError:
# Probably suspicious manipulation if we get here
messages.error(self.request, self.error_message)
return redirect('basket:summary')
try:
self.txn = fetch_transaction_details(self.token)
except PayPalError:
# Unable to fetch txn details from PayPal - we have to bail out
messages.error(self.request, self.error_message)
return redirect('basket:summary')
# Reload frozen basket which is specified in the URL
basket = self.load_frozen_basket(kwargs['basket_id'])
if not basket:
messages.error(self.request, self.error_message)
return redirect('basket:summary')
submission = self.build_submission(basket=basket)
return self.submit(**submission)
def build_submission(self, **kwargs):
submission = super(
SuccessResponseView, self).build_submission(**kwargs)
# Pass the user email so it can be stored with the order
submission['order_kwargs']['guest_email'] = self.txn.value('EMAIL')
# Pass PP params
submission['payment_kwargs']['payer_id'] = self.payer_id
submission['payment_kwargs']['token'] = self.token
submission['payment_kwargs']['txn'] = self.txn
return submission
def handle_payment(self, order_number, total, **kwargs):
"""
Complete payment with PayPal - this calls the 'DoExpressCheckout'
method to capture the money from the initial transaction.
"""
try:
confirm_txn = confirm_transaction(
kwargs['payer_id'], kwargs['token'], kwargs['txn'].amount,
kwargs['txn'].currency)
except PayPalError:
raise UnableToTakePayment()
if not confirm_txn.is_successful:
raise UnableToTakePayment()
# Record payment source and event
source_type, is_created = SourceType.objects.get_or_create(
name='PayPal')
source = Source(source_type=source_type,
currency=confirm_txn.currency,
amount_allocated=confirm_txn.amount,
amount_debited=confirm_txn.amount,
reference=confirm_txn.token)
self.add_payment_source(source)
self.add_payment_event('Settled', confirm_txn.amount,
reference=confirm_txn.correlation_id)
def get_shipping_address(self, basket):
"""
Return a created shipping address instance, created using
the data returned by PayPal.
"""
# Determine names - PayPal uses a single field
ship_to_name = self.txn.value('PAYMENTREQUEST_0_SHIPTONAME')
if ship_to_name is None:
return None
first_name = last_name = ''
parts = ship_to_name.split()
if len(parts) == 1:
last_name = ship_to_name
elif len(parts) > 1:
first_name = parts[0]
last_name = " ".join(parts[1:])
return ShippingAddress(
first_name=first_name,
last_name=last_name,
line1=self.txn.value('PAYMENTREQUEST_0_SHIPTOSTREET'),
line2=self.txn.value('PAYMENTREQUEST_0_SHIPTOSTREET2', default=""),
line4=self.txn.value('PAYMENTREQUEST_0_SHIPTOCITY', default=""),
state=self.txn.value('PAYMENTREQUEST_0_SHIPTOSTATE', default=""),
postcode=self.txn.value('PAYMENTREQUEST_0_SHIPTOZIP', default=""),
country=Country.objects.get(iso_3166_1_a2=self.txn.value('PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE')),
phone_number=self.txn.value('PAYMENTREQUEST_0_SHIPTOPHONENUM', default=""),
)
def _get_shipping_method_by_name(self, name, basket, shipping_address=None):
methods = Repository().get_shipping_methods(
basket=basket, user=self.request.user,
shipping_addr=shipping_address, request=self.request)
for method in methods:
if method.name == name:
return method
def get_shipping_method(self, basket, shipping_address=None, **kwargs):
"""
Return the shipping method used
"""
if not basket.is_shipping_required():
return NoShippingRequired()
# Instantiate a new FixedPrice shipping method instance
charge_incl_tax = D(self.txn.value('PAYMENTREQUEST_0_SHIPPINGAMT'))
# Assume no tax for now
charge_excl_tax = charge_incl_tax
name = self.txn.value('SHIPPINGOPTIONNAME')
session_method = super(SuccessResponseView, self).get_shipping_method(
basket, shipping_address, **kwargs)
if not session_method or (name and name != session_method.name):
if name:
method = self._get_shipping_method_by_name(name, basket, shipping_address)
else:
method = None
if not method:
method = FixedPrice(charge_excl_tax, charge_incl_tax)
if session_method:
method.name = session_method.name
method.code = session_method.code
else:
method = session_method
return method
class ShippingOptionsView(View):
def get(self, request, *args, **kwargs):
"""
We use the shipping address given to use by PayPal to
determine the available shipping method
"""
# Basket ID is passed within the URL path. We need to do this as some
# shipping options depend on the user and basket contents. PayPal do
# pass back details of the basket contents but it would be royal pain to
# reconstitute the basket based on those - easier to just to piggy-back
# the basket ID in the callback URL.
basket = get_object_or_404(Basket, id=kwargs['basket_id'])
user = basket.owner
if not user:
user = AnonymousUser()
# Create a shipping address instance using the data passed back
country_code = self.request.GET.get(
'SHIPTOCOUNTRY', None)
try:
country = Country.objects.get(iso_3166_1_a2=country_code)
except Country.DoesNotExist:
country = Country()
shipping_address = ShippingAddress(
line1=self.request.GET.get('SHIPTOSTREET', ''),
line2=self.request.GET.get('SHIPTOSTREET2', ''),
line4=self.request.GET.get('SHIPTOCITY', ''),
state=self.request.GET.get('SHIPTOSTATE', ''),
postcode=self.request.GET.get('SHIPTOZIP', ''),
country=country
)
methods = Repository().get_shipping_methods(
basket=basket, shipping_addr=shipping_address,
request=self.request, user=user)
return self.render_to_response(methods, basket)
def post(self, request, *args, **kwargs):
"""
We use the shipping address given to use by PayPal to
determine the available shipping method
"""
# Basket ID is passed within the URL path. We need to do this as some
# shipping options depend on the user and basket contents. PayPal do
# pass back details of the basket contents but it would be royal pain to
# reconstitute the basket based on those - easier to just to piggy-back
# the basket ID in the callback URL.
basket = get_object_or_404(Basket, id=kwargs['basket_id'])
user = basket.owner
if not user:
user = AnonymousUser()
# Create a shipping address instance using the data passed back
country_code = self.request.POST.get(
'SHIPTOCOUNTRY', None)
try:
country = Country.objects.get(iso_3166_1_a2=country_code)
except Country.DoesNotExist:
country = Country()
shipping_address = ShippingAddress(
line1=self.request.POST.get('SHIPTOSTREET', ''),
line2=self.request.POST.get('SHIPTOSTREET2', ''),
line4=self.request.POST.get('SHIPTOCITY', ''),
state=self.request.POST.get('SHIPTOSTATE', ''),
postcode=self.request.POST.get('SHIPTOZIP', ''),
country=country
)
methods = Repository().get_shipping_methods(
basket=basket, shipping_addr=shipping_address,
request=self.request, user=user)
return self.render_to_response(methods, basket)
def render_to_response(self, methods, basket):
pairs = [
('METHOD', 'CallbackResponse'),
('CALLBACKVERSION', '61.0'),
('CURRENCYCODE', self.request.POST.get('CURRENCYCODE', 'GBP')),
]
if methods:
for index, method in enumerate(methods):
charge = method.calculate(basket).incl_tax
pairs.append(('L_SHIPPINGOPTIONNAME%d' % index,
str(method.name)))
pairs.append(('L_SHIPPINGOPTIONLABEL%d' % index,
str(method.description)))
pairs.append(('L_SHIPPINGOPTIONAMOUNT%d' % index, charge))
# For now, we assume tax and insurance to be zero
pairs.append(('L_TAXAMT%d' % index, D('0.00')))
pairs.append(('L_INSURANCEAMT%d' % index, D('0.00')))
# We assume that the first returned method is the default one
pairs.append(('L_SHIPPINGOPTIONISDEFAULT%d' % index,
1 if index == 0 else 0))
else:
# No shipping methods available - we flag this up to PayPal indicating that we
# do not ship to the shipping address.
pairs.append(('NO_SHIPPING_OPTION_DETAILS', 1))
payload = urlencode(pairs)
logger.debug("Basket #%s - returning postage costs payload = '%s'", basket.id, payload)
return HttpResponse(payload)