Discussion:
[Wt-interest] WResources for "popup windows" and redirections
Aarón Bueno Villares
2016-09-09 17:41:04 UTC
Permalink
I'm trying to add, to a website I'm developing, a payment method (Redsys; a
spanish virtual POS), to accept card payments. Of course, the most tricky
part is to manage the redirection (and, in the case of Redsys, an on-line
notification, which is an extra url to send payment details). So, the most
obvious way to do it is emulate what Wt currently does.

Reading the Wt implementation, I've seen two different approaches to manage
these redirections.

* Google OAuth: the redirection url is a static resource which redirects
to a private resource (which closes the windows)

* PayPalCheckoutExpress: the redirection url is just a private resource,
which closes the windows and trigger a JSignal.

Why Google OAuth uses two WResources? Is there any adventage? And why
triggering a JSignal from within javascript? Isn't it better to trigger a
signal from the resource itself?

Thank you very much in advance,
Wim Dumon
2016-09-12 15:37:53 UTC
Permalink
Hey Aaron,

Not knowing that code in detail, I assume the OAuth implementation requires
redirection to a fixed URL, while the paypal checkout allows each payment
to be redirected to a different URL. We've implemented a different payment
method (ogone) where both static resources (for the online notification
from the payment processor to the application) and private resources (for
redirections by the GUI) are used. I'd recommend to use private resources
if you can, static resources if you must.

Best regards,
Wim.
Post by Aarón Bueno Villares
I'm trying to add, to a website I'm developing, a payment method (Redsys;
a spanish virtual POS), to accept card payments. Of course, the most tricky
part is to manage the redirection (and, in the case of Redsys, an on-line
notification, which is an extra url to send payment details). So, the most
obvious way to do it is emulate what Wt currently does.
Reading the Wt implementation, I've seen two different approaches to
manage these redirections.
* Google OAuth: the redirection url is a static resource which redirects
to a private resource (which closes the windows)
* PayPalCheckoutExpress: the redirection url is just a private resource,
which closes the windows and trigger a JSignal.
Why Google OAuth uses two WResources? Is there any adventage? And why
triggering a JSignal from within javascript? Isn't it better to trigger a
signal from the resource itself?
Thank you very much in advance,
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
Aarón Bueno Villares
2016-09-14 18:42:50 UTC
Permalink
I ended up by using a static resource. What if the user closes the session
by mistake or the session process crashes when the payment has already
finished?

If the payment procedure finished (the payment has been maid), but
redirection and/or online notification is about to be sended, with static
resources you can yet register the payment in the database, in order the
user sees it the next time he connects to his user zone, even if the
originating process is destroyed. Every detail about the payment and or
cart can be sent as a codified "user_data" parameter (for example, object
serialization (boost) + encryption).

A final question about the online notification. Payment servers doesn't
usually requiere a response for the online notification; however, the
WResource always sends back something (an empty response in my case),
because it is designed to server "computationally created" data. What does
it happen in that case? Do I have to reimplement "handleAbort" or something?
Post by Wim Dumon
Hey Aaron,
Not knowing that code in detail, I assume the OAuth implementation
requires redirection to a fixed URL, while the paypal checkout allows each
payment to be redirected to a different URL. We've implemented a different
payment method (ogone) where both static resources (for the online
notification from the payment processor to the application) and private
resources (for redirections by the GUI) are used. I'd recommend to use
private resources if you can, static resources if you must.
Best regards,
Wim.
Post by Aarón Bueno Villares
I'm trying to add, to a website I'm developing, a payment method (Redsys;
a spanish virtual POS), to accept card payments. Of course, the most tricky
part is to manage the redirection (and, in the case of Redsys, an on-line
notification, which is an extra url to send payment details). So, the most
obvious way to do it is emulate what Wt currently does.
Reading the Wt implementation, I've seen two different approaches to
manage these redirections.
* Google OAuth: the redirection url is a static resource which
redirects to a private resource (which closes the windows)
* PayPalCheckoutExpress: the redirection url is just a private
resource, which closes the windows and trigger a JSignal.
Why Google OAuth uses two WResources? Is there any adventage? And why
triggering a JSignal from within javascript? Isn't it better to trigger a
signal from the resource itself?
Thank you very much in advance,
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
------------------------------------------------------------
------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and
traffic
patterns at an interface-level. Reveals which users, apps, and protocols
are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
Wim Dumon
2016-09-20 10:39:56 UTC
Permalink
Aaron,

An empty response is a perfectly valid response.

Wim.
Post by Aarón Bueno Villares
I ended up by using a static resource. What if the user closes the session
by mistake or the session process crashes when the payment has already
finished?
If the payment procedure finished (the payment has been maid), but
redirection and/or online notification is about to be sended, with static
resources you can yet register the payment in the database, in order the
user sees it the next time he connects to his user zone, even if the
originating process is destroyed. Every detail about the payment and or
cart can be sent as a codified "user_data" parameter (for example, object
serialization (boost) + encryption).
A final question about the online notification. Payment servers doesn't
usually requiere a response for the online notification; however, the
WResource always sends back something (an empty response in my case),
because it is designed to server "computationally created" data. What does
it happen in that case? Do I have to reimplement "handleAbort" or something?
Post by Wim Dumon
Hey Aaron,
Not knowing that code in detail, I assume the OAuth implementation
requires redirection to a fixed URL, while the paypal checkout allows each
payment to be redirected to a different URL. We've implemented a different
payment method (ogone) where both static resources (for the online
notification from the payment processor to the application) and private
resources (for redirections by the GUI) are used. I'd recommend to use
private resources if you can, static resources if you must.
Best regards,
Wim.
Post by Aarón Bueno Villares
I'm trying to add, to a website I'm developing, a payment method
(Redsys; a spanish virtual POS), to accept card payments. Of course, the
most tricky part is to manage the redirection (and, in the case of Redsys,
an on-line notification, which is an extra url to send payment details).
So, the most obvious way to do it is emulate what Wt currently does.
Reading the Wt implementation, I've seen two different approaches to
manage these redirections.
* Google OAuth: the redirection url is a static resource which
redirects to a private resource (which closes the windows)
* PayPalCheckoutExpress: the redirection url is just a private
resource, which closes the windows and trigger a JSignal.
Why Google OAuth uses two WResources? Is there any adventage? And why
triggering a JSignal from within javascript? Isn't it better to trigger a
signal from the resource itself?
Thank you very much in advance,
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
------------------------------------------------------------
------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and
traffic
patterns at an interface-level. Reveals which users, apps, and protocols
are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
Loading...