[bop-devel] Hosted Payment

Stefan Hornburg (Racke) racke at linuxia.de
Fri Jul 18 21:36:50 PDT 2014 

On 07/18/2014 05:32 PM, Angus Rogerson wrote:
> 
> Hello BOP developers,
> 
> I have been working on an interface to beanstream's (www.beanstream.com) hosted payment service using Interchange (www.icdevgroup.org). (When our users are ready to make a payment, we redirect them to beanstream where they enter their payment information, then beanstream bounces them back to our site with confirmation of payment. We don't see their card number and don't have to worry (as much) about PCI compliance.)
> 
> There are examples of this type of process in interchange for using payment modes which require user verification with the host (ex: Verified by Visa, Paypal, Google Checkout).
> 
> Has anyone done any work on adding this functionality to Business::OnlinePayment? Is anyone interested in this type of functionality?
> 
> I would think that if it were added to Business::OnlinePayment, the following changes would be needed:
> 
> Setup/Configuration Fields
> 
> allow hosted redirects
> 
> Processor Fields
> 
> errorPage - URLs for the payment processor to redirect the user back to the calling application
> successPage
> declinedPage
> 
> Credit Card Fields - become optional if allow hosted redirects
> 
> 
> Transaction Result Methods
> 
> is_success - probably returns false if a redirect is required
> is_redirect
> what_happened - used instead of is_success and is_redirect if allow hosted redirects
> 	returns: declined, error (give up), error (try again), success, redirect
> 
> redirect_url - url to send user to if the application looks after this manually
> redirect_get - appropriate object to redirect using a get
> redirect_post - appropriate object to redirect using a post
> 
> customer_information - returns any customer information collected on the hosted payment screen (ex: customer name, address etc)
> 
> The synopsis would look something like:
> 
> Submit a transaction:
> 
>> use Business::OnlinePayment;
>>  
>> my $transaction = new Business::OnlinePayment($processor, %processor_info);
>> $transaction->content(
>>                       type        => 'Visa',
>>                       amount      => '49.95',
>>                       card_number => '1234123412341238',
>>                       expiration  => '06/15',
>>                       name        => 'John Q Doe',
>                          reference  => 'application_transaction_number123',
>                          allow_hosted => 1,
>                          errorPage => myapplication/callback,
>                          successPage => myapplication/callback,
>                          declinedPage => myapplication/callback,
>>                      );
>>  
>     # Regular transaction is submitted and result is returned from payment processor
>     # or necessary mappings are performed to build a redirect for hosted
>> eval { $transaction->submit(); };
>>  
>> if ( $@ ) {
>>  
>>   print "$processor error: $@\n";
>>  
>> } else {
>         if ($transaction->is_redirect()) {
>                 print "Redirecting to " . $transaction->redirect_url() . "\n";
>                 print CGIOUT $transaction->redirect_get();
>         } elsif ( $transaction->is_success() ) {
>>     print "Card processed successfully: ". $transaction->authorization()."\n";
>>   } else {
>>     print "Card was rejected: ". $transaction->error_message(). "\n";
>>   }
>>  
>> }
> 
> 
> Callback:
> 
>> use Business::OnlinePayment;
>>  
>> my $transaction = new Business::OnlinePayment($processor, %processor_info)
> 
> eval ($transaction->hosted_results(
>                          %CGI which includes reference returned by payment host
>                           )
>         );
> 
> # Application restores any necessary session information using reference application_transaction_number123
> restore_application_session_information ($transaction->reference());
> 
>> if ( $@ ) {
>>  
>>   print "$processor error: $@\n";
>>  
>> } else {
>         if ($transaction->is_redirect()) {
>                 print "Redirecting to " . $transaction->redirect_url() . "\n";
>                 print CGIOUT $transaction->redirect_get();
>         } elsif ( $transaction->is_success() ) {
>>     print "Card processed successfully: ". $transaction->authorization()."\n";
>        print "User provided the following new address information: \n" . join ("\n", $transaction->customer_information()) . "\n";
>>   } else {
>>     print "Card was rejected: ". $transaction->error_message(). "\n";
>>   }
>>  
>> }
> 
> 
> Any comments?
> 

I would be very interested to extend BOP in a manner to support these callbacks, which are used in one or the other form
by any gateway today (at least if you want to evade PCI compliance).

The question is if we:

1. extend BOP itself
2. write a subclass of BOP adding methods needed for redirect
3. write BOP 2nd generation (Moo, get rid of HTTPS::Any, ...)

Regards
	Racke

-- 
Perl and Dancer Development

Visit our Perl::Dancer conference 2014:

http://act.perl.dance/

More information about the bop-devel mailing list