Class: PayPalSDK::IPN::Notification

Inherits:

Object

• Object
• PayPalSDK::IPN::Notification

Defined in:

lib/ruby-paypal-extended/ipn/notification.rb

Overview

Parser and handler for incoming instant payment notifications from Paypal. The example shows a typical handler in a Rails application. Note that this is an example, please read the Paypal API documentation for all the details on creating a safe payment controller.

Example

class BackendController < ApplicationController
  def paypal_ipn
    notify = Paypal::Notification.new(request.raw_post, false)
    order = Order.find(notify.item_id)

    # Verify this IPN with Paypal.
    if notify.acknowledge
      # Paypal said this IPN is legit.
      begin
        if notify.complete? && order.total == notify.amount
          begin
            order.status = 'success'
            shop.ship(order)
            order.save!
          rescue => e
            order.status = 'failed'
            order.save!
            raise
          end
        else
          logger.error("We received a payment notification, but the " <<
                       "payment doesn't seem to be complete. Please " <<
                       "investigate. Transaction ID #{notify.transaction_id}.")
        end
    else
      # Paypal said this IPN is not correct.
      # ... log possible hacking attempt here ...
    end

    render :nothing => true
  end
end

Instance Attribute Summary

• #ipn_url ⇒ Object

  The IPN URL to connect to.

• #params ⇒ Object

  The parsed Paypal IPN data parameters.

• #raw ⇒ Object

  The raw Paypal IPN data that was received.

Instance Method Summary

• #acknowledge ⇒ Object

  Acknowledge the transaction to paypal.

• #empty! ⇒ Object

  reset the notification.

• #initialize(post, use_production = false) ⇒ Notification constructor

  Creates a new Paypal::Notification object.

• #payment_date ⇒ Object

  When was this payment received by the client.

• #status ⇒ Object

  Returns the status of this transaction.

• #test? ⇒ Boolean

  This is the invocie which you passed to paypal.

• #transaction_id ⇒ Object

  Id of this transaction (paypal number).

• #type ⇒ Object

  What type of transaction are we dealing with?.

Constructor Details

#initialize(post, use_production = false) ⇒ Notification

Creates a new Paypal::Notification object. As the first argument, pass the raw POST data that you’ve received from Paypal.

In a Rails application this looks something like this:

def paypal_ipn
  paypal = Paypal::Notification.new(request.raw_post)
  ...
end

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 94

def initialize(post, use_production = false)
  @ipn_url = use_production ? PayPalSDK::Config::PRODUCTION_IPN_URL : PayPalSDK::Config::SANDBOX_IPN_URL
  empty!
  parse(post)
end

Instance Attribute Details

#ipn_url ⇒ Object

The IPN URL to connect to. Defaults to production

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 77

def ipn_url
  @ipn_url
end

#params ⇒ Object

The parsed Paypal IPN data parameters.

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 80

def params
  @params
end

#raw ⇒ Object

The raw Paypal IPN data that was received.

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 83

def raw
  @raw
end

Instance Method Details

#acknowledge ⇒ Object

Acknowledge the transaction to paypal. This method has to be called after a new IPN arrives. Paypal will verify that all the information we received are correct and will return a ok or a fail.

Example:

def paypal_ipn
  notify = PaypalNotification.new(request.raw_post)

  if notify.acknowledge 
    ... process order ... if notify.complete?
  else
    ... log possible hacking attempt ...
  end
end

Raises:

• (IPNException)

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 149

def acknowledge      
  payload = raw
  
  uri = URI.parse(self.ipn_url)
  request_path = "#{uri.path}?cmd=_notify-validate"
  
  request = Net::HTTP::Post.new(request_path)
  request['Content-Length'] = "#{payload.size}"
  request['User-Agent']     = "ruby-paypal-extended -- http://github.com/MicahWedemeyer/ruby-paypal-extended"
  
  http = Net::HTTP.new(uri.host, uri.port)
  
  if uri.scheme == "https"
    http.use_ssl = true
    # http://www.ruby-lang.org/en/news/2007/10/04/net-https-vulnerability/
    if http.respond_to?(:enable_post_connection_check)
      http.verify_mode = OpenSSL::SSL::VERIFY_PEER
      http.enable_post_connection_check = true
      store = OpenSSL::X509::Store.new
      store.set_default_paths
      http.cert_store = store
    else
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    end
  end
  
  request = http.request(request, payload)
  
  raise IPNException.new("Faulty paypal result: #{request.body}") unless ["VERIFIED", "INVALID"].include?(request.body)
  
  request.body == "VERIFIED"
end

#empty! ⇒ Object

reset the notification.

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 129

def empty!
  @params  = {}
  @raw     = ""      
end

#payment_date ⇒ Object

When was this payment received by the client. sometimes it can happen that we get the notification much later. One possible scenario is that our web application was down. In this case paypal tries several times an hour to inform us about the notification

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 109

def payment_date
  Time.parse(params['payment_date'])
end

#status ⇒ Object

Returns the status of this transaction.

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 101

def status
  params['payment_status']
end

#test? ⇒ Boolean

This is the invocie which you passed to paypal

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 124

def test?
  params['test_ipn'] == '1'
end

#transaction_id ⇒ Object

Id of this transaction (paypal number)

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 114

def transaction_id
  params['txn_id']
end

#type ⇒ Object

What type of transaction are we dealing with?

# File 'lib/ruby-paypal-extended/ipn/notification.rb', line 119

def type
  params['txn_type']
end