I've inherited an app which uses the legacy shopify API and I have a hard deadline of August 21st, so I want to avoid updating the API to solve the problem.
We are selling e-documents, and the current purchase process is as follows:
User searches and places a product in the cart
The User checks out
and goes through the purchase process on the Shopify site
This all seems to work fine. What we would like is to redirect the user back to our app with information about the successful purchase (or failure) of the products. As it stands, we don't know what products the user has purchased and we are therefore unable to provide them links to download the documents.
Is there some parameter we can pass to shopify to create that redirect, or do we need to ping the API about past purchases, or is there some other step we are missing?
This one is quite easy... Shopify provides you with a textarea element in the admin (checkout and payments) where you can paste code. In this code, you have access to the entire order contents. You can get at this with Liquid.
All you have to do, is render a link to your App and pass the order details to the App via that link. Now your customers will see the Thank You for your purchase, and a button/link to click to complete things as you wish.
Okay, it turns out that what I'm looking for are shopify Webhooks: http://wiki.shopify.com/WebHook
It appears that the app is already set up to send order_create and order_payed and all we have to do is capture the data sent to us.
Related
I've been working on my first RoR/Shopify-application for the last couple of weeks and it is nearly finished. The only thing I'm having trouble with are the application charges. When a user sees my application in the store he clicks on "Get" and the authentication process is then initialized. The app is being installed and the user can Accept/Decline the charges. If he declines, he is redirected to my app listing in the store.
Now here is my problem. If the user declines the fees my application is still installed and if he clicks on my banner a second time I need to check whether he is paying for it or not. I do it via
if (ShopifyAPI::RecurringApplicationCharge.current)
some logic since the charge is valid
else
redirect_to billing_index_path(:shop_url => cur_shop_url)
My idea was to make the popup with the charging fees show up once again if the user hasn't paid yet. This doesn't work and I get an error saying that my site was not displayed because the X-Frame-Options are set to DENY. I've already tried to delete the options in my application_controller.rb and also in my application.rb using either
Response.headers.delete('X-Frame-Options')
and
config.action_dispatch.default_headers.delete('X-Frame-Options')
respectively. The first time the user installs the app everything seems to work, the embedding, the logic etc. but after he tries it a second time all hell breaks loose. How can I embed all the sites each time a user accesses my application? I read that Shopify's response has a DENY Header by default but I am sure that there must be a solution to this problem. I can't make a user uninstall the app every single time.
Thanks in advance
Shopify ignore 302's to their charge approval forms. The reason being, that your app is embedded in an iframe. The payment confirmation endpoint refuses to be embedded inside an iframe regardless of origin - they don't even whitelist their own site!!
This means you CANNOT simply do a form post and 302 on success to the subscription confirmation url, that would be too easy.
You MUST write some javascript that will take the confirmation url and perform window.top.location = confirm_url;.
You MUST break out of the iframe or shopify will also deny you redirect capabilities and you'll be back where you were.
Alternatively, you can open the link in a new window.
I had to convert my 'quick and simple' app to make an Ajax call to submit the subscription information to my server, then do a JS redirect using the resulting confirmation url sent back.
Have to say, Shopify's API is horrendously under-documented, and incredibly poorly implemented. At every turn their "API" puts up a roadblock.
Add these below code in config/application.rb file
config.action_dispatch.default_headers['P3P'] = 'CP="Not used"'
config.action_dispatch.default_headers.delete('X-Frame-Options')
config.active_record.raise_in_transactional_callbacks = true
Ok this is by far not the solution I was looking for but oh well. If I see that the charge is not valid I redirect the user to my billing_error_path. There I have a button with a link_to to my shopify-app listing. There he can click on "Get" once again and is then redirected back to my shop and can accept/decline the fees once again. Probably not the best solution but at least it does what I was looking for
I have a Google Apps Marketplace (v2) app I am working on setting up Oauth2 for.
I've got everything working, but for some reason when I do a redirect to the authentication page, after, after you select which Google account to use (if like you're me and are testing, you have to pick one of several Google accounts you're currently signed into), I get sent to another page which seems utterly pointless:
This is bizarre and annoying, because I am logging in as the domain administrator!
Does anyone know a way to skip this screen, or what I might be doing to be cursed with this terrible user experience?
I just confirmed that having access_type=offline will always display this page, even with approval_prompt=auto. You will always get back a refresh token as well.
The only way to hide it is to remove access_type=offline on future login requests (ask only on signup).
I believe this shows up only if app requests refresh token for offline access. Also this should only appear first time you access the app after installation.
In order to skip this you need to update app to not request refresh tokens.
Using the PayPal REST API, I cannot seem to figure out how to cancel a payment after a client clicks the "Cancel order and return to website" link. Perhaps in production mode PayPal cancels these payments automatically, but in sandbox mode they seem to stay in the "created" state.
That observation lead me to believe that I need to programmatically cancel each payment upon return to the website's "cancel_url" page. However, I cannot seem to find a cancel function in the PayPal REST API documentation.
https://developer.paypal.com/docs/api/
For what it's worth, I'm using the Ruby API.
I have been in contact with PayPal's technical support last week and this is what they said:
If the buyer has completed the work on the PayPal checkout page
without cancelling the checkout, then they are redirected back to your
site. If you wish for them to have a cancellation at that point, you
can build the Return URL to have a final confirmation (showing final
total to be billed). So at this point the buyer is on your site, but
the payment execution has not happened. If the buyer decides to
proceed, then you run the execute command, updating your database with
the successful payment details. If the buyer decides to cancel at
that point, you do not run the execute command, and purge the payment
ID and the buyer's Payer ID. There would be no request that you would
need to pass to PayPal to cancel what the buyer did on PayPal. This
would be the same type of process done with the Classic APIs using
Express Checkout. Once the buyer gets sent over to PayPal, they
choose the funding source and shipping address and get sent back to
your site, if they want to cancel the transaction, your site does not
send any API call to PayPal to cancel or void the EC token. It is
just not used to collect the payment.
When asked how to handle non-executed payments and if they automatically void non-executed payments after a certain amount of time:
Yes, I recommend deleting the Payment ID from your database, so there
is no accidental payment. Our system, by default, will expire the
payment approval made by PayPal payers if the payment hasn't been
executed within 3 hours.
Permission has been given by PayPal to post their answer here.
I actually talked directly with someone from PayPal. The answer was:
Once a user authorized a sale, the sale has to be executed. It cannot be canceled
past beyond that point. So if the user comes back on your return URL, you are
simply expected to run an "execute" command on your payment.
This may not directly apply to your case. I think that the only way to "cancel" would be to first "execute", then apply a full "refund". Otherwise, never execute (which I also view as strange because that looks like a potential for security problems. That said, the main problem that could happen is an "execute" on the payment and your company would receive the money that you can then manually refund if necessary...)
I think you need to void the authorization of the payment:
https://developer.paypal.com/docs/api/#void-an-authorization
I used paypal api v2, and there is cancel order api.
https://developer.paypal.com/docs/api/orders/v1/?mark=cancel%20order#orders_cancel
I'm coding a simple app which should use some FB connect mechanics but I don't want too much overhead here so maybe you can share your thoughts/experience on my task:
merchants can post products they want to give away for free
users can register for the article and get into a raffle
Once a user enters the page, I want the page to connect to his FB profile URL (facebook.com/username). User hits a "Add me to the raffle" button, the FB profile URL gets stored into my model. The merchant or a cron choses the FB profile URL randomly, displays it and lets the merchant connect to the winner (this I realised already).
This is what I've done so far:
http://limitless-brook-6233.herokuapp.com/ads/1
as you can see, I realised it via email addresses which get shuffled by the merchant. This is not very clever since FB profiles are somehow more unique and everyone can participate only one time.
What is the smartest way in your opinion to retrieve a user's Facebook URL and store it into my database? I just need to attach it to some text/input field (non editable) and let the user hit that button.
Thanks for any support.
You need to use Facebook login, take a look here
https://developers.facebook.com/docs/facebook-login/
or here
https://github.com/mkdynamic/omniauth-facebook
for the second one use version 1.4.0 as 1.4.1 has ome annoying bugs.
I am currently working a system whereby my users can pay for items that they have added to an order.
The payment will be using Worldpay.
I have a Worldpay account, but I am a little confused as to what steps I need to do next.
I am using symfony and I have an order, with products associated to it. I have then created a 'Pay Now' link, which links to a executePayment action.
What I'd really like, is for this to then take me to the hosted payment pages on Worldpay, pay for the order and then takes me back to my site to an order success page.
Has anyone implemented WorldPay using symfony before?
Thanks
EDIT:
So It seems, that I can have a form on the page where the Pay Now button is, but change it to a <input type="submit" /> and then post the details to https://secure-test.wp3.rbsworldpay.com/wcc/purchase
Is there some kind of callback functioanlity, to redirect me to a confirmation/failure page if the transaction was completed?
Thanks
WorldPay works like this...
1) You have a form on your website that collects your customer details. You then POST this data to https://secure-test.wp3.rbsworldpay.com/wcc/purchase
2) The customer will add their payment details in to WorldPay
3) Next, (depending on if the payment was successful or not) the user will be either directed to your resultY.html or resultC.html page that you can upload to your file management section within the WorldPay admin.
Alternatively you can supply a URL to a callback file on your server that is pinged when the customer clicks pay. This allows you to get information about the transaction and add it to your database.
With the callback page on your server, you can output a confirmation of payment, but you then have to include a link to physically get the user to come back to your site. I think automatically redirecting from this page is against Worldpay's T&Cs.
Hope this helps.
Philip
I user RBSWorldPay with Symfony - its very simple to setup - yes there is a callback function that you setup within the Settings of your RBSWorldPay account - you can also test by adding a test field - again check the RBS Documentation for testing.