001
014
015 package com.liferay.portlet.shopping.action;
016
017 import com.liferay.portal.kernel.io.unsync.UnsyncBufferedReader;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.util.HttpUtil;
021 import com.liferay.portal.kernel.util.ParamUtil;
022 import com.liferay.portal.kernel.util.UnsyncPrintWriterPool;
023 import com.liferay.portal.util.PortalUtil;
024 import com.liferay.portlet.shopping.NoSuchOrderException;
025 import com.liferay.portlet.shopping.model.ShoppingOrder;
026 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
027 import com.liferay.portlet.shopping.util.ShoppingPreferences;
028 import com.liferay.portlet.shopping.util.ShoppingUtil;
029
030 import java.io.InputStreamReader;
031 import java.io.PrintWriter;
032
033 import java.net.URL;
034 import java.net.URLConnection;
035
036 import java.util.Enumeration;
037
038 import javax.servlet.http.HttpServletRequest;
039 import javax.servlet.http.HttpServletResponse;
040
041 import org.apache.struts.action.Action;
042 import org.apache.struts.action.ActionForm;
043 import org.apache.struts.action.ActionForward;
044 import org.apache.struts.action.ActionMapping;
045
046
049 public class PayPalNotificationAction extends Action {
050
051 @Override
052 public ActionForward execute(
053 ActionMapping mapping, ActionForm form, HttpServletRequest request,
054 HttpServletResponse response)
055 throws Exception {
056
057 String invoice = null;
058
059 try {
060 if (_log.isDebugEnabled()) {
061 _log.debug("Receiving notification from PayPal");
062 }
063
064 String query = "cmd=_notify-validate";
065
066 Enumeration<String> enu = request.getParameterNames();
067
068 while (enu.hasMoreElements()) {
069 String name = enu.nextElement();
070
071 String value = request.getParameter(name);
072
073 query = query + "&" + name + "=" + HttpUtil.encodeURL(value);
074 }
075
076 if (_log.isDebugEnabled()) {
077 _log.debug("Sending response to PayPal " + query);
078 }
079
080 URL url = new URL("https:
081
082 URLConnection urlc = url.openConnection();
083
084 urlc.setDoOutput(true);
085 urlc.setRequestProperty(
086 "Content-Type","application/x-www-form-urlencoded");
087
088 PrintWriter pw = UnsyncPrintWriterPool.borrow(
089 urlc.getOutputStream());
090
091 pw.println(query);
092
093 pw.close();
094
095 UnsyncBufferedReader unsyncBufferedReader =
096 new UnsyncBufferedReader(
097 new InputStreamReader(urlc.getInputStream()));
098
099 String payPalStatus = unsyncBufferedReader.readLine();
100
101 unsyncBufferedReader.close();
102
103 String itemName = ParamUtil.getString(request, "item_name");
104 String itemNumber = ParamUtil.getString(request, "item_number");
105 invoice = ParamUtil.getString(request, "invoice");
106 String txnId = ParamUtil.getString(request, "txn_id");
107 String paymentStatus = ParamUtil.getString(
108 request, "payment_status");
109 double paymentGross = ParamUtil.getDouble(request, "mc_gross");
110 String receiverEmail = ParamUtil.getString(
111 request, "receiver_email");
112 String payerEmail = ParamUtil.getString(request, "payer_email");
113
114 if (_log.isDebugEnabled()) {
115 _log.debug("Receiving response from PayPal");
116 _log.debug("Item name " + itemName);
117 _log.debug("Item number " + itemNumber);
118 _log.debug("Invoice " + invoice);
119 _log.debug("Transaction ID " + txnId);
120 _log.debug("Payment status " + paymentStatus);
121 _log.debug("Payment gross " + paymentGross);
122 _log.debug("Receiver email " + receiverEmail);
123 _log.debug("Payer email " + payerEmail);
124 }
125
126 if (payPalStatus.equals("VERIFIED") && validate(request)) {
127 ShoppingOrderLocalServiceUtil.completeOrder(
128 invoice, txnId, paymentStatus, paymentGross, receiverEmail,
129 payerEmail, true);
130 }
131 else if (payPalStatus.equals("INVALID")) {
132 }
133
134 return null;
135 }
136 catch (Exception e) {
137 PortalUtil.sendError(e, request, response);
138
139 return null;
140 }
141 }
142
143 protected boolean validate(HttpServletRequest request) throws Exception {
144
145
146
147 String ppInvoice = ParamUtil.getString(request, "invoice");
148
149 ShoppingOrder order = ShoppingOrderLocalServiceUtil.getOrder(
150 ppInvoice);
151
152 ShoppingPreferences shoppingPrefs = ShoppingPreferences.getInstance(
153 order.getCompanyId(), order.getGroupId());
154
155
156
157 String ppReceiverEmail = ParamUtil.getString(
158 request, "receiver_email");
159
160 String payPalEmailAddress = shoppingPrefs.getPayPalEmailAddress();
161
162 if (!payPalEmailAddress.equals(ppReceiverEmail)) {
163 return false;
164 }
165
166
167
168 double ppGross = ParamUtil.getDouble(request, "mc_gross");
169
170 double orderTotal = ShoppingUtil.calculateTotal(order);
171
172 if (orderTotal != ppGross) {
173 return false;
174 }
175
176
177
178 String ppCurrency = ParamUtil.getString(request, "mc_currency");
179
180 String currencyId = shoppingPrefs.getCurrencyId();
181
182 if (!currencyId.equals(ppCurrency)) {
183 return false;
184 }
185
186
187
188 String ppTxnId = ParamUtil.getString(request, "txn_id");
189
190 try {
191 ShoppingOrderLocalServiceUtil.getPayPalTxnIdOrder(ppTxnId);
192
193 return false;
194 }
195 catch (NoSuchOrderException nsoe) {
196 }
197
198 return true;
199 }
200
201 private static Log _log = LogFactoryUtil.getLog(
202 PayPalNotificationAction.class);
203
204 }