Hi I'm trying to make a new payment provider that's not included out of the box. I Understand that I need to derive from APaymentProvider so this where I'm at right now. But i'm a bit confused as to what the next steps are that I need to perform in relation to Tea Commerce's configuration (e.g. config files, general settings, etc.) after creating my own payment provider class.
Also kindly point me to the right thread or info that explains how to create the payment form wherein one can type in the credit card numbers etc. I can see in the Starter Kit 2.0 that there is no step 5 xlst.
You need to register you payment provider in the Tea Commerce section - Settings -> General settings -> Admin - there you have a text field where you need to specify its alias, assembly and type. Now you can select it for a payment method.
The way a standard popup/redirect payment provider works is that when TeaCommerce.goToPayment (javascript) is executed or XSLT.GeneratePaymentForm - it calls the GenerateForm method for the payment provider and constructs a form with hidden input fields for posting the data to the post url (returned from your payment provider). Normally you can specify a specific callback url/continue url/cancel url for the payment gateway. These should be the ones provided to you in the GenerateForm method. These will do some extra stuff when called and then they will ask for the continue url + cancel url in your payment provider. Now the callback method is the one you use to finalize the order. The payment gateway calls this and you need to validate the data you receive and if they are valid - return the info and Tea Commerce will finalize the order.
Thank you so much for responding. And yes I did come across "https://bitbucket.org/teasolutions/tea-commerce-tea-commerce-payment-providers" and it is what I am looking at right now. The difficult part I guess for me or the payment provider im trying to implement right now is that the post process is not as standard as just a form with hidden fields being posted back to the gateway url. The gateway expects an xml data to be posted to their url so I still have to process the hidden fields and build an xml out of it. I can either post this xml data from a javascript (XmlHttpRequest) or I can post it to a local page on my server and do the gateway posting server side.
My question right now is which one is more secure? or which one is a malpractice? I don't intend to store credit card information on the order as its properties and in turn deal with Credit Card Info Processing Compliance stuff.
The right thing to do is properly to make your GenerateForm pretty "stupid" and only return an empty dictionary and then return a form post url for your own website. Then when you post the customer to that page - you generate the xml and post it and maybe redirect the customer if needed. I think that is the start of the process.
Yes this is indeed what I am trying to do right now. The payment provider that I am struggling to implement right now is Intuit's QBMS (Quick Books Merchant Services) and I am using the Desktop Model since the Hosted Model is really confusing for me to implement as it requires a lot of Certificate Authentication which I am not yet familiar with. Thanks again for your response.
New Payment Provider
Hi I'm trying to make a new payment provider that's not included out of the box. I Understand that I need to derive from APaymentProvider so this where I'm at right now. But i'm a bit confused as to what the next steps are that I need to perform in relation to Tea Commerce's configuration (e.g. config files, general settings, etc.) after creating my own payment provider class.
Also kindly point me to the right thread or info that explains how to create the payment form wherein one can type in the credit card numbers etc. I can see in the Starter Kit 2.0 that there is no step 5 xlst.
Thanks in advance!
Hi Dennis
You need to register you payment provider in the Tea Commerce section - Settings -> General settings -> Admin - there you have a text field where you need to specify its alias, assembly and type. Now you can select it for a payment method.
The way a standard popup/redirect payment provider works is that when TeaCommerce.goToPayment (javascript) is executed or XSLT.GeneratePaymentForm - it calls the GenerateForm method for the payment provider and constructs a form with hidden input fields for posting the data to the post url (returned from your payment provider). Normally you can specify a specific callback url/continue url/cancel url for the payment gateway. These should be the ones provided to you in the GenerateForm method. These will do some extra stuff when called and then they will ask for the continue url + cancel url in your payment provider. Now the callback method is the one you use to finalize the order. The payment gateway calls this and you need to validate the data you receive and if they are valid - return the info and Tea Commerce will finalize the order.
You can have a look at the out of the box providers for Tea Commerce and get an idea of how things work - https://bitbucket.org/teasolutions/tea-commerce-tea-commerce-payment-providers
Kind regards
Anders
Hi Anders
Thank you so much for responding. And yes I did come across "https://bitbucket.org/teasolutions/tea-commerce-tea-commerce-payment-providers" and it is what I am looking at right now. The difficult part I guess for me or the payment provider im trying to implement right now is that the post process is not as standard as just a form with hidden fields being posted back to the gateway url. The gateway expects an xml data to be posted to their url so I still have to process the hidden fields and build an xml out of it. I can either post this xml data from a javascript (XmlHttpRequest) or I can post it to a local page on my server and do the gateway posting server side.
My question right now is which one is more secure? or which one is a malpractice? I don't intend to store credit card information on the order as its properties and in turn deal with Credit Card Info Processing Compliance stuff.
Regards,
Dennis
Hi Dennis
The right thing to do is properly to make your GenerateForm pretty "stupid" and only return an empty dictionary and then return a form post url for your own website. Then when you post the customer to that page - you generate the xml and post it and maybe redirect the customer if needed. I think that is the start of the process.
Kind regards
Anders
Hi Anders,
Yes this is indeed what I am trying to do right now. The payment provider that I am struggling to implement right now is Intuit's QBMS (Quick Books Merchant Services) and I am using the Desktop Model since the Hosted Model is really confusing for me to implement as it requires a lot of Certificate Authentication which I am not yet familiar with. Thanks again for your response.
Regards,
Dennis
is working on a reply...