Page MenuHomePhabricator

Spike: get Amazon authentication working with automatic redirect
Closed, ResolvedPublic2 Story Points

Description

We can't load Amazon's scripts on any page before the Amazon-specific payments form. Once the donor gets to Special:AmazonGateway, they should be redirected to the Amazon authentication screen without having to click a button.

Some info on redirect authentication:
https://payments.amazon.com/documentation/lpwa/201750560#201750010

Details

Related Gerrit Patches:
mediawiki/extensions/DonationInterface : amazonClean up a bit of Amazon javascript
mediawiki/extensions/DonationInterface : amazonUse modern hook registration for Amazon
mediawiki/extensions/DonationInterface : amazonMove Amazon Widget script and return URL into account
mediawiki/extensions/DonationInterface : payWithAmazonMove Amazon Widget script and return URL into account
mediawiki/extensions/DonationInterface : payWithAmazonClean up a bit of Amazon javascript
mediawiki/extensions/DonationInterface : payWithAmazonUse modern hook registration for Amazon
mediawiki/extensions/DonationInterface : payWithAmazonRedirect to Amazon for login

Event Timeline

Ejegg created this task.Aug 5 2015, 9:27 PM
Ejegg raised the priority of this task from to Needs Triage.
Ejegg updated the task description. (Show Details)
Ejegg added a project: Fundraising-Backlog.
Ejegg added a subscriber: Ejegg.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 5 2015, 9:27 PM
DStrine set Security to None.Aug 5 2015, 10:11 PM
DStrine edited a custom field.
Ejegg claimed this task.Aug 7 2015, 5:56 PM
Ejegg moved this task from Backlog to Doing on the Fundraising Sprint Queen board.
Ejegg added a comment.Aug 7 2015, 9:07 PM

This has to be done via a Jacascript redirect (so not as fast as server redirect), but it turns out to be not that hard.
From the Javascript SDK Reference and the page linked above you can piece this together:

window.onAmazonLoginReady = function() {
	amazon.Login.setClientId( OUR_CLIENT_ID );
	amazon.Login.setUseCookie( true );
	amazon.Login.setSandboxMode( true ); // if you want to use test accounts

	if ( !loggedIn ) { 
		loginOptions = {
			scope: 'payments:widget',
			popup: false
		};
		amazon.Login.authorize( loginOptions, RETURN_URL );
	}
}

Then source either the widget script or just the login script. It'll call your function as soon as it's loaded and immediately redirect. With the Login.authorize call there's no need to simulate clicking on a button.
You can determine whether the user is logged in by looking at the hash that's appended to the return url, which you are then supposed to store in a cookie called amazon_Login_accessToken (for use by the widgets, I think).

Change 230253 had a related patch set uploaded (by Ejegg):
Clear out old Amazon code to prepare for PwA

https://gerrit.wikimedia.org/r/230253

Change 230707 had a related patch set uploaded (by Ejegg):
Redirect to Amazon for login

https://gerrit.wikimedia.org/r/230707

Ejegg moved this task from Doing to Review on the Fundraising Sprint Queen board.Aug 11 2015, 7:57 PM

Change 230707 merged by jenkins-bot:
Redirect to Amazon for login

https://gerrit.wikimedia.org/r/230707

Change 231585 had a related patch set uploaded (by Ejegg):
Move Amazon Widget script and return URL into account

https://gerrit.wikimedia.org/r/231585

Change 231595 had a related patch set uploaded (by Ejegg):
Clean up a bit of Amazon javascript

https://gerrit.wikimedia.org/r/231595

Change 231596 had a related patch set uploaded (by Ejegg):
Use modern hook registration for Amazon

https://gerrit.wikimedia.org/r/231596

Change 231792 had a related patch set uploaded (by Ejegg):
Move Amazon Widget script and return URL into account

https://gerrit.wikimedia.org/r/231792

Change 231793 had a related patch set uploaded (by Ejegg):
Use modern hook registration for Amazon

https://gerrit.wikimedia.org/r/231793

Change 231794 had a related patch set uploaded (by Ejegg):
Clean up a bit of Amazon javascript

https://gerrit.wikimedia.org/r/231794

Change 231596 abandoned by Ejegg:
Use modern hook registration for Amazon

Reason:
rebased into another change set

https://gerrit.wikimedia.org/r/231596

Change 231595 abandoned by Ejegg:
Clean up a bit of Amazon javascript

Reason:
rebased into alternate reality

https://gerrit.wikimedia.org/r/231595

Change 231585 abandoned by Ejegg:
Move Amazon Widget script and return URL into account

Reason:
Rebased onto alternate future

https://gerrit.wikimedia.org/r/231585

Change 231792 merged by jenkins-bot:
Move Amazon Widget script and return URL into account

https://gerrit.wikimedia.org/r/231792

Change 231793 merged by jenkins-bot:
Use modern hook registration for Amazon

https://gerrit.wikimedia.org/r/231793

Change 231794 merged by jenkins-bot:
Clean up a bit of Amazon javascript

https://gerrit.wikimedia.org/r/231794

Ejegg closed this task as Resolved.Aug 26 2015, 5:23 PM
Ejegg moved this task from Review to Done on the Fundraising Sprint Rowlf the Dog board.