Page MenuHomePhabricator
Create Task
Maniphest T329162

Adapt the PayPal notification controller to handle the new types of transaction IDs
Open, Needs TriagePublic
Actions

Description

The transaction notifications sent by PayPal will slightly change. We need to adapt our application to be able to process them. Please refer to the investigation documentation for more details.

Acceptance Criteria

  • Payment notifications for recurring payments (both from legacy and API) can be processed by our application.
  • Dependeing on the payment, the notification controller dispatches to the correct notification use case (donation, membership). Since memberships are not implemented, the controller should log an error instead.

Implementation Notes

  • To get a data for "real" IPN (needed for the test cases), you can activate the API on the test server and make a PayPal donation with our test account. Paypal will send an IPN, that will be rejected (because of its unknown transaction type) and be logged in logs/application/paypal.log on the server.
  • The transaction types (txn_type) for recurrring payments will be:
    • recurring_payment_profile_created (you can ignore this, it might get relevant later when we handle memberships)
    • recurring_payment
  • The transaction type (txn_type) for one-time payments will be cart (see T344839: Integrate PPL 5 - Adapt the Paypal notification controller to handle one-time payments)

The Fundraising Application needs to be changed to handle the new transaction types:

  • Create a a "lenient" authorizer implementation that always returns true for systemCanModifyDonation. Background Info: With API payments we no longer have an updateToken. But that's not a problem since we have other means to make the end point secure.
  • Construct the BookDonationUseCase (for PayPal) with the new lenient authorizer
  • Create a new service class (e.g. ConfirmationUseCaseDispatcher) for looking up donation/membership ID and type using IPN data: It should look at the transaction type to determine the name of the ID field (recurring_payment_id for recurring_payment, txn_id for cart ), use the database table payment_paypal_identifier to get a payment id, payment_id field in donation and membership tables to get to the type (donation/membership) and the entity id. Dispatch (with similar code as you can find in the HandlePayPalPaymentNotificationController) as follows:
    • if the transaction type is neither recurring_payment nor cart, dispatch to BookDonationUseCase (using the existing logic in the controller)
    • if payment is for membership, log a "not implemented" error
    • Do the current lookup of the donation (by Id) for all other txn_type values, calling BookDonationUseCase
  • Make the ConfirmationUseCaseDispatcher resilient: the transaction ID for a one-time donation is not found in payment_paypal_identifier, that might be a race condition, occuring when PayPal sends the notification after the use case from T354963: Add PayPal Payment Capture Use Case to Payment bounded context has issued the capture API call but before it stored the modified Order with transaction ID to the database. In this case (transaction type is cart but txn_id was not found in payment_paypal_identifier), try to read the database again after an increasing amount of seconds (flushing query caches in between) before failing. The retry mechanism should be an interface, so in production we can have an exponential backoff (e.g. 1, 2, 4, 8, 16 and 32 seconds) but when unit-testing the route we can update the database after the first or second try
  • Use ConfirmationUseCaseDispatcher in HandlePayPalPaymentNotificationController.
  • Minimum suggested additional test cases in HandlePayPalPaymentNotificationRouteTest that check the new payment data:
    • recurring_payment & matching recurring_payment_id for donations should be handled
    • recurring_payment & non-matching recurring_payment_id should be dropped (and logged)
    • cart & matching txn_id for donations should be handled for donations
    • cart & non-matching txn_id should retry until either the donation is found or the maximum limit of retries is reach (it should log then). 2 test cases
    • cart & non-matching txn_id for donations should be dropped (and logged)
    • recurring_payment & matching recurring_payment_id for memberships should log an error

Related Objects
Search...

Event Timeline

kai.nissen created this task.Feb 8 2023, 11:53 AM
Maintenance_bot added a project: WMDE-FUN-Team.Feb 8 2023, 12:30 PM
kai.nissen updated the task description. (Show Details)Feb 8 2023, 12:36 PM
kai.nissen set the point value for this task to 8.
kai.nissen moved this task from Backlog to Sprint ready on the WMDE-Fundraising-Tech board.Feb 16 2023, 9:30 AM
kai.nissen added a project: WMDE-FUN-Sprint-2023-07-10.Jul 10 2023, 10:41 AM
gabriel-wmde removed a project: WMDE-FUN-Sprint-2023-07-10.Jul 11 2023, 1:42 PM
gabriel-wmde added a parent task: T340734: Integrate new payment URL generator in Fundraising App.
gabriel-wmde renamed this task from Adapt the PayPal notification controller to handle the new types of transaction IDs to Integrate PPL 4 - Adapt the PayPal notification controller to handle the new types of transaction IDs.Jul 11 2023, 1:48 PM
gabriel-wmde added a project: WMDE-FUN-Sprint-2023-07-24.Aug 1 2023, 9:15 AM
gabriel-wmde moved this task from Sprint ready to Current Sprint on the WMDE-Fundraising-Tech board.
gabriel-wmde moved this task from Todo to Doing on the WMDE-FUN-Sprint-2023-07-24 board.Aug 1 2023, 3:00 PM
gabriel-wmde updated the task description. (Show Details)Aug 1 2023, 5:05 PM
gabriel-wmde subscribed.Aug 1 2023, 5:08 PM

Putting this in "Blocked Externally" for now, because we're waiting for the IPNs on the test system.
@kai.nissen Can you check if the test account ( paypal-test-merchant@wikimedia.de ) is configured to send IPNs to test-spenden-2.wikimedia.de (*not* test-spenden.wikimedia.de)? If everything is configured correctly and we don't receive IPNs we might need to contact support

gabriel-wmde moved this task from Doing to Blocked externally on the WMDE-FUN-Sprint-2023-07-24 board.Aug 1 2023, 5:08 PM
kai.nissen moved this task from Blocked externally to Doing on the WMDE-FUN-Sprint-2023-07-24 board.Aug 3 2023, 9:11 AM
gabriel-wmde added a project: WMDE-FUN-Sprint-2023-08-07.Aug 7 2023, 10:29 AM
AbbanWMDE moved this task from Todo to Doing on the WMDE-FUN-Sprint-2023-08-07 board.Aug 7 2023, 10:31 AM
CorinnaHillebrand_WMDE assigned this task to gabriel-wmde.Aug 7 2023, 10:41 AM
gabriel-wmde removed a project: WMDE-FUN-Sprint-2023-08-07.Aug 8 2023, 6:35 PM

We discovered that the IPNs for payment created by API requests don't contain donation IDs and tokens any more, which we need for dispatching to the use case. We'll have to refactor the payment bounded context first (see T343846: Adapt CreatePayment use case to allow storing external payment ID from payment provider and T343847: Create database migration to store url and external ID for paypal payments) before coming back to this ticket (which also needs to be reformulated)

gabriel-wmde updated the task description. (Show Details)Aug 9 2023, 11:08 AM
gabriel-wmde updated the task description. (Show Details)
gabriel-wmde updated the task description. (Show Details)Aug 9 2023, 11:23 AM
gabriel-wmde updated the task description. (Show Details)
gabriel-wmde updated the task description. (Show Details)Aug 9 2023, 11:30 AM
gabriel-wmde updated the task description. (Show Details)Aug 9 2023, 11:32 AM
gabriel-wmde updated the task description. (Show Details)Aug 11 2023, 2:59 PM
gabriel-wmde moved this task from Current Sprint to Sprint ready on the WMDE-Fundraising-Tech board.Aug 18 2023, 4:07 PM
gabriel-wmde added parent tasks: T344271: Refactor payment parameter passing, T341795: Change how access tokens are generated and stored.
gabriel-wmde updated the task description. (Show Details)Aug 18 2023, 4:09 PM
gabriel-wmde updated the task description. (Show Details)Aug 23 2023, 11:44 AM
gabriel-wmde added a comment.Aug 23 2023, 3:55 PM

PR https://github.com/wmde/fundraising-application/pull/2826

gabriel-wmde updated the task description. (Show Details)Aug 23 2023, 4:51 PM

Draft PR (with failing test case that has "real" data from an IPN): https://github.com/wmde/fundraising-application/pull/2826

gabriel-wmde removed gabriel-wmde as the assignee of this task.Aug 23 2023, 5:11 PM
kai.nissen closed subtask T343846: Adapt CreatePayment use case to allow storing external payment ID from payment provider as Resolved.Sep 20 2023, 7:48 AM
gabriel-wmde updated the task description. (Show Details)Oct 12 2023, 3:05 PM
gabriel-wmde updated the task description. (Show Details)Oct 16 2023, 5:17 PM
gabriel-wmde renamed this task from Integrate PPL 4 - Adapt the PayPal notification controller to handle the new types of transaction IDs to Adapt the PayPal notification controller to handle the new types of transaction IDs.Jan 12 2024, 5:32 PM
gabriel-wmde updated the task description. (Show Details)
gabriel-wmde removed a parent task: T340734: Integrate new payment URL generator in Fundraising App.Jan 12 2024, 5:34 PM
gabriel-wmde removed parent tasks: T341795: Change how access tokens are generated and stored, T344271: Refactor payment parameter passing.
gabriel-wmde mentioned this in T329159: Switch PayPal API for one-time and recurring donations.
gabriel-wmde updated the task description. (Show Details)Jan 12 2024, 6:26 PM
gabriel-wmde removed the point value for this task.
gabriel-wmde moved this task from Sprint ready to Ready for estimation on the WMDE-Fundraising-Tech board.Jan 15 2024, 9:27 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits