search

spookylukey / django-paypal

A pluggable Django application for integrating PayPal Payments Standard or Payments Pro
MIT License
728 stars 207 forks source link

PDT payments intermittently broken? #239

Open djw opened 3 years ago

djw commented 3 years ago

In some recent requests on my site the query parameters passed to the return_url have changed, in a way that's incompatible with the current implementation of PayPalPDTForm.

Specifically, I'm now receiving:

  1. notify_version=UNVERSIONED which is incompatible with the decimal type of the underlying model field
  2. payment_date=2021-05-11T12:00:00Z which is incompatible with PayPalDateTimeField

Tweaking the form like this works fine locally with Django 3.1 — when I get a moment I'll create a proper patch with a test case.

class PayPalPDTForm(PayPalStandardBaseForm):
    payment_date = DateTimeField(required=False)

    class Meta:
        model = PayPalPDT
        exclude = [
            "ipaddress",
            "flag",
            "flag_code",
            "flag_info",
            "query",
            "response",
            "created_at",
            "updated",
            "form_view",
            "notify_version",
        ]

Edit: I originally thought this was related to v1.1 due to the timing of the issue, but even after I reverted I'm still seeing some requests arrive with the new parameters. Looking at the code I can't see how changing the postback endpoint would cause this issue anyway!

spookylukey commented 3 years ago

Based on what you've said, it looks like we're going to have to be compatible with all the different things they might be sending. If you can post examples of different things you are seeing that would really help. A patch that fixes the issues would also be a huge help. Thanks so much!

djw commented 3 years ago

I've been running this branch for the last week or so without any issues, but it's a bit hacky to push upstream:

https://github.com/spookylukey/django-paypal/compare/master...djw:return-query-changes

Given that payment_date is now arriving in ISO format in the query parameters, but still in PayPalDateTimeField format in the postback response, I think the options are:

  1. Extend PayPalDateTimeField to support ISO format (perhaps requiring a dependency on python-dateutil)
  2. Use separate form classes to handle query parameters and the postback response, and probably ignore all the new parameters, including the ISO format date.

I lean towards the second option, but would like your opinion before working on a patch. :)

spookylukey commented 3 years ago

Your second option sounds fine if you feel like working on a patch. Thanks!

djw commented 2 years ago

Apologies for the delay, I've created a new branch which implements the fix following Option 2 above:

https://github.com/spookylukey/django-paypal/compare/master...djw:issue-329

I'll test this out for a few days and then submit a PR.