PayPal定期付款滥用
[英]PayPal recurring payments misuse
问题描述
I have used PayPal REST api to implement subscriptions(recurring payment) in my website. 
我已使用PayPal REST api在我的网站中实现订阅(定期付款)。 I have to set one notify url to be notified of the payment made(eg monthly plan) by subscriptions plan through PayPal. 我必须设置一个通知网址,以通过PayPal通知订阅计划的付款(例如月度计划)。 PayPal call it as Instant Payment Notification. 贝宝称其为即时付款通知。
My question is, can developer misuse that call to simulate call from PayPal? 我的问题是,开发人员可以滥用该呼叫来模拟来自PayPal的呼叫吗? Because developer is aware of the notify url and parameters being passed to that method. 因为开发人员知道通知URL和传递给该方法的参数。 Developer just needs to know the recurring_payment_id. 开发人员只需要知道recurring_payment_id。
If it can be misused then what are the steps should I follow to prevent it. 如果可以滥用它,那么我应该采取哪些步骤来防止它。 Please guide me. 请指导我。
1 个解决方案
解决方案1
1 2015-07-29 18:40:45
Instant Payment Notifications does not work with Rest API, however, Rest API does have its own notifications that are sent back. 即时付款通知不适用于Rest API,但是,Rest API确实有自己的通知,这些通知会发回。
In order to use the Notifications for Rest API a developer is required to create Webhooks. 为了使用Notifications for Rest API,开发人员需要创建Webhooks。
WebHooks and Notifications with PayPal Rest API 使用PayPal Rest API的WebHooks和通知
With the billing agreement Profile ID a developer can cancel an agreement, or suspend an agreement. 使用计费协议的配置文件ID,开发人员可以取消协议或中止协议。 A developer cannot obtain credit card data from PayPal. 开发人员无法从PayPal获得信用卡数据。
Here is some of the information from the PayPal Developer site about recurring payments and billing agreement creation: 以下是PayPal开发者网站上有关定期付款和创建结算协议的一些信息:
Even if someone were able to get a response back from the server it would simply be the status of the billing agreement. 即使有人能够从服务器获得响应,也只是计费协议的状态。 No account holder information is returned. 没有返回帐户持有人信息。
This is a sample response from the PayPal Developer Site: Retrieve an Agreement Rest API 这是来自PayPal开发人员网站的示例响应: 检索协议剩余API
{
"id": "I-0LN988D3JACS",
"state": "Pending",
"description": "New Description",
"plan": {
"payment_definitions": [
{
"type": "REGULAR",
"frequency": "Month",
"amount": {
"currency": "USD",
"value": "100.00"
},
"charge_models": [
{
"type": "TAX",
"amount": {
"currency": "USD",
"value": "12.00"
}
},
{
"type": "SHIPPING",
"amount": {
"currency": "USD",
"value": "10.00"
}
}
],
"cycles": "12",
"frequency_interval": "2"
}
],
"merchant_preferences": {
"setup_fee": {
"currency": "USD",
"value": "0.00"
},
"max_fail_attempts": "0",
"auto_bill_amount": "YES"
}
},
"links": [
{
"href": "https://api.sandbox.paypal.com/v1/payments/billing-agreements /I-0LN988D3JACS/suspend",
"rel": "suspend",
"method": "POST"
},
{
"href": "https://api.sandbox.paypal.com/v1/payments/billing-agreements/I-0LN988D3JACS/re-activate",
"rel": "re_activate",
"method": "POST"
},
{
"href": "https://api.sandbox.paypal.com/v1/payments/billing-agreements/I-0LN988D3JACS/cancel",
"rel": "cancel",
"method": "POST"
},
{
"href": "https://api.sandbox.paypal.com/v1/payments/billing-agreements/I-0LN988D3JACS/bill-balance",
"rel": "self",
"method": "POST"
},
{
"href": "https://api.sandbox.paypal.com/v1/payments/billing-agreements/I-0LN988D3JACS/set-balance",
"rel": "self",
"method": "POST"
}
],
"start_date": "2015-02-19T08:00:00Z",
"agreement_details": {
"outstanding_balance": {
"currency": "USD",
"value": "0.00"
},
"cycles_remaining": "12",
"cycles_completed": "0",
"final_payment_date": "2016-12-19T10:00:00Z",
"failed_payment_count": "0"
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.