ObjectOriented Software Engineering

1
Object-Oriented Software Engineering

• PayPal is an online payment system run by eBay.
• This system contains a developers area called the
  sandbox.
• This allows the developer to test their online
  payment handler without using real money.
• To use the sandbox, set up a developers account
  and at least two test accounts by going to
• http//developer.paypal.com

2
(No Transcript)
3
(No Transcript)
4
(No Transcript)
5
(No Transcript)
6
(No Transcript)
7
(No Transcript)
8
(No Transcript)
9
(No Transcript)
10
(No Transcript)
11
(No Transcript)
12
(No Transcript)
13
(No Transcript)
14
(No Transcript)
15
(No Transcript)
16
(No Transcript)
17
PayPal Shopping Basket

• Part of the PayPal system for developers is the
  shopping basket.
• This permits the developer to include all buyable
  items in a consistent way into a shopping basket
  system.
• This system can then be included in the sellers
  website.
• This means that theyd be no need to create your
  own web-enabled shopping basket application so
  why are?

18
(No Transcript)
19
PayPal Shopping Basket

• The PayPal shopping basket is good for people who
  have no knowledge or desire to code their own
  system.
• However, the code for each item must be included
  on the items page (essentially, this is a form
  containing information for the product price,
  code etc.).
• If you wish to change anything about the product
  then you need to change the form.
• You could do this by logging into PayPal and
  recreating the form (takes time) or you could
  hold the information in a database and create the
  item pages dynamically.
• There is no easy separation of logic using this
  system.
• What we really want is to keep all of the
  shopping logic (the business logic) within our
  application and then deal with the online payment
  separately using PayPal.

20
Instant Payment Notifications

• PayPal includes a system for instant payments (in
  effect its the payment system for their shopping
  basket system).
• Instead of many product forms interacting with a
  shopping basket, there is only one.
• This form usually sends the information for the
  one bought product to PayPal (see following
  slides).
• However, we can use it to send our checkout
  information instead.

21
(No Transcript)
22
(No Transcript)
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
Setting up the Checkout Form

• There are two steps required to use IPNs.
• The first step is to set up the form that will
  contain our checkout information.
• Then we have to code the IPN handler (a JSP page)
  to deal with the response from PayPal.

28
The Checkout Form
ltform name"_xclick" action"https//www.paypal.co
m/cgi-bin/webscr" method"post"gtltinput
type"hidden" name"cmd" value"_xclick"gtltinput
type"hidden" name"business" value"me_at_mybusiness
.com"gtltinput type"hidden" name"currency_code"
value"USD"gtltinput type"hidden"
name"item_name" value"Teddy Bear"gtltinput
type"hidden" name"amount" value"12.99"gtltinput
type"image" src"http//www.paypal.com/en_US/i/bt
n/x-click-but01.gif" border"0" name"submit"
alt"Make payments with PayPal - it's fast, free
and secure!"gtlt/formgt

• To change this form for your website, you only
  need to change two bits, the item name and value
  (you could also change the graphic for the
  button).
• We are using a database of products so the
  information for this item should be generated
  dynamically

29
The Checkout Form
lt String itemName Arachidamia
Order String itemValue 84.99 gt ltform
name"_xclick" action"https//www.paypal.com/cgi-
bin/webscr" method"post"gtltinput type"hidden"
name"cmd" value"_xclick"gtltinput type"hidden"
name"business" valuesales_at_arachidamia.com"gtltin
put type"hidden" name"currency_code"
value"USD"gtltinput type"hidden"
name"item_name" valueltitemNamegt"gtltinput
type"hidden" name"amount" valueltitemValuegt"
gtltinput type"image" src"http//www.paypal.com/e
n_US/i/btn/x-click-but01.gif" border"0"
name"submit" alt"Make payments with PayPal -
it's fast, free and secure!"gtlt/formgt
30
The IPN Handler
lt_at_ page import"java.util." gt lt_at_ page
import"java.net." gt lt_at_ page
import"java.io." gt lt // read post from
PayPal system and add 'cmd' Enumeration en
request.getParameterNames() String str
"cmd_notify-validate" while(en.hasMoreElements()
) String paramName (String)en.nextElement() St
ring paramValue request.getParameter(paramName)
str str "" paramName ""
URLEncoder.encode(paramValue)
31
The IPN Handler
// post back to PayPal system to validate //
NOTE change http to https in the following URL
to verify using SSL (for increased security). //
using HTTPS requires either Java 1.4 or greater,
or Java Secure Socket Extension (JSSE) // and
configured for older versions. URL u new
URL("http//www.paypal.com/cgi-bin/webscr") URLCo
nnection uc u.openConnection() uc.setDoOutput(t
rue) uc.setRequestProperty("Content-Type","applic
ation/x-www-form-urlencoded") PrintWriter pw
new PrintWriter(uc.getOutputStream()) pw.println(
str) pw.close()
32
The IPN Handler
BufferedReader in new BufferedReader( new
InputStreamReader(uc.getInputStream())) String
res in.readLine() in.close() // assign
posted variables to local variables String
itemName request.getParameter("item_name") Stri
ng itemNumber request.getParameter("item_number"
) String paymentStatus request.getParameter("pa
yment_status") String paymentAmount
request.getParameter("mc_gross") String
paymentCurrency request.getParameter("mc_currenc
y") String txnId request.getParameter("txn_id")
String receiverEmail request.getParameter("rec
eiver_email") String payerEmail
request.getParameter("payer_email")
33
The IPN Handler
check notification validation if(res.equals("VERIF
IED")) // check that paymentStatusCompleted //
check that txnId has not been previously
processed // check that receiverEmail is your
Primary PayPal email // check that
paymentAmount/paymentCurrency are correct //
process payment else if(res.equals("INVALID"))
// log for investigation else // error gt