How to pass payment details to Google Wallet for digital goods API .net callback ashx

Question

The sample library referenced in the tutorial uses an ashx file to process the callback.

To validate the payment the sample code compares various items sent to Wallet with results returned from Wallet.

Using the sandbox my code executes as expected and verifies provided I do not do the detailed comparisons. I do not know how to pass the details to the ashx file so that the comparisons can be performed. The callback url is specified in the merchant profile, and in my case is named callback.ashx.

    <script type="text/javascript">
    google.load('payments', '1.0', {
        'packages': ['sandbox_config']

    });

    function purchase(callback) {
        google.payments.inapp.buy({
            "parameters": {},
            "jwt": "<%=theJWT() %>",
            "success": function (result) {
                if (isFunction(callback)) {
                    callback(true, result);
                }
            },
            "failure": function (result) {
                if (isFunction(callback)) {
                    callback(false, result);
                }
            }
        }
    )
    };

    function isFunction(possibleFunction) {
        return (typeof (possibleFunction) === typeof (Function));
    }

    /*** S A M P L E   O N L Y ****
    *******************************
    !You should verify server side!
    *******************************                
    */
    var sampleParseResult = function (isgood, data) {
        var _console = (typeof window.console === "undefined");
        if (isgood) {
            var _str = "Verify Order No. " + data.response.orderId;
            _str += "\nDetails:\n";
            _str += data.request.name + " " + data.request.description + "\n";
            _str += data.request.price + "\n";
            alert(_str);
            if (!_console) {
                console.log(data);
            }
        } else {
            alert("failed");
            if (!_console) {
                console.log(data);
            }
        }
    };
</script>

It all works as it stands but I would like to pass the object containing the request details to the ashx file. Is it possible?

Answer 1

if you're referring to this .Net lib, I actually wrote it a few years back :) I think I even recognize the above :)

Can you clarify your question? Just in case I misunderstood -

The lib should already do all the checking/verification (except the order number validation), you just need to store the order number and details during postback - if I'm not mistaken, the ashx sample has a stub for sending an email...likely commented out and marked for debug purposes only. You can just change that part to write to a sql table if you want.

• the data sent during this postback includes all the order details
• Google will only send the postback on success

If the buyer confirms the purchase and Google verifies that the buyer can indeed pay for the cake, Google sends an HTTP POST message

Then in the success callback above, which happens on the client side, you should verify that the order number exists - re: match the data returned by Google in the success callback with what you stored in db (previously/during postback). If it exists, then you've verified all the data...

If I misunderstood, just comment and I'll update the answer...hth....

BTW, the lib hasn't been updated to support subscriptions...just fyi...

Update

Here's the "stub" I was referring to in the handler (ashx):

//Sample
private void parsePayload(InAppItemObject ClaimObj, JWTHeaderObject HeaderObj)
{
    //header JWTHeaderObject
    string foo = string.Format("JWT Headers{0}JWT Algo: {1}{0}JWT kid: {2}{0}JWT typ: {3}{0}{0}", Environment.NewLine, HeaderObj.alg, HeaderObj.kid, HeaderObj.typ);

    //payload InAppItemObject
    string bar = string.Format("JWT Payload{0}JWT aud: {1}{0}JWT iss: {2}{0}JWT orderid: {3}{0}JWT sellerdata: {4}{0}JWT iat: {5}{0}" +
            "JWT itemName: {6}{0}JWT itemPrice: {7:c}{0}JWT Item Description: {8}{0}JWT exp: {9}{0}JWT typ: {10}{0}{0}", Environment.NewLine, ClaimObj.aud, ClaimObj.iss, ClaimObj.response.orderId, ClaimObj.request.sellerData, ClaimObj.iat,
            ClaimObj.request.name, ClaimObj.request.price, ClaimObj.request.description, ClaimObj.exp, ClaimObj.typ);

    debug(foo, bar);
}

You can change the above into standard db insert - in the above ClaimObj would have your order details. So something along the lines (sample):

using (SqlConnection conn = new SqlConnection(connStr))
{
 .....
 using (SqlCommand cmd = new SqlCommand(cmdText, conn))
 {
  .....
  cmd.Parameters.AddWithValue("@OrderNumber",ClaimObj.response.orderId);
  cmd.Parameters.AddWithValue("@ProductOrdered",ClaimObj.request.name);
  ....

The ashx file handles the Google postback (I realize that maybe I should have named that file postback_handler_demo.ashx) which you get before the client side success callback. This allows you to store the (already server-side verified) data, prior to any client side callback.

You can then query this data for existence of the orderId (or any other data for that matter) if/when your success handler is triggered in the callback.